php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #19522 open_imap() fails on an IMAP server capable of TLS
Submitted: 2002-09-20 08:05 UTC Modified: 2002-09-22 18:33 UTC
From: andrew-php at andrew dot net dot au Assigned:
Status: Not a bug Package: IMAP related
PHP Version: 4.2.3 OS: Linux
Private report: No CVE-ID: None
 [2002-09-20 08:05 UTC] andrew-php at andrew dot net dot au
Hi,

I've got UW imapd running on the loopback interface on tcp/143 running plain old IMAP.

When I try to connect using imap_open(), (and watch using tcpdump) I see the IMAP server spit out it's banner, which includes STARTTLS in the capabilities, and then I see a STARTTLS get issued. The imap_open() then seems to get confused with the TLS stream and says it couldn't open the stream.

I'm using the Debian PHP4 package, it was compiled with:

'../configure' '--prefix=/usr' '--with-apxs=/usr/bin/apxs' '--with-regex=php' '--with-config-file-path=/etc/php4/apache' '--disable-rpath' '--disable-debug' '--enable-memory-limit' '--with-layout=GNU' '--enable-calendar' '--enable-sysvsem' '--enable-sysvshm' '--enable-track-vars' '--enable-trans-sid' '--enable-bcmath' '--with-bz2' '--enable-ctype' '--with-db2' '--with-iconv' '--enable-exif' '--enable-filepro' '--enable-ftp' '--with-gettext' '--enable-mbstring' '--with-pcre-regex=/usr' '--enable-shmop' '--enable-sockets' '--enable-wddx' '--disable-xml' '--with-expat-dir=/usr' '--enable-yp' '--with-zlib' '--without-pgsql' '--with-openssl=/usr' '--disable-static' '--with-curl=shared,/usr' '--with-dom=shared,/usr' '--with-zlib-dir=/usr' '--with-gd=shared,/usr' '--with-jpeg-dir=shared,/usr' '--with-xpm-dir=shared,/usr/X11R6' '--with-png-dir=shared,/usr' '--with-freetype-dir=shared,/usr' '--with-imap=shared,/usr' '--with-imap-ssl' '--with-ldap=shared,/usr' '--with-mcal=shared,/usr' '--with-mhash=shared,/usr' '--with-mm' '--with-mysql=shared,/usr' '--with-unixODBC=shared,/usr' '--with-recode=shared,/usr' '--enable-xslt' '--with-xslt-sablot=shared,/usr' '--with-snmp=shared' '--enable-ucd-snmp-hack' '--with-sybase-ct=shared,/usr' '--with-ttf=shared,/usr' '--with-t1lib=shared,/usr'

and includes IMAP SSL support.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-09-20 08:08 UTC] sniper@php.net
Please give the full imap_open() line..

 [2002-09-20 08:32 UTC] andrew-php at andrew dot net dot au
The imap_open() call is:

imap_open("{localhost:143}", $username, $password);
 [2002-09-20 12:48 UTC] sniper@php.net
Look in this page for how you can pass some extra
authentication parameters:

http://www.php.net/manual/en/function.imap-open.php

Something like this should work:

 imap_open("{localhost:143/imap/tls}", $username,$password);

The c-client must of course be compiled with the ssl support..


 [2002-09-20 12:50 UTC] sniper@php.net
This might also be one to try:
   imap_open("{localhost:143/imap/tls/novalidate-cert}",$username,$password);

 [2002-09-21 20:29 UTC] andrew-php at andrew dot net dot au
Using the

imap_open("{localhost:143/imap/tls/novalidate-cert}",$username,$password);

modifiers has worked around the problem. Thankyou very much. The Debian package maintainer thinks the underlying problem is with the libc-client deciding to negotiate TLS if it sees that capability, which obviously has unexpected results if it's not expecting a TLS connection.
 [2002-09-22 10:36 UTC] sniper@php.net
It's c-client thing, like I suspected.
And not really bug, iirc. 

 [2002-09-22 18:33 UTC] andrew-php at andrew dot net dot au
Actually, for the record (and the next poor schmuck that gets bitten by this)

imap_open("{localhost:143/imap/notls}",$username,$password
);

is probably the best way to ensure the same behavior as before.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 08:01:28 2024 UTC