login about faq

I have a very odd issue associated with TLS and CkMailman. Following the ancient maxim of "if it ain't broke, don't fix it", we have been using Chilkat VC++ libs v8.4 since 2008 without incident. Recently it's been brought to my attention that a piece of our logic is failing -- in this case, apparently only on Win 8 systems.

During the course of our user workflow, we will transmit an SMTP stream using TLS on port 2525 thusly:

CKMailMan mailman;
mailman.put_SmtpHost(host->h_name);
mailman.put_SmtpPort(2525);
mailman.put_StartTLS(true);

CkEmail email;
email.SetFromMimeText(smtpbuffer);

bool bSendResult = mailman.SendEmail(email);
if (!bSendResult){
mailman.SaveLastError("errors.xml");
} else {
mailman.SaveLastError("xmitlog.xml");
}

The nominal response to this (using pre-Win8) is:

<SMTP_Connect>
<info>Connecting to SMTP server xxxxxxxxxxx.xx.com:2525</info>
<smtp_host>xxxxxxxxxxx.xx.com</smtp_host>
<smtp_port>2525</smtp_port>
<smtp_user>NULL</smtp_user>
<trying-auth-method>NONE</trying-auth-method>
<InitialResponse><![CDATA[220 xxxxxxx.xxx.xxxxxxxx.com ESMTP
]]></InitialResponse>
<info>Sending STARTTLS...</info>
<info>Hostname is empty in VerifyServerCertificate</info>
<info>SSL Server Certificate not verified.</info>
<ConnectionInfo>
<protocol>TLS1</protocol>
<cipher>26126</cipher>
<cipherStrength>128</cipherStrength>
<hash>SHA</hash>
<hashStrength>160</hashStrength>
<keyExchange>RSA</keyExchange>
<keyExchangeStrength>1024</keyExchangeStrength>
</ConnectionInfo>
<info>Secure Channel Established.</info>
<info>TLS connection established.</info>
<sendingHello><![CDATA[EHLO xxxxxxxxxx.xxxxxxxx.com
]]></sendingHello>
<helloResponse><![CDATA[250-xxxxxxx.xxx.xxxxxxxx.com
250-PIPELINING
250-SIZE 30720000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250 8BITMIME
]]></helloResponse>
<smtpAuthMethod>NONE</smtpAuthMethod>
<login_method>NONE or already authenticated</login_method>
<info>CONNECTED to ESMTP server xxxxxxxxxxx.xx.com:2525</info>
</SMTP_Connect>

However, the exact same code executed under Win 8 produces:

 <SMTP_Connect>
 <info>Connecting to SMTP server xxxxxxxxxxx.xx.com:2525</info>
 <smtp_host>xxxxxxxxxxx.xx.com</smtp_host>
 <smtp_port>2525</smtp_port>
 <smtp_user>NULL</smtp_user>
 <trying-auth-method>NONE</trying-auth-method>
 <InitialResponse><![CDATA[220 mxxxxxx.xxx.xxxxxxxx.com ESMTP
 ]]></InitialResponse>
 <info>Sending STARTTLS...</info>
 <error>Invalid token.</error>
 <scRet>80090308</scRet>
 <error>Aborting because of fatal error</error>
 <error>Error performing handshake.</error>
 <error>Failed to establish TLS connection.</error>
 </SMTP_Connect>
 <error>Failed to connect to SMTP server.</error>

Any ideas as to why using the same binary the request succeeds when issued from Win7 and fails from Win8? I have verified that "Prebuilt on Win7/executed on Win8" vs "Compiled and built on Win8" behave the same (fail). I've also confirmed that the problem goes away if the code is rebuilt against the 9.5 version of C++ libs -- I'm just puzzled as to why there is a Win7/Win8 difference.

asked May 09 '14 at 18:43

jstevenco's gravatar image

jstevenco
1112

edited May 09 '14 at 18:51


The "Invalid token." error message is an indicator that your older version of Chilkat was still using Microsoft's SChannel Platform SDK functions for the SSL/TLS implementation. When Chilkat expanded to non-Windows platforms, it switched to its own proprietary SSL/TLS implementation (which by the way is not based on OpenSSL).

link

answered May 12 '14 at 12:43

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

Thanks for the reply -- so is your hypothesis that for this version of Chilkat that the SChannel functions are now broken with respect to interaction with Windows 8 -- did MS deprecate support for them?

UPDATE: I see at http://en.wikipedia.org/wiki/Comparison_of_TLS_implementations that SChannel is supposedly supported in Win 8.1.

(May 13 '14 at 12:47) jstevenco
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×47
×7
×4
×3

Asked: May 09 '14 at 18:43

Seen: 1,978 times

Last updated: May 13 '14 at 13:14

powered by OSQA