From: develop at kristov dot de Operating system: Gentoo Linux PHP version: 5.2.6 PHP Bug Type: Feature/Change Request Bug description: allow a client certificate when connecting to an IMAP server using imap_open
Description: ------------ Currently, imap_open does not allow to specify a client certificate to be used for a SSL/TLS-encrypted connection. Newer c-client versions do support this (using the GET_SSLCLIENTCERT and GET_SSLCLIENTKEY callbacks). I propose a patch which addresses this issue: - it adds an additional parameter "keycert" to imap_open which receives the combined client certificate and key (similar to the "local_cert" option used e.g. by stream_socket_client/stream_context_create) - it adds an additional IMAP global variable imap_keycert to hold the value of this parameter until being used by the callback - it defines and registers a callback function mail_getkeycert which passes the combined client certificate and key to the c-client library if supported (the existence of both of the #defines SET_SSLCLIENTCERT and SET_SSLCLIENTKEY enables the callback) - it links in the external authenticator auth_ext as client certificates/keys often replace user/password combinations (the user is identified by the CN of the client certificate and the password is substituted by the valid client key) One technical detail: The external authenticator of the c-client library does not do a mm_login callback (see src/c-client/auth_ext.c, function auth_external_client). So the user name for the connection has to be set some other way. This is done by extending the caller's mailbox name by a user specification "/user=<user>" which is parsed and handled by the c-client library. The code to do this string insertion is a bit clumsy and can probably be improved; I'm afraid I do not know Zend very well and I was lucky to find a way for this string manipulation at all :-) The rest of the patch is trivial and consists mainly of memory management and parameter checks. -- Edit bug report at http://bugs.php.net/?id=45496&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=45496&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=45496&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=45496&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=45496&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=45496&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=45496&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=45496&r=needscript Try newer version: http://bugs.php.net/fix.php?id=45496&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=45496&r=support Expected behavior: http://bugs.php.net/fix.php?id=45496&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=45496&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=45496&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=45496&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=45496&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=45496&r=dst IIS Stability: http://bugs.php.net/fix.php?id=45496&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=45496&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=45496&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=45496&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=45496&r=mysqlcfg
