On Wed, 2009-08-19 at 22:54 +0200, Petit Eric wrote: > sorry i forget that, i keep it because MonoOSC is a client to only one > url api.opensuse.org
Like I said you can keep it (still can't force you ;-) but it IS, even if used with a single host, vulnerable to attacks (e.g. a man in the middle attack). Now I'll shamelessly reuse this thread to plug Gendarme (instead of MonoOSC ;-) since it can detect such bad/hackish/should-be-temporary ICertificatePolicy implementation. http://www.mono-project.com/Gendarme.Rules.Security#DoNotShortCircuitCertificateCheckRule Have fun (on the client, on the server or in the middle ;-) Sebastien > 2009/8/19 Sebastien Pouliot <[email protected]>: > > On Wed, 2009-08-19 at 22:15 +0200, Petit Eric wrote: > >> workaround : > >> line 102 and 197 > >> http://monoosc.svn.sourceforge.net/viewvc/monoosc/MonoOSC/MonoOBSFramework/Class/VarGlobal.cs?revision=273&view=markup > > > > Eric, like I already told you (October 7, 2008) this is NOT the right > > way to do this and leaves your code vulnerable to many, well known, > > attacks. *You* might want to continue using this (I can't force you to > > do it correctly) but please don't publicize this as a workaround. Keep > > in mind that what _may_ work for a quick-hack can be potentially > > disastrous for others. > > > > > > Toutu, have a look at http://go-mono.com/forums/#nabble-td19851624 > > thread. In particular the parts about using SMTP port 587 for > > submission. If that does not work please open a bug report and include > > (part of) the code you're using. > > > > Sebastien > > > >> 2009/8/19 toutu <[email protected]>: > >> > > >> > Hi everybody, > >> > > >> > > >> > I built a very simple desktop program (no asp), to send email using gmail > >> > smtp. > >> > I am using smtpclient with enablessl and port 587 > >> > It works perfectly under windows but raise exception under linux. > >> > After reading comments in this forum I tried : > >> > mozroots --import --ask-remove --machine > >> > certmgr -ssl -m smtps://smtp.gmail.com:465 > >> > then > >> > mozroots --import --ask-remove > >> > certmgr -ssl smtps://smtp.gmail.com:465 > >> > > >> > Note that certmgr warned me that the certicate of CA store had an > >> > invalidate > >> > signature. I confirmed the integration of the certificate. > >> > > >> > > >> > > >> > > >> > > >> > he authentication or decryption has failed. > >> > System.IO.IOException: The authentication or decryption has failed. ---> > >> > System.InvalidOperationException: SSL authentication error: > >> > RemoteCertificateChainErrors > >> > at System.Net.Mail.SmtpClient.<SmtpClient>m__3 (System.Object sender, > >> > System.Security.Cryptography.X509Certificates.X509Certificate > >> > certificate, > >> > System.Security.Cryptography.X509Certificates.X509Chain chain, > >> > SslPolicyErrors sslPolicyErrors) [0x00000] > >> > at > >> > System.Net.Security.SslStream+<BeginAuthenticateAsClient>c__AnonStorey12.<>m__9 > >> > (System.Security.Cryptography.X509Certificates.X509Certificate cert, > >> > System.Int32[] certErrors) [0x00000] > >> > at > >> > Mono.Security.Protocol.Tls.SslClientStream.OnRemoteCertificateValidation > >> > (System.Security.Cryptography.X509Certificates.X509Certificate > >> > certificate, > >> > System.Int32[] errors) [0x00000] > >> > at > >> > Mono.Security.Protocol.Tls.SslStreamBase.RaiseRemoteCertificateValidation > >> > (System.Security.Cryptography.X509Certificates.X509Certificate > >> > certificate, > >> > System.Int32[] errors) [0x00000] > >> > at > >> > Mono.Security.Protocol.Tls.SslClientStream.RaiseServerCertificateValidation > >> > (System.Security.Cryptography.X509Certificates.X509Certificate > >> > certificate, > >> > System.Int32[] certificateErrors) [0x00000] > >> > at > >> > Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates > >> > (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] > >> > at > >> > Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 > >> > () [0x00000] > >> > at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () > >> > [0x00000] > >> > at (wrapper remoting-invoke-with-check) > >> > Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process () > >> > at > >> > Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage > >> > (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] > >> > at > >> > Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback > >> > (IAsyncResult asyncResult) [0x00000] > >> > --- End of inner exception stack trace --- > >> > at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback > >> > (IAsyncResult asyncResult) [0x00000] > >> > > >> > > >> > Help appreciated. > >> > Regards. > >> > -- > >> > View this message in context: > >> > http://www.nabble.com/Sending-mail-with-smtp.gmail.com-tp25051030p25051030.html > >> > Sent from the Mono - General mailing list archive at Nabble.com. > >> > > >> > _______________________________________________ > >> > Mono-list maillist - [email protected] > >> > http://lists.ximian.com/mailman/listinfo/mono-list > >> > > >> > >> > >> > > > > > > > _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
