Toutu, Ok, the required fixes (including relaxing the "usage check") are in SVN for both HEAD (to become 2.6) and in the 2.4 branch.
Thanks, Sebastien On Thu, 2009-08-20 at 12:03 -0400, Sebastien Pouliot wrote: > On Wed, 2009-08-19 at 14:56 -0700, toutu wrote: > > Thank you for your attention. > > I revised different thread. My source code is very short. > > I am using smtpclient class and it seems to have a behavior very different > > from WebRequest class. > > If I run certmgr -ssl smtps://smtp.gmail.com:587 certmgr crashes too. > > No, I meant that your *code* (not certmgr) should be using port 587. You > already have installed the certificate (from port 465). > > I did a quick test[1] and it looks like google has a new certificate > (6/8/2009) which encoded usage does not include SSL. I'll investigate > this... > > Sadly the current shipping[2] code for StmpClient does not honor > ServicePointManager.ServerCertificateValidationCallback[3] so you cannot > easily work around this certificate problem. > > Sebastien > > [1] I attached the code I'm using to test gmail > [2] fixed in r140347 > [3] nor ICertificatePolicy but this one is normal, since it was limited > to WebRequest > > > > > Thanks. > > Regards. > > > > > > Sebastien Pouliot-2 wrote: > > > > > > On Wed, 2009-08-19 at 22:15 +0200, Petit Eric wrote: > > >> workaround : > > >> line 102 and 197 > > >> http://monoosc.svn.sourceforge.net/viewvc/monoosc/MonoOSC/MonoOBSFramework/Class/VarGlobal.cs?revision=273&view=markup > > > > > > Eric, like I already told you (October 7, 2008) this is NOT the right > > > way to do this and leaves your code vulnerable to many, well known, > > > attacks. *You* might want to continue using this (I can't force you to > > > do it correctly) but please don't publicize this as a workaround. Keep > > > in mind that what _may_ work for a quick-hack can be potentially > > > disastrous for others. > > > > > > > > > Toutu, have a look at http://go-mono.com/forums/#nabble-td19851624 > > > thread. In particular the parts about using SMTP port 587 for > > > submission. If that does not work please open a bug report and include > > > (part of) the code you're using. > > > > > > Sebastien > > > > > >> 2009/8/19 toutu <[email protected]>: > > >> > > > >> > Hi everybody, > > >> > > > >> > > > >> > I built a very simple desktop program (no asp), to send email using > > >> gmail > > >> > smtp. > > >> > I am using smtpclient with enablessl and port 587 > > >> > It works perfectly under windows but raise exception under linux. > > >> > After reading comments in this forum I tried : > > >> > mozroots --import --ask-remove --machine > > >> > certmgr -ssl -m smtps://smtp.gmail.com:465 > > >> > then > > >> > mozroots --import --ask-remove > > >> > certmgr -ssl smtps://smtp.gmail.com:465 > > >> > > > >> > Note that certmgr warned me that the certicate of CA store had an > > >> invalidate > > >> > signature. I confirmed the integration of the certificate. > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > he authentication or decryption has failed. > > >> > System.IO.IOException: The authentication or decryption has failed. > > >> ---> > > >> > System.InvalidOperationException: SSL authentication error: > > >> > RemoteCertificateChainErrors > > >> > at System.Net.Mail.SmtpClient.<SmtpClient>m__3 (System.Object sender, > > >> > System.Security.Cryptography.X509Certificates.X509Certificate > > >> certificate, > > >> > System.Security.Cryptography.X509Certificates.X509Chain chain, > > >> > SslPolicyErrors sslPolicyErrors) [0x00000] > > >> > at > > >> > > > >> System.Net.Security.SslStream+<BeginAuthenticateAsClient>c__AnonStorey12.<>m__9 > > >> > (System.Security.Cryptography.X509Certificates.X509Certificate cert, > > >> > System.Int32[] certErrors) [0x00000] > > >> > at > > >> > > > >> Mono.Security.Protocol.Tls.SslClientStream.OnRemoteCertificateValidation > > >> > (System.Security.Cryptography.X509Certificates.X509Certificate > > >> certificate, > > >> > System.Int32[] errors) [0x00000] > > >> > at > > >> > > > >> Mono.Security.Protocol.Tls.SslStreamBase.RaiseRemoteCertificateValidation > > >> > (System.Security.Cryptography.X509Certificates.X509Certificate > > >> certificate, > > >> > System.Int32[] errors) [0x00000] > > >> > at > > >> > > > >> Mono.Security.Protocol.Tls.SslClientStream.RaiseServerCertificateValidation > > >> > (System.Security.Cryptography.X509Certificates.X509Certificate > > >> certificate, > > >> > System.Int32[] certificateErrors) [0x00000] > > >> > at > > >> > > > >> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates > > >> > (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] > > >> > at > > >> > > > >> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 > > >> > () [0x00000] > > >> > at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () > > >> > [0x00000] > > >> > at (wrapper remoting-invoke-with-check) > > >> > Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process () > > >> > at > > >> Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage > > >> > (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] > > >> > at > > >> Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback > > >> > (IAsyncResult asyncResult) [0x00000] > > >> > --- End of inner exception stack trace --- > > >> > at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback > > >> > (IAsyncResult asyncResult) [0x00000] > > >> > > > >> > > > >> > Help appreciated. > > >> > Regards. > > >> > -- > > >> > View this message in context: > > >> http://www.nabble.com/Sending-mail-with-smtp.gmail.com-tp25051030p25051030.html > > >> > Sent from the Mono - General mailing list archive at Nabble.com. > > >> > > > >> > _______________________________________________ > > >> > Mono-list maillist - [email protected] > > >> > http://lists.ximian.com/mailman/listinfo/mono-list > > >> > > > >> > > >> > > >> > > > > > > _______________________________________________ > > > Mono-list maillist - [email protected] > > > http://lists.ximian.com/mailman/listinfo/mono-list > > > > > > > > > _______________________________________________ > Mono-list maillist - [email protected] > http://lists.ximian.com/mailman/listinfo/mono-list _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
