php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #27017 imap_open() fails when php is built with ssl
Submitted: 2004-01-23 01:53 UTC Modified: 2004-08-07 10:02 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: jjb at bcc dot com Assigned:
Status: Closed Package: Documentation problem
PHP Version: Irrelevant OS: solaris 9
Private report: No CVE-ID: None
 [2004-01-23 01:53 UTC] jjb at bcc dot com
Description:
------------
imap_open fails:

alpha# php /tmp/login.php      

Warning: imap_open(): Couldn't open stream {localhost:143}INBOX in /tmp/login.php on line 3


Reproduce code:
---------------
<?php

if($imap = imap_open("{localhost:143}INBOX", "junk", "junk")) {
        print("OK\n");
}

?>


Expected result:
----------------
when i recompile php without this line:

--with-imap-ssl=/usr/local/ssl


alpha# php /tmp/login.php
OK


Actual result:
--------------
see above.

imap is imap-2004.RC4

all my imap client software works connecting
to this server, on both ports 143 and 995


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-01-23 02:00 UTC] sniper@php.net
What was the FULL configure line?
How was the c-client compiled? (mainly I'm interested if you compiled it with SSL support or not..)

 [2004-01-23 02:10 UTC] jjb at bcc dot com
this is the configure command for php:

./configure                                     \
        --enable-discard-path                   \
        --enable-force-cgi-redirect             \
        --enable-ftp                            \
        --enable-shared                         \
        --enable-sockets                        \
        --enable-static                         \
        --enable-sysvsem                        \
        --enable-sysvshm                        \
        --enable-track-vars                     \
        --with-apache2                          \
        --with-apxs2=/usr/local/apache2/bin/apxs\
        --with-bz2=/usr/local                   \
        --with-gdbm=/usr/local                  \
        --with-gettext=/usr/local               \
        --with-imap-ssl=/usr/local/ssl          \
        --with-imap=/var/src/mail/imap-2004.RC4 \
        --with-iodbc=/usr/local                 \
        --with-jpeg-dir=/usr/local              \
        --with-ldap=/usr/local/openldap         \
        --with-mysql=/usr/local/mysql           \
        --with-ncurses=/usr/local               \
        --with-openssl=/usr/local/ssl           \
        --with-png-dir=/usr/local               \
        --with-readline                         \
        --with-thread-safe-client               \
        --with-zlib-dir=/usr/local

here's the command to build uw-imap:
make gso PASSWDTYPE=pmb SSLTYPE=unix
 [2004-01-23 02:29 UTC] sniper@php.net
Add this as first line in your script:

error_reporting(E_ALL);

And check what errors you get then.

 [2004-01-23 02:33 UTC] jjb at bcc dot com
alpha# php /tmp/login.php                    

Warning: imap_open(): Couldn't open stream {localhost:143}INBOX in /tmp/login.php on line 5


Notice: (null)(): Certificate failure for localhost: Server name does not match certificate: /C=US/ST=California/L=Solana Beach/O=BCC/OU=Internet Mail and Web Services/CN=alpha.bcc.com (errflg=2) in Unknown on line 0
 [2004-01-23 02:39 UTC] sniper@php.net
This is actually documentation problem.

When imap extension is build with SSL support, the connection defaults to using SSL..

All the additional protocol specfications should be described on imap_open() page, here's cut'n' paste from the c-client docs (naming.txt):

III. Remote names

All names which start with "{" are remote names, and are in the form
        "{" remote_system_name [":" port] [flags] "}"  [mailbox_name]
where:
 remote_system_name     Internet domain name or bracketed IP address
                         of server.
 port                   optional TCP port number, default is the
                         default port for that service          
 flags                  optional flags, one of the following:
  "/service=" service   mailbox access service, default is "imap"
  "/user=" user         remote user name for login on the server
  "/authuser=" user     remote authentication user; if specified this
                         is the user name whose password is used (e.g.
                         administrator)
  "/anonymous"          remote access as anonymous user
  "/debug"              record protocol telemetry in application's
                         debug log
  "/secure"             do not transmit a plaintext password over
                         the network
  "/imap", "/imap2", "/imap2bis", "/imap4", "/imap4rev1"
                        equivalent to /service=imap
  "/pop3"               equivalent to /service=pop3
  "/nntp"               equivalent to /service=nntp
  "/norsh"              do not use rsh or ssh to establish a preauthenticated
                         IMAP session
  "/ssl"                use the Secure Socket Layer to encrypt the session
  "/validate-cert"      validate certificates from TLS/SSL server (this is the
                         default behavior)
  "/novalidate-cert"    do not validate certificates from TLS/SSL server,
                         needed if server uses self-signed certificates
  "/tls"                force use of start-TLS to encrypt the session, and
                         reject connection to servers that do not support it
  "/notls"              do not do start-TLS to encrypt the session, even
                         with servers that support it
  "/readonly"           request read-only mailbox open (IMAP only; ignored
                         on NNTP, and an error with SMTP and POP3)
 mailbox_name           remote mailbox name, default is INBOX

For example:
        {imap.foo.com}INBOX
opens an IMAP connection to system imap.foo.com and selects INBOX.



 [2004-01-23 02:50 UTC] sniper@php.net
Correct remote name in your case is:

{localhost:143/notls}INBOX
 [2004-01-23 02:56 UTC] jjb at bcc dot com
thanks for the docs!  i changed "localhost" to match the name in the cert.  next, php barks when the cert is self-signed, so i used a couple of the flags.

imap_open("{alpha.bcc.com:143/imap4rev1/novalidate-cert}INBOX",...


this is working.  thanks for the help!
 [2004-08-07 10:02 UTC] vrana@php.net
This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.

List of flags was added.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Mon Oct 18 21:03:39 2021 UTC