Connecting to exchange with POP3 SSL

This is the place for queries that don't fit in any of the other categories.

Connecting to exchange with POP3 SSL

Postby dukebd711 » Tue May 14, 2013 4:57 pm

I have python scripts that connects to an exchange server to retrieve/delete emails. The script worked fine connecting without SSL to exchange 2003. The server has been upgraded to 2010 and clients must use SSL. When I run the script below with the server name I get the following SSL Exception:
(-1, 'SSL handshake exception').
I can pass a certfile in but I'm not sure how to get/save the certfile. Can I save it anywhere and then pass the full path in for the cert variable? Do I need a keyfile also?
Any help would be appreciated.

Code: Select all
from poplib import POP3_SSL

#pull variables from qftest
host = rc.lookup("host")
port = rc.lookup("port")
user = rc.lookup("username")
pwd = rc.lookup("password")
cert = rc.lookup("cert")

try:
    if port:
        if cert:
            print "connecting with port and cert specified"
            pop = POP3_SSL(host, int(port),certfile=cert)
        else:
            print "connecting with port specified"
            pop = POP3_SSL(host, int(port))
    else:
        if cert:
            print "connecting with cert specified"
            pop = POP3_SSL(host,certfile=cert)
        else:
            print "connecting with defaults"
            pop = POP3_SSL(host)
    print 'connected'
    rc.logMessage("Connected to server\nWelcome: %s" % pop.getwelcome())
except Exception, ex:
    print "Could not connect to pop3 server %s:%s\nError: %s" % (host, port, ex)
    rc.logError("Could not connect to pop3 server %s:%s\nError: %s" % (host, port, ex))
    raise ReturnException()

ok = false
try:
    try:
        pop.user(user)
        pop.pass_(pwd)
        rc.logMessage("Logged in to server")
    except Exception, ex:
        rc.logError("Could not log in to pop3 server as %s\nError: %s" % (user, ex))
        raise ReturnException()

    try:
        count, size = pop.stat()
        rc.logMessage("Mailbox contains %d message(s)" % count)
        if count > 0:
            for i in range(count):
                pop.dele(i + 1)
                rc.logMessage("Message %d deleted" % (i + 1))
        pop.quit()
        rc.logMessage("Session terminated cleanly")
        ok = true
    except Exception, ex:
        rc.logError("Error while interacting with pop3 server: %s" % ex)
        raise ReturnException()
finally:
    if not ok:
        try:
            pop.quit()
        except:
            pass
dukebd711
 
Posts: 4
Joined: Tue May 14, 2013 4:05 pm

Re: Connecting to exchange with POP3 SSL

Postby dukebd711 » Mon May 20, 2013 3:42 pm

Has anybody used POP3_SSL and passed in certfile or keyfile arguments? I have not found much documentation or examples on using POP3_SSL with certs and keyfiles.
dukebd711
 
Posts: 4
Joined: Tue May 14, 2013 4:05 pm

Re: Connecting to exchange with POP3 SSL

Postby dukebd711 » Mon May 20, 2013 9:54 pm

I'm chipping away at the issue or at least I think I am... If I use python, I have no issue connecting to the exchange server

> python
Python 2.4.3 (#1, May 1 2012, 13:55:48)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-52)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import poplib
>>> p = poplib.POP3_SSL(server_name)
>>> p.getwelcome()
'+OK The Microsoft Exchange POP3 service is ready.'


However, if I use jython I get the SSL handshake exception:

> ./jython
*sys-package-mgr*: processing new jar, '/dg/local/cots/jython.2.5.1/jython.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/resources.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/rt.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/jsse.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/jce.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/charsets.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/ext/localedata.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/ext/dnsns.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/ext/sunjce_provider.jar'
*sys-package-mgr*: processing new jar, '/dg/local/cots/jdk1.6.0_43_x64/jre/lib/ext/sunpkcs11.jar'
Jython 2.5.1 (Release_2_5_1:6813, Sep 26 2009, 13:47:54)
[Java HotSpot(TM) 64-Bit Server VM (Sun Microsystems Inc.)] on java1.6.0_43
Type "help", "copyright", "credits" or "license" for more information.
>>> import poplib
>>> p = poplib.POP3_SSL(server_name)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/dg/local/cots/jython.2.5.1/Lib/poplib.py", line 359, in __init__
self.sslobj = socket.ssl(self.sock, self.keyfile, self.certfile)
File "/dg/local/cots/jython.2.5.1/Lib/socket.py", line 1479, in ssl
return _realssl(sock, keyfile, certfile)
File "/dg/local/cots/jython.2.5.1/Lib/socket.py", line 1428, in __init__
raise _map_exception(jlx)
socket.sslerror: (-1, 'SSL handshake exception')




I can also connect fine if I use openssl in the terminal

>openssl s_client -connect server_name:995
...
Verify return code: 0 (ok)
---
+OK The Microsoft Exchange POP3 service is ready.


The issue lies with jython or how I am using jython in this case. I would use python if I could but I'm running all of this through QFTest which uses jython.
dukebd711
 
Posts: 4
Joined: Tue May 14, 2013 4:05 pm

Re: Connecting to exchange with POP3 SSL

Postby dukebd711 » Mon May 20, 2013 10:10 pm

I found this article http://tech.pedersen-live.com/2010/10/trusting-all-certificates-in-jython/ which explains my problem. By default java checks the validity of certificates while python doesn't.
dukebd711
 
Posts: 4
Joined: Tue May 14, 2013 4:05 pm


Return to General Coding Help

Who is online

Users browsing this forum: No registered users and 3 guests