[imp] upgrade broke imp 2.2.7

Dave Kennel dkennel@wilcoxpress.com
13 Sep 2002 08:44:33 -0400

Previous message: [imp] upgrade broke imp 2.2.7
Next message: [imp] upgrade broke imp 2.2.7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I fixed this problem by editing a line in horde/lib/horde.lib. Search on
$connstr. You should find a series of functions for horde to access data
from pop, nntp and imap connections.

You want to edit the line that reads: (the following should all be on
one line).

$connstr = '{' . $this->server . ':' . $this->port . '}' .
imap_utf7_encode($this->mailbox);

Change this to read:

$connstr = '{' . $this->server . ':' . $this->port . '/novalidate-cert}'
. imap_utf7_encode($this->mailbox);

The problem is that Red Hat changed their PHP packages so that they
attempt to use a secure port by default and if you don't have a valid
cert from a known CA (because you're just using a self signed cert for
encryption but not authentication for example) then the cert lookup
fails and login is denied. /novalidate-cert tells horde not to bother
checking the validity of the certificate. HOWEVER if you are connecting
to multiple mail servers and are relying on this security layer to
authenticate one of the servers you use then DON'T fix this issue this
way as no certs will be checked from horde leaving you open to spoofing
attacks. 

On Thu, 2002-09-12 at 21:12, Eric Rostetter wrote:
> Quoting Ed Weinberg <edw@q5comm.com>:
> 
> > I have a server running rh7.2 and imp 2.2.7.  A recent upgrade of php
> > broke Imp.
> 
> Probably because the c-client in the new php is using tsl.
> 
> > The upgrade produced a new /etc/php.ini.rpmnew file.  I am guessing that
> > change is what did it.
> 
> Probably not.
> 
> > What is the difference between the "optimized" php.ini and the one that
> > was distributed with the original program?
> 
> The optimized version will break Horde/IMP so don't use it.  Search
> the archives for the last week or so, as someone else had this problem
> and solved it.  The solution is to connection as "imap/notls" instead
> of "imap" which is very easy in IMP 3.x, but rather difficult in IMP 2.x
> versions.
> 
> There's a 99% chance this is your problem, and the solution is in the
> recent list archives.
> 
> > --
> > Ed Weinberg
> >   Q5 Comm, LLC
> >   T 914.713.7222
> >   F 914-713-7227
> 
> 
> -- 
> Eric Rostetter
> The Department of Physics
> The University of Texas at Austin
> 
> "TAD (Technology Attachment Disorder) is an unshakable, impractical devotion
> to a brand, platform, product line, or programming language. It's relatively
> harmless among the rank and file, but when management is afflicted the damage
> can be measured in dollars. It's also contagious -- someone with sufficient
> political clout can infect an entire organization."
> 
> --"Enterprise Strategies" columnist Tom Yager.
> 
> -- 
> IMP mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe@lists.horde.org
-- 
Dave Kennel
Database/Network Administrator
Wilcox Press, Inc.
ph: 607-272-1212 ext. 125

Previous message: [imp] upgrade broke imp 2.2.7
Next message: [imp] upgrade broke imp 2.2.7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]