ID: 33500 User updated by: ed2019 at columbia dot edu Reported By: ed2019 at columbia dot edu Status: Open Bug Type: IMAP related Operating System: RHEL 4 PHP Version: 4.3.10 New Comment:
I have also filed this bug with RedHat, see bug # 161826: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161826 , as well as to Mark Crispin ( author of the c-client imap library ), that discussion is archived here: http://mailman1.u.washington.edu/pipermail/imap-uw/2005-June/000091.html Previous Comments: ------------------------------------------------------------------------ [2005-06-28 19:06:58] ed2019 at columbia dot edu I am the system administrator. I appreciate your trying to screen out non-bugs, but this is not a non-bug, but I am quite sure that this is a real bug. An IMAP server supports multiple methods of remote client authentication. Among them, GSSAPI and plain. When a client connects, the server advertises these auth methods and other options it supports, for example, GSSAPI, PLAIN, etc. The client then selects which AUTH method to use. php's imap extension is choosing to use the GSSAPI method, but I would like it to make a different choice. Or, after GSSAPI fails, I would like it to try the PLAIN auth method. There is, however, no way (to my knowledge, or in the documentation) to get it to make that choice. The underlying c-client library that php uses to talk to imap servers supports making the choice, and the imap servers themselves support it, but PHP does not. I think that puts it into the category of a 'bug' that belongs in PHP's bug system. ------------------------------------------------------------------------ [2005-06-28 18:52:22] [EMAIL PROTECTED] Try to contact your system admintrator. Questions related to IMAP server administration obviously do not belong to the PHP bug system. ------------------------------------------------------------------------ [2005-06-28 18:36:34] ed2019 at columbia dot edu What if I don't want to use GSSAPI? I'm providing a username and password that should be sufficient for the PLAIN auth method. ------------------------------------------------------------------------ [2005-06-28 18:28:31] [EMAIL PROTECTED] Obviously the apache user doesn't have correct permissions to write to the kerberos cache. Not PHP bug -> bogus. ------------------------------------------------------------------------ [2005-06-28 18:03:34] ed2019 at columbia dot edu Description: ------------ Running stock RHEL4 on Intel, with stock RedHat RPMS of php & everything else, all maintained with up2date. imap_open() fails with the following error message, if the target IMAP server advertises GSSAPI: [client ip.ip.ip.ip] PHP Notice: (null)(): GSSAPI failure: Credentials cache permissions incorrect (errflg=1) in Unknown on line 0 [client ip.ip.ip.ip] PHP Notice: (null)(): Can not authenticate to IMAP server: Client canceled authentication (errflg=2) in Unknown on line 0 [client ip.ip.ip.ip] PHP Warning: imap_open(): Couldn't open stream {ip.ip.ip.ip:993/imap/ssl/novalidate-cert} in /var/www/html/testimap.php on line 3 Reproduce code: --------------- $mbox = imap_open("{mailhost:993/imap/ssl/novalidate-cert/norsh}INBOX", "username", "pw"); Expected result: ---------------- $mbox should have been a valid imap resource. Actual result: -------------- >From /var/log/httpd/error_log [client ip.ip.ip.ip] PHP Notice: (null)(): GSSAPI failure: Credentials cache permissions incorrect (errflg=1) in Unknown on line 0 [client ip.ip.ip.ip] PHP Notice: (null)(): Can not authenticate to IMAP server: Client canceled authentication (errflg=2) in Unknown on line 0 [client ip.ip.ip.ip] PHP Warning: imap_open(): Couldn't open stream {ip.ip.ip.ip:993/imap/ssl/novalidate-cert} in /var/www/html/testimap.php on line 3 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=33500&edit=1
