[imp] how to get IMP to STARTTLS

Curtis Doty Curtis@GreenKey.net
Sun, 24 Mar 2002 18:42:02 -0800

Previous message: [imp] problem with login screen with IMP 3.1 RC1 (and horde 2.1 RC1) installed
Next message: [imp] how to get IMP to STARTTLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> But tried a dozen combinations on 'protocol' => 'yada/yada' to no
>> avail.
>
>So, sounds like you want /imap/ssl/novalidate-cert.

Actually I want STARTTLS...which is different from imaps (imap over ssl
tunnel).

With imap/ssl/novalidate-cert:
IMAP Response: * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS
LOGINDISABLED]
IMAP Request: \200z\001\003\001\000Q\000\000\000
\000\000\026\000\000\023\000\000
Which is bogus on port 143, since the daemon did not get a STARTTLS.

With imap4rev1 on port 143:
IMAP Response: * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS
LOGINDISABLED]
IMAP Request: 00000000 LOGOUT
Which is legit IMAP, but IMP/PHP just gives up?! Why?

>From what I understand, the conversation should look like this:
IMAP Response: * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS
LOGINDISABLED]
IMAP Request: 00000000 STARTTLS
IMAP Response: 00000000 OK STARTTLS completed
At which point it negotiates a new secured CAPABILITY:
IMAP Request: \026\003\001\000S\001\000\000O\003\yada\yada

So I presume I should use imap/tls/novalidate-cert or maybe imap/secure,
but IMP drops that request into a black hole and the IMAP server never
sees a single SYN.

../C

Previous message: [imp] problem with login screen with IMP 3.1 RC1 (and horde 2.1 RC1) installed
Next message: [imp] how to get IMP to STARTTLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]