search

EC-Nordbund / denomailer

A SMTP-Client implementation for deno (to send mails!)
https://deno.land/x/denomailer
MIT License
50 stars 16 forks source link

TLS connection problems #4

Closed louiszgn closed 2 years ago

louiszgn commented 2 years ago

Hi 👋, I don't know if it's the right place to report this, sorry if it's misplaced.

When I try to connect, sometimes it work but most of time I receive this error : InvalidData: received corrupt message

Do someone know why ? I noticed that this test was not passed, is there a link? This is the code used :

try {
    await client.connect({
      hostname: 'ssl0.ovh.net',
      port: 587,
      username: MAILER_ADDRESS,
      password: MAILER_PWD,
    })

    await client.send({
      from: MAILER_ADDRESS,
      to: email,
      subject: emailTemplate.subject,
      content: emailTemplate.content,
    })
  } catch (e) {
    throw new Error(e)
  } finally {
    await client.close()
  }
mathe42 commented 2 years ago

Could you post the debug output (See https://github.com/EC-Nordbund/denomailer#configuring-your-client) make shure to remove password from logs!

(You can also send it to me via Mail datenschutz@ec-nordbund.de)

The non passing test is unrelated.

louiszgn commented 2 years ago

Yes sure

Is this what you need ?

┌───────┬────────────────┐
│ (idx) │ Values         │
├───────┼────────────────┤
│     0 │ "EHLO"         │
│     1 │ "ssl0.ovh.net" │
└───────┴────────────────┘
┌───────┬────────────┐
│ (idx) │ Values     │
├───────┼────────────┤
│     0 │ "STARTTLS" │
└───────┴────────────┘
┌───────┬────────────────┐
│ (idx) │ Values         │
├───────┼────────────────┤
│     0 │ "EHLO"         │
│     1 │ "ssl0.ovh.net" │
└───────┴────────────────┘
InvalidData: received corrupt message
    at async write (deno:ext/net/01_net.js:29:12)
    at async BufWriter.flush (https://deno.land/std@0.129.0/io/buffer.ts:748:21)
    at async SmtpClient.writeCmd (https://deno.land/x/denomailer@0.10.0/smtp.ts:397:5)
    at async SmtpClient.#connect (https://deno.land/x/denomailer@0.10.0/smtp.ts:337:7)
    at async SmtpClient.connect (https://deno.land/x/denomailer@0.10.0/smtp.ts:50:5)
mathe42 commented 2 years ago

Thanks - I'm currently looking into it.

mathe42 commented 2 years ago

Can you post the output of deno --version too?

louiszgn commented 2 years ago 
> deno --version
deno 1.20.1 (release, x86_64-pc-windows-msvc)
v8 10.0.139.6
typescript 4.6.2
mathe42 commented 2 years ago

I think you use the wrong port see https://docs.ovh.com/gb/en/emails/mail-configuration-windows-10/ try 465

louiszgn commented 2 years ago

I tried the ports from your link but I receive this error :

Error: invalid cmd
    at SmtpClient.assertCode (https://deno.land/x/denomailer@0.10.0/smtp.ts:365:13)
    at SmtpClient.#connect (https://deno.land/x/denomailer@0.10.0/smtp.ts:311:10)
    at async SmtpClient.connect (https://deno.land/x/denomailer@0.10.0/smtp.ts:50:5)
louiszgn commented 2 years ago

And with connectTLS and the port you give me I have this :

UnexpectedEof: tls handshake eof
    at async read (deno:ext/net/01_net.js:24:19)
    at async BufReader.#fill (https://deno.land/std@0.129.0/io/buffer.ts:323:18)
    at async BufReader.readSlice (https://deno.land/std@0.129.0/io/buffer.ts:609:9)
    at async BufReader.readLine (https://deno.land/std@0.129.0/io/buffer.ts:497:14)
    at async TextProtoReader.readLineSlice (https://deno.land/std@0.129.0/textproto/mod.ts:131:11)
    at async TextProtoReader.readLine (https://deno.land/std@0.129.0/textproto/mod.ts:33:15)
    at async SmtpClient.readCmd (https://deno.land/x/denomailer@0.10.0/smtp.ts:376:20)
    at async SmtpClient.#connect (https://deno.land/x/denomailer@0.10.0/smtp.ts:311:21)
    at async SmtpClient.connectTLS (https://deno.land/x/denomailer@0.10.0/smtp.ts:59:5)
louiszgn commented 2 years ago

If it helps, I just found the OVH article about port 587 for an SMTP server

mathe42 commented 2 years ago

I can reproduce the error but I don't understand it. I'm not fully into STARTTLS and SMTP but I would expect it to work...

mathe42 commented 2 years ago

I think this is not a denomailer problem:

1.:

const conn = await Deno.connectTls({
  hostname: 'ssl0.ovh.net',
  port: 25,
})

await conn.handshake()

Errors for ports 25, 587, 465

2.:

import {
  BufReader,
  BufWriter,
} from "https://deno.land/std@0.129.0/io/buffer.ts";
import { TextProtoReader } from "https://deno.land/std@0.129.0/textproto/mod.ts";

const conn = await Deno.connect({
  hostname: 'ssl0.ovh.net',
  port: 25,
})

const reader = new BufReader(conn);
const writer = new BufWriter(conn);
const _reader = new TextProtoReader(reader);

const encoder = new TextEncoder()

async function send(...args: string[]) {
  console.log('[S]', args.join(' '))
  const data = encoder.encode([...args].join(" ") + "\r\n");
  await writer.write(data);
  await writer.flush();
}

async function read() {
  const result = await _reader.readLine();

  if(!result) return null

  console.log('[R]', result)

  const cmdCode = parseInt(result.slice(0, 3).trim());
  const cmdArgs = result.slice(3).trim();
  return {
    code: cmdCode,
    args: cmdArgs,
  };
}

await read()

await send("EHLO", 'ssl0.ovh.net');

let startTLS = false;

while (true) {
  const cmd = await read();
  if (!cmd || !cmd.args.startsWith("-")) break;
  if (cmd.args == "-STARTTLS") startTLS = true;
}

await send("STARTTLS");
await read()

const tlsCon = await Deno.startTls(conn, {
  hostname: 'ssl0.ovh.net',
});

await tlsCon.handshake()

Errors at handshake.

Both errors at TLS handshake so this semes to be a problem of the mail provider or with deno itself.

louiszgn commented 2 years ago

Okay I see. Do you know how we could get this to at least the Deno team? By creating an issue maybe?

mathe42 commented 2 years ago

Can you confirm that you can send mails with this config with a mail client (outlook, thunderbird,...)? If yes I will have a deeper look into it... I think this is such a strange bug that it semes to be more likely connected to the mailprovider as with deno. But not 100% sure.

louiszgn commented 2 years ago

I can send mails with this config with manyuanrong/deno-smtp. I just try with thunderbird and I receive the emails

mathe42 commented 2 years ago

Yes but that would be unencrypted so the password is send in plain text to the server! An attacker can read it and send mails without you knowing.

STARTTLS was added so also the connect methods the connection get upgraded to TLS when the server supports it (in the latest version you have to expilcitly set unsecure to true to enbale that.

But the server accepts STARTTLS as it send 250-STARTTLS after the SMTP EHLO command. And after the STARTTLS is started it sends 220 2.0.0 Ready to start TLS but the handshake fails.

Did you try sending mails with thunderbird or only receiving?

louiszgn commented 2 years ago

Yes I can send mail, this is the TB config (It works with SSL/TLS too) : image

louiszgn commented 2 years ago

With connectTLS and port 465 I get an handshake error just like you :

UnexpectedEof: tls handshake eof
    at async read (deno:ext/net/01_net.js:24:19)
    at async BufReader.#fill (https://deno.land/std@0.129.0/io/buffer.ts:323:18)
    at async BufReader.readSlice (https://deno.land/std@0.129.0/io/buffer.ts:609:9)
    at async BufReader.readLine (https://deno.land/std@0.129.0/io/buffer.ts:497:14)
    at async TextProtoReader.readLineSlice (https://deno.land/std@0.129.0/textproto/mod.ts:131:11)
    at async TextProtoReader.readLine (https://deno.land/std@0.129.0/textproto/mod.ts:33:15)
    at async SmtpClient.readCmd (https://deno.land/x/denomailer@0.10.0/smtp.ts:376:20)
    at async SmtpClient.#connect (https://deno.land/x/denomailer@0.10.0/smtp.ts:311:21)
    at async SmtpClient.connectTLS (https://deno.land/x/denomailer@0.10.0/smtp.ts:59:5)
mathe42 commented 2 years ago

I will have a look how deno implements tcp and create an issue there in the next day or so. I will keep this open for now.

louiszgn commented 2 years ago

Thank you very much!

louiszgn commented 2 years ago

Do you think this issue may be related?

mathe42 commented 2 years ago

Maybe... I will try to debug it...

mathe42 commented 2 years ago

When I run openssl s_client -debug -starttls smtp -crlf -connect ssl0.ovh.net:587 I get:

CONNECTED(000001A8)
read from 0x170e4205f90 [0x170e42228d0] (4096 bytes => 41 (0x29))
0000 - 32 32 30 20 47 41 52 4d-2d 39 38 52 30 30 32 20   220 GARM-98R002
0010 - 54 75 65 73 64 61 79 2c-20 4d 61 72 63 68 20 32   Tuesday, March 2
0020 - 32 2c 20 32 30 32 32 0d-0a                        2, 2022..
write to 0x170e4205f90 [0x170e42238e0] (23 bytes => 23 (0x17))
0000 - 45 48 4c 4f 20 6d 61 69-6c 2e 65 78 61 6d 70 6c   EHLO mail.exampl
0010 - 65 2e 63 6f 6d 0d 0a                              e.com..
read from 0x170e4205f90 [0x170e42228d0] (4096 bytes => 143 (0x8F))
0000 - 32 35 30 2d 4f 56 48 20-53 4d 54 50 20 50 52 4f   250-OVH SMTP PRO
0010 - 58 59 20 48 65 6c 6c 6f-0d 0a 32 35 30 2d 53 49   XY Hello..250-SI
0020 - 5a 45 20 31 30 34 38 35-37 36 30 30 0d 0a 32 35   ZE 104857600..25
0030 - 30 2d 45 4e 48 41 4e 43-45 44 53 54 41 54 55 53   0-ENHANCEDSTATUS
0040 - 43 4f 44 45 53 0d 0a 32-35 30 2d 41 55 54 48 20   CODES..250-AUTH
0050 - 4c 4f 47 49 4e 20 50 4c-41 49 4e 0d 0a 32 35 30   LOGIN PLAIN..250
0060 - 2d 41 55 54 48 3d 4c 4f-47 49 4e 20 50 4c 41 49   -AUTH=LOGIN PLAI
0070 - 4e 0d 0a 32 35 30 2d 53-54 41 52 54 54 4c 53 0d   N..250-STARTTLS.
0080 - 0a 32 35 30 20 38 42 49-54 4d 49 4d 45 0d 0a      .250 8BITMIME..
write to 0x170e4205f90 [0x6695afe8e0] (10 bytes => 10 (0xA))
0000 - 53 54 41 52 54 54 4c 53-0d 0a                     STARTTLS..
read from 0x170e4205f90 [0x170e4169640] (8192 bytes => 30 (0x1E))
0000 - 32 32 30 20 32 2e 30 2e-30 20 52 65 61 64 79 20   220 2.0.0 Ready
0010 - 74 6f 20 73 74 61 72 74-20 54 4c 53 0d 0a         to start TLS..
write to 0x170e4205f90 [0x170e422bf80] (318 bytes => 318 (0x13E))
0000 - 16 03 01 01 39 01 00 01-35 03 03 c1 d1 79 10 66   ....9...5....y.f
0010 - 64 08 b6 67 13 4b 44 ea-5c 43 29 ef d5 12 76 ca   d..g.KD.\C)...v.
0020 - e6 2e e7 2d b9 57 45 e9-aa 43 fb 20 71 c6 60 af   ...-.WE..C. q.`.
0030 - 92 47 e6 01 b7 e0 67 e6-e2 bc 27 ca fb bc 37 e2   .G....g...'...7.
0040 - 5f 2f 09 55 5d da 72 6c-36 50 a8 d4 00 3e 13 02   _/.U].rl6P...>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa   .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27   .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d   .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 ae   ...=.<.5./......
0090 - 00 00 00 11 00 0f 00 00-0c 73 73 6c 30 2e 6f 76   .........ssl0.ov
00a0 - 68 2e 6e 65 74 00 0b 00-04 03 00 01 02 00 0a 00   h.net...........
00b0 - 16 00 14 00 1d 00 17 00-1e 00 19 00 18 01 00 01   ................
00c0 - 01 01 02 01 03 01 04 00-23 00 00 00 16 00 00 00   ........#.......
00d0 - 17 00 00 00 0d 00 2a 00-28 04 03 05 03 06 03 08   ......*.(.......
00e0 - 07 08 08 08 09 08 0a 08-0b 08 04 08 05 08 06 04   ................
00f0 - 01 05 01 06 01 03 03 03-01 03 02 04 02 05 02 06   ................
0100 - 02 00 2b 00 09 08 03 04-03 03 03 02 03 01 00 2d   ..+............-
0110 - 00 02 01 01 00 33 00 26-00 24 00 1d 00 20 99 33   .....3.&.$... .3
0120 - 53 43 34 fc 65 be ce a7-9d 43 be 81 42 05 d4 95   SC4.e....C..B...
0130 - c3 73 a8 c1 f1 80 20 24-73 27 c6 f7 ec 3b         .s.... $s'...;
read from 0x170e4205f90 [0x170e4227e33] (5 bytes => 5 (0x5))
0000 - 16 03 03 10 53                                    ....S
read from 0x170e4205f90 [0x170e4227e38] (4179 bytes => 4179 (0x1053))
0000 - 02 00 00 51 03 03 62 3a-38 42 ea 06 fd a3 e0 29   ...Q..b:8B.....)
0010 - ef 0e a7 62 e8 4f 2d a2-92 7a da fa 7f f4 c5 4f   ...b.O-..z.....O
0020 - 1c f8 3b 56 f6 ca 20 33-1d 00 00 25 5c 38 0f f4   ..;V.. 3...%\8..
0030 - 22 10 8b a7 a8 0d 39 99-bf 04 b3 81 74 d2 6e cd   ".....9.....t.n.
0040 - 23 9b d4 bb 26 a2 e2 c0-28 00 00 09 00 17 00 00   #...&...(.......
0050 - ff 01 00 01 00 0b 00 0d-65 00 0d 62 00 07 45 30   ........e..b..E0
0060 - 82 07 41 30 82 06 29 a0-03 02 01 02 02 11 00 dc   ..A0..).........
0070 - 50 74 88 ff b7 a7 b3 8c-56 68 7f ef 70 eb 2e 30   Pt......Vh..p..0
0080 - 0d 06 09 2a 86 48 86 f7-0d 01 01 0b 05 00 30 81   ...*.H........0.
0090 - 8f 31 0b 30 09 06 03 55-04 06 13 02 47 42 31 1b   .1.0...U....GB1.
00a0 - 30 19 06 03 55 04 08 13-12 47 72 65 61 74 65 72   0...U....Greater
00b0 - 20 4d 61 6e 63 68 65 73-74 65 72 31 10 30 0e 06    Manchester1.0..
00c0 - 03 55 04 07 13 07 53 61-6c 66 6f 72 64 31 18 30   .U....Salford1.0
00d0 - 16 06 03 55 04 0a 13 0f-53 65 63 74 69 67 6f 20   ...U....Sectigo
00e0 - 4c 69 6d 69 74 65 64 31-37 30 35 06 03 55 04 03   Limited1705..U..
00f0 - 13 2e 53 65 63 74 69 67-6f 20 52 53 41 20 44 6f   ..Sectigo RSA Do
0100 - 6d 61 69 6e 20 56 61 6c-69 64 61 74 69 6f 6e 20   main Validation
0110 - 53 65 63 75 72 65 20 53-65 72 76 65 72 20 43 41   Secure Server CA
0120 - 30 1e 17 0d 32 31 30 39-30 32 30 30 30 30 30 30   0...210902000000
0130 - 5a 17 0d 32 32 30 39 30-32 32 33 35 39 35 39 5a   Z..220902235959Z
0140 - 30 16 31 14 30 12 06 03-55 04 03 13 0b 6e 73 30   0.1.0...U....ns0
0150 - 2e 6f 76 68 2e 6e 65 74-30 82 02 22 30 0d 06 09   .ovh.net0.."0...
0160 - 2a 86 48 86 f7 0d 01 01-01 05 00 03 82 02 0f 00   *.H.............
0170 - 30 82 02 0a 02 82 02 01-00 d8 cb 5e 42 0b ac 9e   0..........^B...
0180 - 35 39 15 0b 70 d8 98 62-f0 71 df af ef 2f 9d 33   59..p..b.q.../.3
0190 - df 35 02 53 b8 4e b7 2e-ff 8a 0e 4d 7f b7 b1 5e   .5.S.N.....M...^
01a0 - 15 7c 7d 84 85 6f 64 70-c2 f5 62 08 bf a5 8b 7f   .|}..odp..b.....
01b0 - a1 5c d9 89 60 ed db 87-fb af 35 b9 c2 b6 3b 38   .\..`.....5...;8
01c0 - f2 37 fc 78 3d d4 73 a9-9b 67 2e 1f 47 a7 12 37   .7.x=.s..g..G..7
01d0 - 3d 4f 47 70 b0 d7 8d c1-d8 60 89 3b 16 8f 04 61   =OGp.....`.;...a
01e0 - 53 51 c3 e7 b6 93 92 fe-f4 61 d2 e6 91 e5 9a e4   SQ.......a......
01f0 - 33 65 3f af 0f 8a 1d 3e-1c 7a 5f 1e 93 bc 87 58   3e?....>.z_....X
0200 - 34 11 04 7c c2 2e 8a 57-f2 45 5a 8a 05 bd 71 0c   4..|...W.EZ...q.
0210 - 58 de 4d dc 07 96 67 2e-bf 8f aa 3c e6 4c 96 ca   X.M...g....<.L..
0220 - bf 2c e6 3e 80 8e 0a 64-ff 5c 96 1c b9 b0 01 2b   .,.>...d.\.....+
0230 - 61 2f b6 88 7f f5 54 f6-e9 92 4e af 5e b4 32 df   a/....T...N.^.2.
0240 - a5 d2 19 31 70 58 8c 6d-be 32 48 1d e7 c4 7c 0b   ...1pX.m.2H...|.
0250 - 2b 34 75 a3 ad 0e 1e 64-a9 5e aa 52 68 08 98 e9   +4u....d.^.Rh...
0260 - e6 a5 4c c1 a8 20 4d f4-aa 18 50 83 82 d9 14 ae   ..L.. M...P.....
0270 - 6a 0f 04 f2 28 48 d0 c2-4b cc 2b 0f 09 c6 46 ed   j...(H..K.+...F.
0280 - 9d dd 4b ab ff 75 e2 c6-21 b5 87 f3 70 21 4e f2   ..K..u..!...p!N.
0290 - aa cc 27 fe 59 57 00 78-e2 09 d3 36 c5 36 db 77   ..'.YW.x...6.6.w
02a0 - 87 6f 47 12 1c 40 de 79-a0 a3 14 47 4d 35 d8 1e   .oG..@.y...GM5..
02b0 - 39 9f e9 42 37 3c 81 49-c7 ea 54 9e 21 d6 55 7a   9..B7<.I..T.!.Uz
02c0 - bc 50 73 3e ec 49 66 27-87 cb 9b 47 81 5e 4e 49   .Ps>.If'...G.^NI
02d0 - 7e ff af e5 28 a5 36 99-a5 55 65 97 69 83 99 14   ~...(.6..Ue.i...
02e0 - 6d fc 83 35 8d 47 bd d2-13 f6 d5 42 e8 42 f7 82   m..5.G.....B.B..
02f0 - 99 15 bb b7 3b 44 98 7d-32 39 86 da ca b6 d8 bb   ....;D.}29......
0300 - bd ec ac f2 af b0 ba 8a-50 17 83 5f 9f e9 9f 63   ........P.._...c
0310 - c8 fa f1 cd 88 98 b4 04-f7 c9 46 c8 7a 28 0c da   ..........F.z(..
0320 - ad 61 fa e3 16 43 8f a3-5c c4 c7 25 ff d0 e9 31   .a...C..\..%...1
0330 - d0 48 91 43 d0 ae 20 22-4c 80 e7 f2 4d 45 bb d3   .H.C.. "L...ME..
0340 - 0d 61 0a 20 11 e1 79 ef-23 52 37 de b6 e1 14 ca   .a. ..y.#R7.....
0350 - f7 6f 46 6e 1e 41 d7 cd-d6 88 5f 5c 82 0a b9 73   .oFn.A...._\...s
0360 - d7 d8 f8 42 57 b0 fd 3a-37 0b 9a 4a 44 8c e5 1c   ...BW..:7..JD...
0370 - 85 5a 48 e6 2b 2a f9 88-ed 02 03 01 00 01 a3 82   .ZH.+*..........
0380 - 03 0e 30 82 03 0a 30 1f-06 03 55 1d 23 04 18 30   ..0...0...U.#..0
0390 - 16 80 14 8d 8c 5e c4 54-ad 8a e1 77 e9 9b f9 9b   .....^.T...w....
03a0 - 05 e1 b8 01 8d 61 e1 30-1d 06 03 55 1d 0e 04 16   .....a.0...U....
03b0 - 04 14 1b bf 1f 29 f7 b0-91 39 e5 b9 31 a8 d3 84   .....)...9..1...
03c0 - d5 00 6d 6b 9d 1c 30 0e-06 03 55 1d 0f 01 01 ff   ..mk..0...U.....
03d0 - 04 04 03 02 05 a0 30 0c-06 03 55 1d 13 01 01 ff   ......0...U.....
03e0 - 04 02 30 00 30 1d 06 03-55 1d 25 04 16 30 14 06   ..0.0...U.%..0..
03f0 - 08 2b 06 01 05 05 07 03-01 06 08 2b 06 01 05 05   .+.........+....
0400 - 07 03 02 30 49 06 03 55-1d 20 04 42 30 40 30 34   ...0I..U. .B0@04
0410 - 06 0b 2b 06 01 04 01 b2-31 01 02 02 07 30 25 30   ..+.....1....0%0
0420 - 23 06 08 2b 06 01 05 05-07 02 01 16 17 68 74 74   #..+.........htt
0430 - 70 73 3a 2f 2f 73 65 63-74 69 67 6f 2e 63 6f 6d   ps://sectigo.com
0440 - 2f 43 50 53 30 08 06 06-67 81 0c 01 02 01 30 81   /CPS0...g.....0.
0450 - 84 06 08 2b 06 01 05 05-07 01 01 04 78 30 76 30   ...+........x0v0
0460 - 4f 06 08 2b 06 01 05 05-07 30 02 86 43 68 74 74   O..+.....0..Chtt
0470 - 70 3a 2f 2f 63 72 74 2e-73 65 63 74 69 67 6f 2e   p://crt.sectigo.
0480 - 63 6f 6d 2f 53 65 63 74-69 67 6f 52 53 41 44 6f   com/SectigoRSADo
0490 - 6d 61 69 6e 56 61 6c 69-64 61 74 69 6f 6e 53 65   mainValidationSe
04a0 - 63 75 72 65 53 65 72 76-65 72 43 41 2e 63 72 74   cureServerCA.crt
04b0 - 30 23 06 08 2b 06 01 05-05 07 30 01 86 17 68 74   0#..+.....0...ht
04c0 - 74 70 3a 2f 2f 6f 63 73-70 2e 73 65 63 74 69 67   tp://ocsp.sectig
04d0 - 6f 2e 63 6f 6d 30 82 01-7e 06 0a 2b 06 01 04 01   o.com0..~..+....
04e0 - d6 79 02 04 02 04 82 01-6e 04 82 01 6a 01 68 00   .y......n...j.h.
04f0 - 76 00 46 a5 55 eb 75 fa-91 20 30 b5 a2 89 69 f4   v.F.U.u.. 0...i.
0500 - f3 7d 11 2c 41 74 be fd-49 b8 85 ab f2 fc 70 fe   .}.,At..I.....p.
0510 - 6d 47 00 00 01 7b a6 f0-3c f3 00 00 04 03 00 47   mG...{..<......G
0520 - 30 45 02 21 00 ea 6a c5-e5 bc 6f 31 56 aa 37 19   0E.!..j...o1V.7.
0530 - 96 94 81 54 39 45 e6 26-10 2f 2d 66 e3 fa 51 88   ...T9E.&./-f..Q.
0540 - a0 9c d1 22 e5 02 20 1b-48 5b de 18 12 4a c0 84   ...".. .H[...J..
0550 - ad 5b c7 4f de 7c 13 23-42 f0 b6 ca 04 2a 07 8d   .[.O.|.#B....*..
0560 - a9 1b 0c 8a bb e5 fb 00-76 00 41 c8 ca b1 df 22   ........v.A...."
0570 - 46 4a 10 c6 a1 3a 09 42-87 5e 4e 31 8b 1b 03 eb   FJ...:.B.^N1....
0580 - eb 4b c7 68 f0 90 62 96-06 f6 00 00 01 7b a6 f0   .K.h..b......{..
0590 - 3c b2 00 00 04 03 00 47-30 45 02 20 66 37 de 7f   <......G0E. f7..
05a0 - 46 a0 3e 6c f5 85 f4 ad-a4 b5 93 84 d0 e1 7d 8d   F.>l..........}.
05b0 - 74 62 47 26 9d db 98 4e-78 f0 0d 14 02 21 00 9b   tbG&...Nx....!..
05c0 - 29 45 fa 85 99 60 a7 73-eb 5e 81 0b b6 86 4a bd   )E...`.s.^....J.
05d0 - 8b b1 bb 41 f1 a4 be ce-8c db 2e 88 13 fc 88 00   ...A............
05e0 - 76 00 29 79 be f0 9e 39-39 21 f0 56 73 9f 63 a5   v.)y...99!.Vs.c.
05f0 - 77 e5 be 57 7d 9c 60 0a-f8 f9 4d 5d 26 5c 25 5d   w..W}.`...M]&\%]
0600 - c7 84 00 00 01 7b a6 f0-3c 96 00 00 04 03 00 47   .....{..<......G
0610 - 30 45 02 21 00 81 bb 7f-4d 0c 75 03 46 ae b2 6a   0E.!....M.u.F..j
0620 - b7 09 b6 32 61 c3 6a 0e-40 68 52 b5 ca cc fc dc   ...2a.j.@hR.....
0630 - 38 7b ec ce 01 02 20 25-a4 e9 f8 aa 70 d1 0d 27   8{.... %....p..'
0640 - be c9 be 47 08 4b f4 45-27 5f 83 87 49 10 b9 57   ...G.K.E'_..I..W
0650 - 8a 89 3f 2b 9e 72 c6 30-37 06 03 55 1d 11 04 30   ..?+.r.07..U...0
0660 - 30 2e 82 0b 6e 73 30 2e-6f 76 68 2e 6e 65 74 82   0...ns0.ovh.net.
0670 - 11 73 6d 74 70 2e 6d 61-69 6c 2e 6f 76 68 2e 6e   .smtp.mail.ovh.n
0680 - 65 74 82 0c 73 73 6c 30-2e 6f 76 68 2e 6e 65 74   et..ssl0.ovh.net
0690 - 30 0d 06 09 2a 86 48 86-f7 0d 01 01 0b 05 00 03   0...*.H.........
06a0 - 82 01 01 00 84 57 56 82-af dc 78 09 86 f8 52 39   .....WV...x...R9
06b0 - f5 4e 93 63 20 22 cd 21-27 a3 2a 6c e9 35 ab 34   .N.c ".!'.*l.5.4
06c0 - 1e 3a a2 07 73 7c 8a 3a-aa 92 34 18 f6 dd 13 61   .:..s|.:..4....a
06d0 - 93 52 41 b3 89 e4 b4 19-bd e7 80 ef 35 95 df 45   .RA.........5..E
06e0 - 5a 8b 01 90 ce c0 96 66-7a 4e 4a 6a 6e 0a c7 67   Z......fzNJjn..g
06f0 - 55 30 d7 5c 1a ac 79 ee-28 c4 b3 33 a2 84 fd 56   U0.\..y.(..3...V
0700 - 2f c5 0c 96 f4 fc 88 1f-45 c0 ac 17 42 64 a3 84   /.......E...Bd..
0710 - b8 ea 6d b3 e7 8e dc a7-e3 a7 ea e1 74 c7 a2 e2   ..m.........t...
0720 - e6 a3 d7 52 18 08 c8 06-26 02 c9 f3 2e 7b 70 b1   ...R....&....{p.
0730 - 76 33 c5 c6 bc 9f 7d 46-c3 06 71 b7 ae 47 bf 2a   v3....}F..q..G.*
0740 - 15 94 d2 6e 94 82 fd 9d-fb 7f 1c e9 db 63 0a c3   ...n.........c..
0750 - 3b 35 7d 01 90 58 6c 38-ce 4a 83 bd be fd 41 74   ;5}..Xl8.J....At
0760 - 56 01 75 2f a0 b9 0c 36-9e 88 a3 51 19 2d 87 42   V.u/...6...Q.-.B
0770 - 7b 48 b7 c7 95 4b c0 2d-8a df b1 b4 93 6c e1 99   {H...K.-.....l..
0780 - a4 d7 c4 db bc 42 f9 77-5b 79 e0 56 25 40 7a 5a   .....B.w[y.V%@zZ
0790 - b5 08 b3 8c 38 b2 3e a2-fe 26 bc 8a e3 5c be 4b   ....8.>..&...\.K
07a0 - 97 1c 2c 0a 00 06 17 30-82 06 13 30 82 03 fb a0   ..,....0...0....
07b0 - 03 02 01 02 02 10 7d 5b-51 26 b4 76 ba 11 db 74   ......}[Q&.v...t
07c0 - 16 0b bc 53 0d a7 30 0d-06 09 2a 86 48 86 f7 0d   ...S..0...*.H...
07d0 - 01 01 0c 05 00 30 81 88-31 0b 30 09 06 03 55 04   .....0..1.0...U.
07e0 - 06 13 02 55 53 31 13 30-11 06 03 55 04 08 13 0a   ...US1.0...U....
07f0 - 4e 65 77 20 4a 65 72 73-65 79 31 14 30 12 06 03   New Jersey1.0...
0800 - 55 04 07 13 0b 4a 65 72-73 65 79 20 43 69 74 79   U....Jersey City
0810 - 31 1e 30 1c 06 03 55 04-0a 13 15 54 68 65 20 55   1.0...U....The U
0820 - 53 45 52 54 52 55 53 54-20 4e 65 74 77 6f 72 6b   SERTRUST Network
0830 - 31 2e 30 2c 06 03 55 04-03 13 25 55 53 45 52 54   1.0,..U...%USERT
0840 - 72 75 73 74 20 52 53 41-20 43 65 72 74 69 66 69   rust RSA Certifi
0850 - 63 61 74 69 6f 6e 20 41-75 74 68 6f 72 69 74 79   cation Authority
0860 - 30 1e 17 0d 31 38 31 31-30 32 30 30 30 30 30 30   0...181102000000
0870 - 5a 17 0d 33 30 31 32 33-31 32 33 35 39 35 39 5a   Z..301231235959Z
0880 - 30 81 8f 31 0b 30 09 06-03 55 04 06 13 02 47 42   0..1.0...U....GB
0890 - 31 1b 30 19 06 03 55 04-08 13 12 47 72 65 61 74   1.0...U....Great
08a0 - 65 72 20 4d 61 6e 63 68-65 73 74 65 72 31 10 30   er Manchester1.0
08b0 - 0e 06 03 55 04 07 13 07-53 61 6c 66 6f 72 64 31   ...U....Salford1
08c0 - 18 30 16 06 03 55 04 0a-13 0f 53 65 63 74 69 67   .0...U....Sectig
08d0 - 6f 20 4c 69 6d 69 74 65-64 31 37 30 35 06 03 55   o Limited1705..U
08e0 - 04 03 13 2e 53 65 63 74-69 67 6f 20 52 53 41 20   ....Sectigo RSA
08f0 - 44 6f 6d 61 69 6e 20 56-61 6c 69 64 61 74 69 6f   Domain Validatio
0900 - 6e 20 53 65 63 75 72 65-20 53 65 72 76 65 72 20   n Secure Server
0910 - 43 41 30 82 01 22 30 0d-06 09 2a 86 48 86 f7 0d   CA0.."0...*.H...
0920 - 01 01 01 05 00 03 82 01-0f 00 30 82 01 0a 02 82   ..........0.....
0930 - 01 01 00 d6 73 33 d6 d7-3c 20 d0 00 d2 17 45 b8   ....s3..< ....E.
0940 - d6 3e 07 a2 3f c7 41 ee-32 30 c9 b0 6c fd f4 9f   .>..?.A.20..l...
0950 - cb 12 98 0f 2d 3f 8d 4d-01 0c 82 0f 17 7f 62 2e   ....-?.M......b.
0960 - e9 b8 48 79 fb 16 83 4e-ad d7 32 25 93 b7 07 bf   ..Hy...N..2%....
0970 - b9 50 3f a9 4c c3 40 2a-e9 39 ff d9 81 ca 1f 16   .P?.L.@*.9......
0980 - 32 41 da 80 26 b9 23 7a-87 20 1e e3 ff 20 9a 3c   2A..&.#z. ... .<
0990 - 95 44 6f 87 75 06 90 40-b4 32 93 16 09 10 08 23   .Do.u..@.2.....#
09a0 - 3e d2 dd 87 0f 6f 5d 51-14 6a 0a 69 c5 4f 01 72   >....o]Q.j.i.O.r
09b0 - 69 cf d3 93 4c 6d 04 a0-a3 1b 82 7e b1 9a b9 ed   i...Lm.....~....
09c0 - c5 9e c5 37 78 9f 9a 08-34 fb 56 2e 58 c4 09 0e   ...7x...4.V.X...
09d0 - 06 64 5b bc 37 dc f1 9f-28 68 a8 56 b0 92 a3 5c   .d[.7...(h.V...\
09e0 - 9f bb 88 98 08 1b 24 1d-ab 30 85 ae af b0 2e 9e   ......$..0......
09f0 - 7a 9d c1 c0 42 1c e2 02-f0 ea e0 4a d2 ef 90 0e   z...B......J....
0a00 - b4 c1 40 16 f0 6f 85 42-4a 64 f7 a4 30 a0 fe bf   ..@..o.BJd..0...
0a10 - 2e a3 27 5a 8e 8b 58 b8-ad c3 19 17 84 63 ed 6f   ..'Z..X......c.o
0a20 - 56 fd 83 cb 60 34 c4 74-be e6 9d db e1 e4 e5 ca   V...`4.t........
0a30 - 0c 5f 15 02 03 01 00 01-a3 82 01 6e 30 82 01 6a   ._.........n0..j
0a40 - 30 1f 06 03 55 1d 23 04-18 30 16 80 14 53 79 bf   0...U.#..0...Sy.
0a50 - 5a aa 2b 4a cf 54 80 e1-d8 9b c0 9d f2 b2 03 66   Z.+J.T.........f
0a60 - cb 30 1d 06 03 55 1d 0e-04 16 04 14 8d 8c 5e c4   .0...U........^.
0a70 - 54 ad 8a e1 77 e9 9b f9-9b 05 e1 b8 01 8d 61 e1   T...w.........a.
0a80 - 30 0e 06 03 55 1d 0f 01-01 ff 04 04 03 02 01 86   0...U...........
0a90 - 30 12 06 03 55 1d 13 01-01 ff 04 08 30 06 01 01   0...U.......0...
0aa0 - ff 02 01 00 30 1d 06 03-55 1d 25 04 16 30 14 06   ....0...U.%..0..
0ab0 - 08 2b 06 01 05 05 07 03-01 06 08 2b 06 01 05 05   .+.........+....
0ac0 - 07 03 02 30 1b 06 03 55-1d 20 04 14 30 12 30 06   ...0...U. ..0.0.
0ad0 - 06 04 55 1d 20 00 30 08-06 06 67 81 0c 01 02 01   ..U. .0...g.....
0ae0 - 30 50 06 03 55 1d 1f 04-49 30 47 30 45 a0 43 a0   0P..U...I0G0E.C.
0af0 - 41 86 3f 68 74 74 70 3a-2f 2f 63 72 6c 2e 75 73   A.?http://crl.us
0b00 - 65 72 74 72 75 73 74 2e-63 6f 6d 2f 55 53 45 52   ertrust.com/USER
0b10 - 54 72 75 73 74 52 53 41-43 65 72 74 69 66 69 63   TrustRSACertific
0b20 - 61 74 69 6f 6e 41 75 74-68 6f 72 69 74 79 2e 63   ationAuthority.c
0b30 - 72 6c 30 76 06 08 2b 06-01 05 05 07 01 01 04 6a   rl0v..+........j
0b40 - 30 68 30 3f 06 08 2b 06-01 05 05 07 30 02 86 33   0h0?..+.....0..3
0b50 - 68 74 74 70 3a 2f 2f 63-72 74 2e 75 73 65 72 74   http://crt.usert
0b60 - 72 75 73 74 2e 63 6f 6d-2f 55 53 45 52 54 72 75   rust.com/USERTru
0b70 - 73 74 52 53 41 41 64 64-54 72 75 73 74 43 41 2e   stRSAAddTrustCA.
0b80 - 63 72 74 30 25 06 08 2b-06 01 05 05 07 30 01 86   crt0%..+.....0..
0b90 - 19 68 74 74 70 3a 2f 2f-6f 63 73 70 2e 75 73 65   .http://ocsp.use
0ba0 - 72 74 72 75 73 74 2e 63-6f 6d 30 0d 06 09 2a 86   rtrust.com0...*.
0bb0 - 48 86 f7 0d 01 01 0c 05-00 03 82 02 01 00 32 bf   H.............2.
0bc0 - 61 bd 0e 48 c3 4f c7 ba-47 4d f8 9c 78 19 01 dc   a..H.O..GM..x...
0bd0 - 13 1d 80 6f fc c3 70 b4-52 9a 31 33 9a 57 52 fb   ...o..p.R.13.WR.
0be0 - 31 9e 6b a4 ef 54 aa 89-8d 40 17 68 f8 11 10 7c   1.k..T...@.h...|
0bf0 - d2 ca b1 f1 55 86 c7 ee-b3 36 91 86 f6 39 51 bf   ....U....6...9Q.
0c00 - 46 bf 0f a0 ba b4 f7 7e-49 c4 2a 36 17 9e e4 68   F......~I.*6...h
0c10 - 39 7a af 94 4e 56 6f b2-7b 3b bf 0a 86 bd cd c5   9z..NVo.{;......
0c20 - 77 1c 03 b8 38 b1 a2 1f-5f 7e db 8a dc 46 48 b6   w...8..._~...FH.
0c30 - 68 0a cf b2 b5 b4 e2 34-e4 67 a9 38 66 09 5e d2   h......4.g.8f.^.
0c40 - b8 fc 9d 28 3a 17 40 27-c2 72 4e 29 fd 21 3c 7c   ...(:.@'.rN).!<|
0c50 - cf 13 fb 96 2c c5 31 44-fd 13 ed d5 9b a9 69 68   ....,.1D......ih
0c60 - 77 7c ee e1 ff a4 f9 36-38 08 53 39 a2 84 34 9c   w|.....68.S9..4.
0c70 - 19 f3 be 0e ac d5 24 37-eb 23 a8 78 d0 d3 e7 ef   ......$7.#.x....
0c80 - 92 47 64 62 39 22 ef c6-f7 11 be 22 85 c6 66 44   .Gdb9"....."..fD
0c90 - 24 26 8e 10 32 8d c8 93-ae 07 9e 83 3e 2f d9 f9   $&..2.......>/..
0ca0 - f5 46 8e 63 be c1 e6 b4-dc a6 cd 21 a8 86 0a 95   .F.c.......!....
0cb0 - d9 2e 85 26 1a fd fc b1-b6 57 42 6d 95 d1 33 f6   ...&.....WBm..3.
0cc0 - 39 14 06 82 41 38 f5 8f-58 dc 80 5b a4 d5 7d 95   9...A8..X..[..}.
0cd0 - 78 fd a7 9b ff fd c5 a8-69 ab 26 e7 a7 a4 05 87   x.......i.&.....
0ce0 - 5b a9 b7 b8 a3 20 0b 97-a9 45 85 dd b3 8b e5 89   [.... ...E......
0cf0 - 37 8e 29 0d fc 06 17 f6-38 40 0e 42 e4 12 06 fb   7.).....8@.B....
0d00 - 7b f3 c6 11 68 62 df e3-98 f4 13 d8 15 4f 8b b1   {...hb.......O..
0d10 - 69 d9 10 60 bc 64 2a ea-31 b7 e4 b5 a3 3a 14 9b   i..`.d*.1....:..
0d20 - 26 e3 0b 7b fd 02 8e b6-99 c1 38 97 59 36 f6 a8   &..{......8.Y6..
0d30 - 74 a2 86 b6 5e eb c6 64-ea cf a0 a3 f9 6e 9e ba   t...^..d.....n..
0d40 - 2d 11 b6 86 98 08 58 2d-c9 ac 25 64 f2 5e 75 b4   -.....X-..%d.^u.
0d50 - 38 c1 ae 7f 5a 46 83 ea-51 ca b6 f1 99 11 35 6b   8...ZF..Q.....5k
0d60 - a5 6a 7b c6 00 b0 e7 f8-be 64 b2 ad c8 c2 f1 ac   .j{......d......
0d70 - e3 51 ea a4 93 e0 79 c8-e1 81 40 c9 0a 5b e1 12   .Q....y...@..[..
0d80 - 3c c1 60 2a e3 97 c0 89-42 ca 94 cf 46 98 12 69   <.`*....B...F..i
0d90 - bb 98 d0 c2 d3 0d 72 4b-47 6e e5 93 c4 32 28 63   ......rKGn...2(c
0da0 - 87 43 e4 b0 32 3e 0a d3-4b bf 23 9b 14 29 41 2b   .C..2>..K.#..)A+
0db0 - 9a 04 1f 93 2d f1 c7 39-48 3c ad 5a 12 7f 0c 00   ....-..9H<.Z....
0dc0 - 02 8d 03 00 19 85 04 01-c0 af 70 ee e7 ac 0d 59   ..........p....Y
0dd0 - 74 77 fe 79 18 c0 a1 b0-02 4c fc 8a f8 da f4 8f   tw.y.....L......
0de0 - fd bf 19 82 08 63 1b 19-38 09 db c2 f9 ab d9 f8   .....c..8.......
0df0 - 8e 2c e7 2f 25 9b 45 c4-aa 9d a8 d1 bd b2 66 bf   .,./%.E.......f.
0e00 - 8b f4 93 b7 c0 2f 9e 8e-08 00 ff c5 92 16 c4 52   ...../.........R
0e10 - 8a d2 f4 be 40 e7 1c d7-49 e6 b4 89 86 2b 5d 7d   ....@...I....+]}
0e20 - f1 c4 c8 31 a2 58 5c 76-56 b2 69 2f fd 9b cb c6   ...1.X\vV.i/....
0e30 - 7a ac b9 b7 2a 36 8d 5e-ea 51 e4 1d d8 8f f4 71   z...*6.^.Q.....q
0e40 - 54 0f 90 a5 87 2b 53 1b-79 26 3a 04 01 02 00 0d   T....+S.y&:.....
0e50 - e6 12 78 94 c7 a1 56 0b-e8 f2 4b 3b f2 a7 7c b9   ..x...V...K;..|.
0e60 - 41 d5 80 52 bd 0b 27 db-ae a0 01 8d 16 f1 0d ca   A..R..'.........
0e70 - 61 63 9b ef 20 51 fc 7d-e4 5f 71 cd d9 46 a4 1e   ac.. Q.}._q..F..
0e80 - 08 fd d0 28 6b 63 a5 32-fb ab 92 9c 09 8d 5b af   ...(kc.2......[.
0e90 - 55 d2 31 c5 bb f0 65 5d-86 c6 59 d4 4f e0 ea 58   U.1...e]..Y.O..X
0ea0 - ee 11 68 8a f0 93 d7 c4-a0 bf 5e 88 39 20 cc 04   ..h.......^.9 ..
0eb0 - 53 76 5b 0b e2 e9 7b 44-7b 97 75 b0 de 4a 70 96   Sv[...{D{.u..Jp.
0ec0 - e7 eb 50 eb 20 47 56 4e-a8 1d 06 6b 4e e1 3e d3   ..P. GVN...kN.>.
0ed0 - f1 33 6e c7 2d b5 c6 f8-41 63 09 0c 9a 0f 27 28   .3n.-...Ac....'(
0ee0 - cc ca 7f 9f ae f1 27 4f-00 72 4f 2b 17 df 54 d8   ......'O.rO+..T.
0ef0 - 4a 9c d9 eb fc 7a 2e 3b-53 e5 d8 71 e8 9b 7d e1   J....z.;S..q..}.
0f00 - f4 79 8c 3a 91 f9 53 be-42 37 da e2 51 b9 64 9c   .y.:..S.B7..Q.d.
0f10 - 7b 5b dd 8e e6 2d 97 71-d7 1a a2 2e 0f a0 40 12   {[...-.q......@.
0f20 - e6 1d a4 7f 9b bf 49 af-12 89 ff ff 8e 44 6c ec   ......I......Dl.
0f30 - 9b f0 65 48 05 05 08 1d-81 d0 c2 a8 7a 9d 71 31   ..eH........z.q1
0f40 - d0 94 ac e4 d9 28 7a f2-32 22 91 16 dc 46 79 fe   .....(z.2"...Fy.
0f50 - 89 37 8f 34 6c 5d 49 30-c6 96 fc 48 2b a6 d1 6f   .7.4l]I0...H+..o
0f60 - dd 6f 53 cd ec 93 47 58-65 66 19 6d 34 bb 2e 5f   .oS...GXef.m4.._
0f70 - 2c 91 bc d0 8a c4 27 27-af f3 bc 53 90 01 aa 21   ,.....''...S...!
0f80 - d9 ad 8a 06 dc f6 33 42-5f d9 e0 68 08 0b cf d3   ......3B_..h....
0f90 - 28 c5 e3 27 c6 ce e6 95-e3 47 35 61 ae 7d c8 a5   (..'.....G5a.}..
0fa0 - c4 45 f4 2e d6 b9 7d 5d-76 b6 12 19 84 5e 6c a5   .E....}]v....^l.
0fb0 - de b5 9b 92 57 c6 bb b3-de d8 04 4c 94 d5 35 df   ....W......L..5.
0fc0 - b4 e4 52 4f df fd fc bb-43 69 12 ca a3 ee 8f 83   ..RO....Ci......
0fd0 - 52 4e 18 10 15 c0 ed 68-5f 1c ef bd 3a 98 a1 a1   RN.....h_...:...
0fe0 - 8c f1 21 58 7e 99 5d 87-d7 ee db 1c 60 fc 6d 8e   ..!X~.].....`.m.
0ff0 - 5b 94 ef 5b 6a bb 0c e4-2d 41 10 5f 29 cd 77 07   [..[j...-A._).w.
1000 - 41 03 4d 3d ac 80 e7 f2-95 2c 5a d9 99 91 82 8a   A.M=.....,Z.....
1010 - 0d 92 41 23 0e 86 01 08-98 b1 8b c5 e6 50 fb 7a   ..A#.........P.z
1020 - 0c bd 55 75 9e bd 34 d3-2b 9f 66 25 b2 ca 02 a4   ..Uu..4.+.f%....
1030 - ea b0 95 78 5a de a4 91-1a 61 ab 59 18 4a 54 40   ...xZ....a.Y.JT@
1040 - ad 28 7f 55 19 11 15 0a-18 a6 9a 03 2d e8 fd 0e   .(.U........-...
1050 - 00 00 00                                          ...
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = ns0.ovh.net
verify return:1
write to 0x170e4205f90 [0x170e422bf80] (250 bytes => 250 (0xFA))
0000 - 16 03 03 00 8a 10 00 00-86 85 04 01 e6 86 30 d0   ..............0.
0010 - d2 51 16 1a 87 14 46 1c-09 26 85 32 7c f3 6d db   .Q....F..&.2|.m.
0020 - cf c3 08 fe 69 82 46 0d-b2 47 20 e5 30 c4 e7 12   ....i.F..G .0...
0030 - b5 47 07 bb 0e 33 f2 46-30 da 65 8a 6e 6c 88 c7   .G...3.F0.e.nl..
0040 - 61 e2 c6 c2 05 86 b0 e3-95 b4 bc 8d 12 00 b2 1e   a...............
0050 - ba 67 26 55 08 4e 9e ac-f0 3b ce 40 99 a3 96 5c   .g&U.N...;.@...\
0060 - f8 e7 60 8f 8c 70 72 cb-ae ba f5 93 da 89 38 68   ..`..pr.......8h
0070 - 18 f1 e6 c1 ff bb 56 32-66 cc b6 82 36 7f f3 cd   ......V2f...6...
0080 - e8 6a 1e c2 df 8f f7 58-ba 50 7c 4b 2b fa 41 14   .j.....X.P|K+.A.
0090 - 03 03 00 01 01 16 03 03-00 60 c4 1b f4 c4 16 1b   .........`......
00a0 - 71 23 30 ff 2f 4e a3 9a-2c b1 aa 0a 44 c0 7f 12   q#0./N..,...D...
00b0 - 73 0c c8 67 3b 6d 2f cf-6c 6d 14 9d 73 e1 a1 80   s..g;m/.lm..s...
00c0 - 1c 80 76 f4 ac 58 91 e1-11 64 80 c7 36 2f db 08   ..v..X...d..6/..
00d0 - 0c 48 3d 5e dc c3 42 98-20 43 99 28 41 72 56 cd   .H=^..B. C.(ArV.
00e0 - fe ad 43 18 85 e5 51 df-ca 57 8e ce 19 50 a0 ae   ..C...Q..W...P..
00f0 - dc 87 fc f6 70 8b 74 55-d5 97                     ....p.tU..
read from 0x170e4205f90 [0x170e4227e33] (5 bytes => 5 (0x5))
0000 - 14 03 03 00 01                                    .....
read from 0x170e4205f90 [0x170e4227e38] (1 bytes => 1 (0x1))
0000 - 01                                                .
read from 0x170e4205f90 [0x170e4227e33] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 60                                    ....`
read from 0x170e4205f90 [0x170e4227e38] (96 bytes => 96 (0x60))
0000 - f9 5f 43 6b bc c7 b0 3f-d9 5c 08 98 a3 df 4e 5c   ._Ck...?.\....N\
0010 - f9 e0 9e 63 a9 41 7e 0f-86 7f ce 48 e1 9b b4 5c   ...c.A~....H...\
0020 - d1 69 e6 0c 88 fd 67 31-40 28 9a cf fa d8 5a 71   .i....g1@(....Zq
0030 - 22 c3 02 5e 79 fd a9 02-41 75 3c 1c 61 d2 b1 d8   "..^y...Au<.a...
0040 - 3a 65 d0 8b 45 2e d2 db-5d 17 78 22 82 43 9c 7b   :e..E...].x".C.{
0050 - 64 9e 69 4f 6b 70 8f 51-ae d8 85 c3 6d 7c 6a d0   d.iOkp.Q....m|j.
---
Certificate chain
 0 s:CN = ns0.ovh.net
   i:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Sep  2 00:00:00 2021 GMT; NotAfter: Sep  2 23:59:59 2022 GMT
 1 s:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
   i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA384
   v:NotBefore: Nov  2 00:00:00 2018 GMT; NotAfter: Dec 31 23:59:59 2030 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHQTCCBimgAwIBAgIRANxQdIj/t6ezjFZof+9w6y4wDQYJKoZIhvcNAQELBQAw
gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE
AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0yMTA5MDIwMDAwMDBaFw0yMjA5MDIyMzU5NTlaMBYxFDASBgNVBAMTC25z
MC5vdmgubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2MteQgus
njU5FQtw2Jhi8HHfr+8vnTPfNQJTuE63Lv+KDk1/t7FeFXx9hIVvZHDC9WIIv6WL
f6Fc2Ylg7duH+681ucK2OzjyN/x4PdRzqZtnLh9HpxI3PU9HcLDXjcHYYIk7Fo8E
YVNRw+e2k5L+9GHS5pHlmuQzZT+vD4odPhx6Xx6TvIdYNBEEfMIuilfyRVqKBb1x
DFjeTdwHlmcuv4+qPOZMlsq/LOY+gI4KZP9clhy5sAErYS+2iH/1VPbpkk6vXrQy
36XSGTFwWIxtvjJIHefEfAsrNHWjrQ4eZKleqlJoCJjp5qVMwaggTfSqGFCDgtkU
rmoPBPIoSNDCS8wrDwnGRu2d3Uur/3XixiG1h/NwIU7yqswn/llXAHjiCdM2xTbb
d4dvRxIcQN55oKMUR0012B45n+lCNzyBScfqVJ4h1lV6vFBzPuxJZieHy5tHgV5O
SX7/r+UopTaZpVVll2mDmRRt/IM1jUe90hP21ULoQveCmRW7tztEmH0yOYbayrbY
u73srPKvsLqKUBeDX5/pn2PI+vHNiJi0BPfJRsh6KAzarWH64xZDj6NcxMcl/9Dp
MdBIkUPQriAiTIDn8k1Fu9MNYQogEeF57yNSN9624RTK929Gbh5B183WiF9cggq5
c9fY+EJXsP06NwuaSkSM5RyFWkjmKyr5iO0CAwEAAaOCAw4wggMKMB8GA1UdIwQY
MBaAFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBQbvx8p97CROeW5MajT
hNUAbWudHDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAl
MCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEw
gYQGCCsGAQUFBwEBBHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdv
LmNvbS9TZWN0aWdvUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNy
dDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wggF+BgorBgEE
AdZ5AgQCBIIBbgSCAWoBaAB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw
/m1HAAABe6bwPPMAAAQDAEcwRQIhAOpqxeW8bzFWqjcZlpSBVDlF5iYQLy1m4/pR
iKCc0SLlAiAbSFveGBJKwIStW8dP3nwTI0LwtsoEKgeNqRsMirvl+wB2AEHIyrHf
IkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABe6bwPLIAAAQDAEcwRQIgZjfe
f0agPmz1hfStpLWThNDhfY10YkcmnduYTnjwDRQCIQCbKUX6hZlgp3PrXoELtoZK
vYuxu0HxpL7OjNsuiBP8iAB2ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwl
XceEAAABe6bwPJYAAAQDAEcwRQIhAIG7f00MdQNGrrJqtwm2MmHDag5AaFK1ysz8
3Dh77M4BAiAlpOn4qnDRDSe+yb5HCEv0RSdfg4dJELlXiok/K55yxjA3BgNVHREE
MDAuggtuczAub3ZoLm5ldIIRc210cC5tYWlsLm92aC5uZXSCDHNzbDAub3ZoLm5l
dDANBgkqhkiG9w0BAQsFAAOCAQEAhFdWgq/ceAmG+FI59U6TYyAizSEnoyps6TWr
NB46ogdzfIo6qpI0GPbdE2GTUkGzieS0Gb3ngO81ld9FWosBkM7AlmZ6TkpqbgrH
Z1Uw11warHnuKMSzM6KE/VYvxQyW9PyIH0XArBdCZKOEuOpts+eO3Kfjp+rhdMei
4uaj11IYCMgGJgLJ8y57cLF2M8XGvJ99RsMGcbeuR78qFZTSbpSC/Z37fxzp22MK
wzs1fQGQWGw4zkqDvb79QXRWAXUvoLkMNp6Io1EZLYdCe0i3x5VLwC2K37G0k2zh
maTXxNu8Qvl3W3ngViVAelq1CLOMOLI+ov4mvIrjXL5LlxwsCg==
-----END CERTIFICATE-----
subject=CN = ns0.ovh.net
issuer=C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, secp521r1, 521 bits
---
SSL handshake has read 4505 bytes and written 601 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-SHA384
    Session-ID: 331D0000255C380FF422108BA7A80D3999BF04B38174D26ECD239BD4BB26A2E2
    Session-ID-ctx:
    Master-Key: 390810FDA95F70A43208D9125787F33EDDFF5FCCCA644B7526D85098F11D2982C2AC0F8C6F391C77A7F60014C2BC0627
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1647982658
    Timeout   : 7200 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
    Extended master secret: yes
---
250 8BITMIME
mathe42 commented 2 years ago

Note this line

verify error:num=20:unable to get local issuer certificate

And the used cipher ECDHE-RSA-AES256-SHA384 I will check if these have inpact into deno.

mathe42 commented 2 years ago

Cipher looks good.

louiszgn commented 2 years ago

A certificate that looks like this one is mentionned in this issue. The error seems to come from rustls.

louiszgn commented 2 years ago

We can see in this article that TLS1.3 use exclusively it's new ciphersuites but the rustls github repo show that they supposed to support TLS1.2 ...

mathe42 commented 2 years ago

Yes they only support a "more secure" subset of TLS1.2. But the only way this will work if the mail provider changes the certificate...

louiszgn commented 2 years ago

So the only way to solve this problem is to ask OVH to update their certificates?

mathe42 commented 2 years ago

Yep... Sorry about that...

louiszgn commented 2 years ago

You help me a lot, I could never have made it this far without your help! I will try to contact OVH, maybe it will work 😅

mathe42 commented 2 years ago

I learned a lot with this issue too... I will close it and add a comment in the readme about it.

louiszgn commented 2 years ago

Update By following theses instructions I add the .platform folder and the routes.yaml file in my OVH server with this in it :

"https://{default}/":
    type: upstream
    upstream: "app:http"
    tls:
      min_version: TLSv1.2

  "https://www.{default}/":
    type: redirect
    to: "https://{default}/"

Now some mails are sent but for the majority I get this error:

TLS alert received: AlertMessagePayload {
    level: Fatal,
    description: ProtocolVersion,
}
InvalidData: received fatal alert: ProtocolVersion

The function used is client.connectTLS() and the port is 465

louiszgn commented 2 years ago 
2 mails sent on 10 tries
┌───────┬─────────┬─────────────────────────────────────────┐
│ (idx) │ success │ message                                 │
├───────┼─────────┼─────────────────────────────────────────┤
│     0 │ false   │ "received fatal alert: ProtocolVersion" │
│     1 │ false   │ "received fatal alert: ProtocolVersion" │
│     2 │ false   │ "received fatal alert: ProtocolVersion" │
│     3 │ false   │ "received fatal alert: ProtocolVersion" │
│     4 │ false   │ "received fatal alert: ProtocolVersion" │
│     5 │ false   │ "received fatal alert: ProtocolVersion" │
│     6 │ true    │ "Mail sent"                             │
│     7 │ true    │ "Mail sent"                             │
│     8 │ false   │ "received fatal alert: ProtocolVersion" │
│     9 │ false   │ "received fatal alert: ProtocolVersion" │
└───────┴─────────┴─────────────────────────────────────────┘
1 mails sent on 10 tries
┌───────┬─────────┬─────────────────────────────────────────┐
│ (idx) │ success │ message                                 │
├───────┼─────────┼─────────────────────────────────────────┤
│     0 │ true    │ "Mail sent"                             │
│     1 │ false   │ "received fatal alert: ProtocolVersion" │
│     2 │ false   │ "received fatal alert: ProtocolVersion" │
│     3 │ false   │ "received fatal alert: ProtocolVersion" │
│     4 │ false   │ "received fatal alert: ProtocolVersion" │
│     5 │ false   │ "received fatal alert: ProtocolVersion" │
│     6 │ false   │ "received fatal alert: ProtocolVersion" │
│     7 │ false   │ "received fatal alert: ProtocolVersion" │
│     8 │ false   │ "received fatal alert: ProtocolVersion" │
│     9 │ false   │ "received fatal alert: ProtocolVersion" │
└───────┴─────────┴─────────────────────────────────────────┘
mathe42 commented 2 years ago

I have no idea why this happens... only thing I can think of is that there is a protocol missmatch wich only happens some times depending on some random values needed for the TCP handshake but no idea if thats true or how to fix it...

mathe42 commented 2 years ago

Thinking about it....

Could you provide full logs (with the debug options) for 1 failed and 1 sucessfull try? And use the latest version 0.11.0 (released yesterday with better logging)

louiszgn commented 2 years ago

This is a part of the debug output for a succesful email :

220 GARM-102R004 Wednesday, March 23, 2022
┌───────┬────────────────┐
│ (idx) │ Values         │
├───────┼────────────────┤
│     0 │ "EHLO"         │
│     1 │ "ssl0.ovh.net" │
└───────┴────────────────┘
250-OVH SMTP PROXY Hello
250-SIZE 104857600
250-ENHANCEDSTATUSCODES
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
┌───────┬─────────┐
│ (idx) │ Values  │
├───────┼─────────┤
│     0 │ "AUTH"  │
│     1 │ "LOGIN" │
└───────┴─────────┘
...
250 2.0.0 Ok: queued as 219E428712F4B

The failed mails only send me this error without logs :

TLS alert received: AlertMessagePayload {
    level: Fatal,
    description: ProtocolVersion,
}
InvalidData: received fatal alert: ProtocolVersion
    at async read (deno:ext/net/01_net.js:24:19)
    at async BufReader.#fill (https://deno.land/std@0.129.0/io/buffer.ts:323:18)
    at async BufReader.readSlice (https://deno.land/std@0.129.0/io/buffer.ts:609:9)
    at async BufReader.readLine (https://deno.land/std@0.129.0/io/buffer.ts:497:14)
    at async TextProtoReader.readLineSlice (https://deno.land/std@0.129.0/textproto/mod.ts:131:11)
    at async TextProtoReader.readLine (https://deno.land/std@0.129.0/textproto/mod.ts:33:15)
    at async SmtpClient.readCmd (https://deno.land/x/denomailer@0.11.0/smtp.ts:383:20)
    at async SmtpClient.#connect (https://deno.land/x/denomailer@0.11.0/smtp.ts:313:21)
    at async SmtpClient.connectTLS (https://deno.land/x/denomailer@0.11.0/smtp.ts:59:5)

Tell me if you need more

mathe42 commented 2 years ago

OK so sometimes TLS works sometimes not. That is nothing I can do to fix it so closing it. For new problems please create a new issue.