Eric S. Johansson wrote: > using the svn code as of last night (9pm edt (-4 gmt)) with > squirrelmail, the application works normally if you use the default > ports (http/https) but if you use a nonstandard port, and try to > send a message, you get the following message from the server after > you press the send button. > > socket.c/363: ERROR: Init OpenSSL: error:1407609C:SSL > routines:SSL23_GET_CLIENT_HELLO:http request
The mess is not sorted out.. this is what was happening: === 1 8 0.0333 (0.0000) C>S ChangeCipherSpec 1 9 0.0333 (0.0000) C>S Handshake 1 10 0.0495 (0.0162) S>C ChangeCipherSpec 1 11 0.0498 (0.0002) S>C Handshake 1 12 0.0502 (0.0003) C>S application_data 1 13 0.0889 (0.0386) C>S application_data 1 14 0.0889 (0.0000) C>S application_data 1 15 0.0889 (0.0000) C>S application_data 1 16 0.0889 (0.0000) C>S application_data [Webmail connects to IMAP..] 1 17 1.9819 (1.8929) S>C application_data 1 1.9821 (0.0002) S>C TCP FIN 1 18 1.9847 (0.0025) C>S Alert 1 1.9850 (0.0002) C>S TCP FIN === Which means: the TLS handshake was alright, then the server tried to connect to the IMAP server, then the server replied and finally something wrong was happening with the client (like a protocol violation). After some debugging I got this: === HTTP/1.1 302 Moved Temporarily Connection: Close Date: Mon, 24 Oct 2005 17:14:09 GMT Server: Cherokee/0.4.28b3 (UNIX) Location: http://localhost:444/src/right_main.php?mailbox=INBOX&sort=0&startMessage=1 X-Powered-By: PHP/4.4.0-3 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=iso-8859-1 Content-length: 336 P3P: CP=3DNOI NID CURa OUR NOR UNI === This is the header the server was sending as reply to the post action. It is a bit odd to reply with 302 to a POST, but.. ok, let's assume it is okay. But, wait a second, take a look at the Location line. I was configured to use the port 444 for TLS, and I accessed the server using "https://localhost:444";, so.. why the hell is it redirecting the browser to http://..:444 ? At this moment, I realized the problem was on the SquirrelMail. After some debugging I found this code in functions/strings.php: === /* * If you have 'SSLOptions +StdEnvVars' in your apache config * OR if you have HTTPS=on in your HTTP_SERVER_VARS * OR if you are on port 443 */ $getEnvVar = getenv('HTTPS'); if ((isset($getEnvVar) && !strcasecmp($getEnvVar, 'on')) || (sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && !strcasecmp($https_on, 'on')) || (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER) && $server_port == 443)) { $proto = 'https://'; } === So, as long as the server is not on the default port, it is not Apache, and it didn't set the HTTPS environment variable, the web mail was assuming it was HTTP. Maybe I am wrong, but I think I haven't read about that variable in any RFC until now... but anyway, Cherokee now adds the HTTPS variable, so it is working with the repository code. -- Greetings, alo. _______________________________________________ Cherokee mailing list [email protected] http://www.alobbs.com/cgi-bin/mailman/listinfo/cherokee
