subject:"\[RCU\] \[SMTP, SSL\] Roundcube 1.2.2 \- never use TLSv1.2 and always fallback to TLSv1 when sends mail"

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

2016-11-10 Thread A.L.E.C

On 10.11.2016 11:55, Paweł Łukasik wrote:
> Yes, I'm pretty sure it's problem with RC - it uses TLSv1.2 for IMAP
> connections but not for SMTP.
> PHP is rather new (Debian 7):
> 
> php --version
> PHP 5.4.45-1~dotdeb+7.1 (cli) (built: Sep  5 2015 00:21:03)
> Copyright (c) 1997-2014 The PHP Group
> Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies

I'm afraid you need PHP 5.6 according to this
http://php.net/manual/en/function.stream-socket-enable-crypto.php

I have no idea how did you get IMAP connection to use TLS 1.2.
As I've said both SMTP and IMAP code use the same way of setting TLS.

ps. PHP 5.4 is no longer supported by PHP.

-- 
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer [http://kolab.org]
Roundcube Webmail Developer   [http://roundcube.net]

PGP: 19359DC1 # Blog: https://kolabian.wordpress.com
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

2016-11-10 Thread Paweł Łukasik

Yes, I'm pretty sure it's problem with RC - it uses TLSv1.2 for IMAP 
connections but not for SMTP.

PHP is rather new (Debian 7):

php --version
PHP 5.4.45-1~dotdeb+7.1 (cli) (built: Sep  5 2015 00:21:03)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies




do you really think roundcube has it's own low-level TLS code?
most likely you run outdated PHP

https://bugs.php.net/bug.php?id=65329

Am 10.11.2016 um 11:02 schrieb Paweł Łukasik:

Hello,

Roundcube always use TLSv1 for sending mail (used on same host as
mailserver with both RSA and ECDSA certs, ports 25 and 587). When I
disable all TLS/SSL versions except TLSv1.2 in Postfix config, I 
cannot
send mails from Roundcube (SMTP Error: Authentication failure: 
STARTTLS
failed (Code: ) in /var/www/roundcube/program/lib/Roundcube/rcube.php 
on

line 1649 (POST
/?_task=mail&_unlock=loading1478615054443&_lang=en&_framed=1&_action=send)
) but can from desktop/mobile client.
Connection from Roundcube to IMAP server is always use TLSv1.2, 
external

servers (i.e. GMail) connect with TLSv1.2.

What could cause this behaviour? Is it possible to force TLSv1.2 for 
SMTP?


--
Pozdrawiam, Paweł Łukasik
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

2016-11-10 Thread Paweł Łukasik

What could cause this behaviour? Is it possible to force TLSv1.2 for 
SMTP?


You need Net_SMTP package in version >= 1.7.1.


1.7.2 installed with full roundcube 1.2.2 package. I've checked also on 
pear.php and diff shows no diffs.

___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

2016-11-10 Thread A.L.E.C

On 10.11.2016 11:02, Paweł Łukasik wrote:
> What could cause this behaviour? Is it possible to force TLSv1.2 for SMTP?

You need Net_SMTP package in version >= 1.7.1.

-- 
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer [http://kolab.org]
Roundcube Webmail Developer   [http://roundcube.net]

PGP: 19359DC1 # Blog: https://kolabian.wordpress.com
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

[RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

2016-11-10 Thread Paweł Łukasik


Hello,

Roundcube always use TLSv1 for sending mail (used on same host as 
mailserver with both RSA and ECDSA certs, ports 25 and 587). When I 
disable all TLS/SSL versions except TLSv1.2 in Postfix config, I cannot 
send mails from Roundcube (SMTP Error: Authentication failure: STARTTLS 
failed (Code: ) in /var/www/roundcube/program/lib/Roundcube/rcube.php on 
line 1649 (POST 
/?_task=mail&_unlock=loading1478615054443&_lang=en&_framed=1&_action=send) 
) but can from desktop/mobile client.
Connection from Roundcube to IMAP server is always use TLSv1.2, external 
servers (i.e. GMail) connect with TLSv1.2.


What could cause this behaviour? Is it possible to force TLSv1.2 for 
SMTP?


--
Regards, Paul
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

Re: [RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

[RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail

5 matches

Site Navigation

Mail list logo

Footer information