Hi!
We are using the PHP-based IMP (http://horde.org) software to access our
mail from a web interface, but there's a strange problem...
As IMP does not support SSL natively yet, we are using openssl c_client
to tunnel and encrypt the imp-imap connections through a false local
port that in fact is encrypting and forwarding all the packets to the
ssl-imap-2000 server. IMP connects to the local port 150, where openssl
is listening. Openssl then receives all the data and encrypts and
forwards it to the port 993 of our imap server (the server is running
imap-2000c).
Everything works fine except for one thing. We don't know if it's a
php/imp issue, an imap issue or an openssl issue (messages have been
sent to the corresponding lists), but maybe somebody here is in the same
situation as us.
The problem is with some passwords. If the password begins with A, B or
C (this only happens in upper case), the server refuses login, and if it
begins with D, E, F or G, the imap server seems to hang indefinitely.
However, it works perfectly with the rest of the letters (from H to Z) I
even patched the imap server and now it even writes in the log the
password
sent by the client, just to see if it was sent correctly.
When it works, everything is as expected:
Mar 26 13:21:26 imap-server simapd-log[2248]: auth_login_server:
user=test pass=W
Mar 26 13:21:26 imap-server simapd-log[2248]: Authenticated user=test
host=webserver.domain.com [xxx.yyy.zzz.www]
Mar 26 13:21:26 imap-server simapd-log[2248]: auth_login_server:
user=test pass=W
Mar 26 13:21:26 imap-server simapd-log[2248]: Authenticated user=test
host=webserver.domain.com [xxx.yyy.zzz.www]
When it fails, these are the messages in the log:
Mar 26 13:05:18 imap-server simapd-log[2124]: imaps alternative service
init from xxx.yyy.zzz.www (the ip address of the webserver)
Mar 26 13:05:18 imap-server simapd-log[2124]: Command stream end of
file, while reading line user=??? host=webserver.domain.com
And when it seems to hang:
Mar 26 13:00:51 webserver simapd-log[2090]: imaps alternative service
init from xxx.yyy.zzz.www
I tested it using Outlook as a client, doing the same, connecting to the
false port, and it works... Anyone has any idea about what could be
going on here??
Many thanks!
--
Oscar Renalias / [EMAIL PROTECTED] / FIB / UPC
House music is a state of mind
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
