I can duplicate your problem with Debian Wheezy with Python 2.7.3 which uses the exact same OpenSSL version you report. I captured packets with Wireshark and there is a successful TLS handshake and some data is exchanged. Shortly after that however, the client end gets unhappy with something the server sends and closes the connection.
I was able to work around the issue by using SSL3 instead of TLS. I couldn't figure out how to patch a library method in Python so that other libraries that used it would behave differently, so I just made my own local copy of smtplib
.
I copied the 2.7 version of smtplib
(click on the raw link to download) and changed one line:
self.sock = ssl.wrap_socket(self.sock, keyfile, certfile)
to
self.sock = ssl.wrap_socket(self.sock, keyfile, certfile, ssl_version=ssl.PROTOCOL_SSLv3)
Then with the edited file in my local directory I get:
Python 2.7.3 (default, Jan 2 2013, 13:56:14)
[GCC 4.7.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import smtplib
>>> s = smtplib.SMTP()
>>> s.connect('smtp.live.com:587')
(220, 'BLU0-SMTP418.blu0.hotmail.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Wed, 3 Jul 2013 09:59:32 -0700')
>>> s.ehlo()
(250, 'BLU0-SMTP418.blu0.hotmail.com Hello [24.143.227.254]
TURN
SIZE 41943040
ETRN
PIPELINING
DSN
ENHANCEDSTATUSCODES
8bitmime
BINARYMIME
CHUNKING
VRFY
TLS
STARTTLS
OK')
>>> s.starttls()
(220, '2.0.0 SMTP server ready')
>>> s.ehlo()
(250, 'BLU0-SMTP418.blu0.hotmail.com Hello [24.143.227.254]
TURN
SIZE 41943040
ETRN
PIPELINING
DSN
ENHANCEDSTATUSCODES
8bitmime
BINARYMIME
CHUNKING
VRFY
AUTH LOGIN PLAIN
OK')
>>> s.login('[email protected]','MyPaSsW0rD')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "smtplib.py", line 615, in login
raise SMTPAuthenticationError(code, resp)
smtplib.SMTPAuthenticationError: (535, '5.0.0 Authentication Failed')
>>>
I don't have a valid Hotmail account so I can't get past here, but there is no longer an SSL error.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…