[horde] After upgrading to PHP 5.6 RC 4 IMAP and SMTP with TLS breaks

Andy Dorman adorman at ironicdesign.com
Mon Aug 25 12:51:38 UTC 2014


On 08/24/2014 10:51 PM, Michael M Slusarz wrote:
> Quoting Andy Dorman <adorman at ironicdesign.com>:
>
>> On 08/24/2014 09:19 PM, Michael M Slusarz wrote:
>>> Quoting Andy Dorman <adorman at ironicdesign.com>:
>>>
>>>> On 08/24/2014 02:39 PM, Henning wrote:
>>>>> Hi all,
>>>>>
>>>>> after having upgraded to php 5.6 rc 4 I get weird errors trying to
>>>>> connect
>>>>> to imap with tls (worked before) and as well with smtp with tls.
>>>>>
>>>>> I get a
>>>>> WARN: HORDE [imp] PHP ERROR: fgets(): SSL read operation timed out
>>>>> [pid
>>>>> 19086 on line 153 of
>>>>> "/usr/share/php/Horde/Imap/Client/Socket/Connection/Socket.php"]
>>>>> 2014-08-24T21:36:21+02:00 WARN: HORDE [imp] [listMailboxes] Mail
>>>>> server
>>>>> closed the connection unexpectedly. [pid 19086 on line 732 of
>>>>> "/var/www/xxx/imp/lib/Imap.php"]
>>>>>
>>>>> Turning off TLS for IMAP fixes that.
>>>>>
>>>>> Regards
>>>>>
>>>>> Henning
>>>>>
>>>>
>>>> I am seeing the similar behavior with Horde 5.2.1 & IMP 6.2.1 after
>>>> updating from PHP 5.6 RC3 to PHP 5.6 RC4 (Debian) today.  After the
>>>> update I see these log entries for Horde and Cyrus IMAP and Imp
>>>> reports a problem communicating with the server.
>>>>
>>>> 2014-08-24T15:00:54.802509-05:00 yorick HORDE: [imp] PHP ERROR:
>>>> fgets(): SSL read operation timed out [pid 32642 on line 153 of
>>>> "/usr/share/php/Horde/Imap/Client/Socket/Connection/Socket.php"]
>>>>
>>>> 2014-08-24T15:01:54.613974-05:00 yorick HORDE: [imp] PHP ERROR:
>>>> fgets(): SSL read operation timed out [pid 14455 on line 153 of
>>>> "/usr/share/php/Horde/Imap/Client/Socket/Connection/Socket.php"]
>>>>
>>>> 2014-08-24T15:01:54.615668-05:00 yorick HORDE: [imp] [listMailboxes]
>>>> Mail server closed the connection unexpectedly. [pid 14455 on line 732
>>>> of "/usr/share/horde/imp/lib/Imap.php"]
>>>>
>>>>
>>>> 2014-08-24T15:02:00.272601-05:00 yorick cyrus/imap[14427]: accepted
>>>> connection
>>>> 2014-08-24T15:02:00.280259-05:00 yorick cyrus/imap[14427]:
>>>> imapd:Loading hard-coded DH parameters
>>>> 2014-08-24T15:02:00.282538-05:00 yorick cyrus/imap[14427]: TLS Server
>>>> Name Indication (SNI) Extension: "yorick.ironicdesign.com"
>>>> 2014-08-24T15:02:00.285695-05:00 yorick cyrus/imap[14427]:
>>>> SSL_accept() incomplete -> wait
>>>> 2014-08-24T15:02:00.324498-05:00 yorick cyrus/imap[14427]:
>>>> SSL_accept() succeeded -> done
>>>> 2014-08-24T15:02:00.324568-05:00 yorick cyrus/imap[14427]: starttls:
>>>> TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits new) no
>>>> authentication
>>>>
>>>> 2014-08-24T15:02:30.396988-05:00 yorick HORDE: [imp] PHP ERROR:
>>>> fgets(): SSL read operation timed out [pid 14453 on line 153 of
>>>> "/usr/share/php/Horde/Imap/Client/Socket/Connection/Socket.php"]
>>>>
>>>> 2014-08-24T15:02:30.398703-05:00 yorick HORDE: [imp] [openMailbox]
>>>> Mail server closed the connection unexpectedly. [pid 14453 on line 732
>>>> of "/usr/share/horde/imp/lib/Imap.php"]
>>>>
>>>> If I turn TLS off with $servers ['advanced']['secure'] = false;
>>>> everything works fine.
>>>>
>>>> I confirmed that the only changes to our php.ini was to reset the
>>>> max_upload_filesze to 2MB and it set expose_php = off.
>>>>
>>>> I opened ticket # 1349 for this.
>>>
>>> It's actually Bug #13491.  And as reported in that bug, this appears to
>>> be a regression in PHP and unrelated to Horde code.
>>>
>>> michael
>>>
>>
>> Right, did not think it was a Horde/imp issue as everything was
>> working fine till we updated to PHP 5.6 RC4+dfsg-4.  Then PHP client
>> tls stopped working.
>>
>> I was hoping that again PHP had perhaps changed a default behavior
>> like they did a month ago when you had to update
>> Horde/Socket/Client.php to default to setting verify_peer and
>> verify_peer_name false. Alas, not this time.
>
> If you have time, you might want to try playing around with this code in
> the Horde\Socket\Client object:
>
>          stream_set_timeout($this->_stream, $timeout);
>
>          if (function_exists('stream_set_read_buffer')) {
>              stream_set_read_buffer($this->_stream, 0);
>          }
>          stream_set_write_buffer($this->_stream, 0);
>
> (This is right below the 'verify_peer' code that was changed for PHP 5.6
> previously).  Uncommenting various combos of these lines might be a
> useful exercise - if it fixes the problem, it will be much easier to
> produce a meaningful error report upstream.
>
> michael
>

Michael, I will  be happy to try it.  And thank you for being so 
amazingly helpful.

-- 
Andy Dorman



More information about the horde mailing list