noxxi / p5-io-socket-ssl

IO::Socket::SSL Perl Module
36 stars 62 forks source link

SSL Handshake fails with smtp.office365.com #128

Closed filipecustodio closed 1 year ago

filipecustodio commented 1 year ago

SSL Handshake is failing with error "local error: hostname verification failed". Reproduced in Mac OS and Linux using Net::SMTPS and the following command line: perl -e "use Net::SMTPS; Net::SMTPS->new( 'smtp.office365.com', Port => 587, doSSL => 'starttls', Debug_SSL => 3 )"

Fails consistently under current version 2.081 , works with 2.075.

Best regards, Filipe Custódio

noxxi commented 1 year ago

Due to the way how Net::SMTPS works it never gave the hostname for verification to IO::Socket::SSL. Until version 2.078 of IO::Socket::SSL hostname validation was disabled in this case, with 2.078 it started to verify the IP address against the certificate since hostname validation is actually crucial.

The real fix would be for Net::SMTPS to provide the hostname for certificate validation. I'm not sure if Net::SMTPS is maintained anymore since the functionality it provides is included in the Perl CORE module Net::SMTP since several years. So I recommend to use this instead:

use Net::SMTP;
my $smtp = Net::SMTP->new('smtp.office365.com', Port => 587, Debug => 1);
$smtp->starttls;
filipecustodio commented 1 year ago

Dear Steffen, I finally got back to this problem. Your suggestion to use Net::SMTP instead worked perfectly! Thank you!