Create a client which understands the POP3S protocol, which is POP3 as described in RFC 1939, but secured with TLS. We will use a direct, secure connection to port 995 rather than the STARTTLS command, despite RFC 1939 recommending it against it. (It's supported and simpler.) Use the Cleansocks interface to create your program. The POP3 protocol is used by mail readers to download mail from a mail server. Your program should follow the protocol, so it should work with any pop3 server.
You are to write a program which takes the name of a POP3 server machine on the command line, connects to it on port 995 (the POP3S service). The program asks for credentials and logs into the given email account, and lists the messages in the mailbox. For this assignment, we'll just print the result of the POP LIST command, which is actually not very informative. (We'll do a better job next time.) It should also log all transactions with the server. Looks like this:
To test your program, you will need a test email account which supports POP3S. GMail does, which makes it the obvious choice, but any such service should work fine. (That's the joy of standards.) You probably don't want to use your regular email account for this; you will want to sign up for a separate account for testing. Then send it a few messages from your real account so you have something to list. The POP service is not enabled by default, so you have to sign in to your mail box, find the configure menu, and turn POP on. From the GMail web page, settings is under the (now usual) cog wheel icon, which appears near the upper right. From the drop-down, pick settings, then go to the tab “Forwarding and POP/IMAP.” Enable POP, then scroll to the bottom and save.
Once you have an account to play with, send some messages there. Then you might want to test that the pop is working using the openssl program. (You can run it from Sandbox if you don't have it installed.) Something like this:
Your program should perform the following steps, always printing both the command it sends to the server, and the response from the server.
The above assumes that all commands sent to the server are successful. If any fails, the server will return a message with a dash (-) as the first character. If that happens, after printing the line, send a QUIT, print the response, close and exit. If you get a networking error (cleansocks will throw and exception), you should close and exit. Send QUIT first if possible.
Build your client using the Cleansocks library. You will want to use cleantlsc to create a secure layer after connecting to the server. You may also want to use the buffered_socket since the POP protocol is line-oriented.
Your exchange with the server will involve a series of sending a request and reading a response. You will need to print each of these strings, as well as transmitting and receiving them. Also, you need to check the first character of each response to see if it is a + (ok) or a - (error). Break down and make a function to do this.
As you can see from the log above, my solution does not display the password, either when entered or when the command sent to the server is echoed. You are not required to do this, but it is much nicer, and any serious application would make some effort not to print the password.
For echoing the password, I simply made a special case when echoing the password command, and printed some stars instead of the password text on the echo. (Obviously, I sent the actual password to the server.)
For reading the password without echo, you might want to use the getpass function. In Linux, you can just use it. (It is marked obsolete in the documentation, but I'll stop using it when they add a replacement.) The getpass, function will read the password in the command window without it being displayed on the screen.
Getpass is standard on Linux. There a Windows version here: header and implementation. Don't add this code to your source file, but download them and add the files to our CodeBlocks project. Then add #include "getpass.h" to your program. CleanSocks will build them correctly.
The output of this function is admittedly somewhat boring. We'll be doing a bit more in the next assignment.