Hi,
I am new to the list. I do not know if the topic had been discussed in
the past, but my search turned up nothing.
I would like to use the authuser feature of c-client using PHP
imap_open(). I understand that c-client will need to negociate with the
IMAP server an SASL mechanism that support authcid/authzid separation;
as far as I can tell, "PLAIN" is the only such mechanism c-client
support. I am connecting to a Cyrus imapd server, which I coaxed into
advertising "AUTH=PLAIN" in its CAPABILITY even when not under TLS/SSL.
My problem are two fold : under either plaintext or SSL connection, I
received the "Can't do /authuser with this server" error form c-client.
I would like to try if it would workunder TLS, but it always fail with
"TLS/SSL failure for localhost: SSL negotiation failed". Note that I
have only a self-signed certificate, but that should not be a problem
using novalidate-cert option, AFAIK. I am using c-client 2001a under
RedHat 7.3.
Example PHP code that fail with "Can't do /authuser with this server" :
$mbox = imap_open("{localhost/notls/authuser=admin}INBOX", "user", "***");
$mbox = imap_open("{localhost:993/ssl/novalidate-cert/authuser=admin}INBOX", "user",
"***");
The following example fail with "TLS/SSL failure for localhost: SSL
negotiation failed" :
$mbox = imap_open("{localhost/novalidate-cert/authuser=admin}INBOX", "user", "***");
In all the example. '***' represent admin's password.
In case it could be of any help, here is what the server advertise for
CAPABILITY :
* CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS \
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND \
SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES STARTTLS AUTH=PLAIN
The most disturbing part is that mailutil, compiled against the same
c-client, work :
[EMAIL PROTECTED] root]# ./mailutil check -verbose -debug
{localhost/notls/authuser=admin}INBOX
[Trying IP address [127.0.0.1]]
* OK host Cyrus IMAP4 Murder v2.1.15 server ready
[host Cyrus IMAP4 Murder v2.1.15 server ready]
00000000 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES STARTTLS AUTH=PLAIN
00000000 OK Completed
00000001 AUTHENTICATE PLAIN
warning: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN
+
{localhost.localdomain/imap} username: test
password:
<suppressed>
00000001 OK Success (no protection)
00000002 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES LOGINDISABLED
00000002 OK Completed
00000003 STATUS INBOX (MESSAGES RECENT UNSEEN)
* STATUS INBOX (MESSAGES 0 RECENT 0 UNSEEN 0)
No new messages, 0 total in {localhost.localdomain:143/imap/notls/user="test"}INBOX
00000003 OK Completed
00000004 LOGOUT
* BYE LOGOUT received
[LOGOUT received]
00000004 OK Completed
As far as I can tell by reading the source, the PHP imap_open() pass the
mailbox string untouched to mail_open(). I am really confused; any
input as to where to look for the source of this problem would be
appreciated. Thank you very much for your insight !
--
Etienne Goyer Linux Qu�bec Technologies Inc.
http://www.LinuxQuebec.com [EMAIL PROTECTED]
--
------------------------------------------------------------------
For information about this mailing list, and its archives, see:
http://www.washington.edu/imap/c-client-list.html
------------------------------------------------------------------
