Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
idSMTP SASL fails under Android..?
#1
Question 
This post is a copy of the one I just posted on the Embarcadero forum.
Just want to see how it works here.

----
I am stumped by this.

I have my Windows client using IdSMTP to connect to my Linux EXIM4 server.
This always works perfectly.

I copied the entire unit over to my new Android App, that is, I copied the .pas file, and I made a new FMX Form for it on which I copied the exact same selection of SMTP, SSL and SASL etc. components.
I have set these up on the Form in exactly the same way.
Added the same 3 SASL Mechanisms in the IdSMTP and in the same order.
As far as I can see it is all exactly the same.

{code}
   SMTP: TIdSMTP;
    IdSSLIOHandlerSocketOpenSSL1: TIdSSLIOHandlerSocketOpenSSL;
    IdUserPassProvider1: TIdUserPassProvider;
    IdSASLPlain1: TIdSASLPlain;
    IdSASLSKey1: TIdSASLSKey;
    IdSASLCRAMMD51: TIdSASLCRAMMD5;
    IdSASLCRAMSHA11: TIdSASLCRAMSHA1;
    IdSASLLogin1: TIdSASLLogin;

  procedure:
 (Note this works perfectly under Windows)
            if UsePLAINSASL then
            begin
              if Superuser then LocalLog('UsePLAINSASL: Logging in with Username='+AUsername);
              SMTP.Username := AUsername;
              SMTP.Password := APassword;
              IdUserPassProvider1.Username := AUsername;
              IdUserPassProvider1.Password := APassword;
              IdSASLPlain1.LoginAs := AUsername;

              SMTP.AuthType := satSASL;
              SMTP.UseEhlo := true;

              IdSSLIOHandlerSocketOpenSSL1.Port := APort;
              IdSSLIOHandlerSocketOpenSSL1.Host := AHost;
              IdSSLIOHandlerSocketOpenSSL1.ReadTimeout := 10000;

              IdSSLIOHandlerSocketOpenSSL1.SSLOptions.Mode := sslmClient;
              IdSSLIOHandlerSocketOpenSSL1.SSLOptions.Method := sslvTLSv1;
              IdSSLIOHandlerSocketOpenSSL1.SSLOptions.SSLVersions := [sslvTLSv1];

              SMTP.UseTLS := utUseExplicitTLS; // utNoTLSSupport; //
              SMTP.ValidateAuthLoginCapability := true;
            end else
{code}

But the Android system fails with a: "Doesn't support AUTH or the specified SASL handlers!!"

I use the Android-type OpenSSL libraries, which are loaded correctly (and which are also used by the an IdTCPClient when connecting to an IdTCPServer)

When I look at the debug output of the EXIM Server, it seems to me that the SASL authentication HAS in fact finished, because the Server is already in TLS mode and is waiting for its first TLS packet. Which it never gets.

The Server shows this:
{code}
17925 Listening...
17925 Connection request from 62.140.132.204 port 18027

17927 SMTP>> 220 apollo.bart.gen.nz ESMTP Exim 4.80 Wed, 18 Apr 2018 13:24:42 +0200
17927 Process 17927 is ready for new message
17927 smtp_setup_msg entered
17927 SMTP<< EHLO localhost
17927 localhost in helo_lookup_domains? no (end of list)
17927 sender_fullhost = (localhost) [62.140.132.204]
17927 sender_rcvhost = [62.140.132.204] (helo=localhost)
17927 set_process_info: 17927 handling incoming connection from (localhost) [62.140.132.204]
17927 host in pipelining_advertise_hosts? yes (matched "*")
17927 host in auth_advertise_hosts? yes (matched "*")
17927 host in tls_advertise_hosts? yes (matched "*")
17927 SMTP>> 250-apollo.bart.gen.nz Hello localhost [62.140.132.204]
17927 250-SIZE 52428800
17927 250-8BITMIME
17927 250-PIPELINING
17927 250-AUTH PLAIN
17927 250-STARTTLS
17927 250 HELP
17927 SMTP<< STARTTLS                  <<<<<<<<<<<<<<<<<
17927 initialising GnuTLS as a server
17927 GnuTLS global init required.
17927 initialising GnuTLS server session
17927 Expanding various TLS configuration options for session credentials.
17927 certificate file = /etc/exim4/exim.crt
17927 key file = /etc/exim4/exim.key
17927 TLS: cert/key registered
17927 verify certificates = /etc/ssl/certs/ca-certificates.crt size=272519
17927 Added 172 certificate authorities.
17927 Initialising GnuTLS server params.
17927 Loading default hard-coded DH params
17927 Loaded fixed standard D-H parameters
17927 GnuTLS using default session cipher/priority "NORMAL"
17927 host in tls_verify_hosts? no (option unset)
17927 host in tls_try_verify_hosts? no (option unset)
17927 TLS: a client certificate will not be requested.   <<<<<<<<<<<<<<<<<<<<<
17927 SMTP>> 220 TLS go ahead                            <<<<<<<<<<<<<<<<<<<<<
17927 Received TLS SNI "sartrack.nl" (unused for certificate selection)
17927 gnutls_handshake was successful                   <<<<<<<<<<<<<<<<<<<<
17927 TLS: no certificate from peer ((nil) & 0)
17927 cipher: TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256
17927 Have channel bindings cached for possible auth usage.
17927 sender_fullhost = [62.140.132.204]
17927 sender_rcvhost = [62.140.132.204]
17927 set_process_info: 17927 handling incoming TLS connection from [62.140.132.204]
17927 TLS active                              <<<<<<<<<<<<<<<<<<<<<<<<<
17927 Calling gnutls_record_recv(0x7f323331eae0, 0x7f32336060a0, 4096)  <<<<<<<<<<<<<<< Its waiting here.

17927 SMTP<< EHLO localhost           <<<<<<<<<<<<<<<<<<<<<< It seems the Client is trying again???
17927 localhost in helo_lookup_domains? no (end of list)
17927 sender_fullhost = (localhost) [62.140.132.204]
17927 sender_rcvhost = [62.140.132.204] (helo=localhost)
17927 set_process_info: 17927 handling TLS incoming connection from (localhost) [62.140.132.204]
17927 host in pipelining_advertise_hosts? yes (matched "*")
17927 host in auth_advertise_hosts? yes (matched "*")
17927 tls_do_write(0x7f32333012b8, 132)
17927 gnutls_record_send(SSL, 0x7f32333012b8, 132)
17927 outbytes=132
17927 SMTP>> 250-apollo.bart.gen.nz Hello localhost [62.140.132.204]
17927 250-SIZE 52428800
17927 250-8BITMIME
17927 250-PIPELINING
17927 250-AUTH PLAIN
17927 250 HELP
17927 Calling gnutls_record_recv(0x7f323331eae0, 0x7f32336060a0, 4096)      <<<<<<<<<<<< Waiting again. It stops here.

{code}
 

---
Bart Kindt
CEO & Developer
SARTrack Limited New Zealand
http://www.sartrack.nz
---
Bart Kindt
CEO and Developer
SARTrack Limited
New Zealand
www.sartrack.nz
Reply


Messages In This Thread
idSMTP SASL fails under Android..? - by BartKindt - 04-18-2018, 02:44 PM

Forum Jump:


Users browsing this thread: 2 Guest(s)