laminas-mail icon indicating copy to clipboard operation
laminas-mail copied to clipboard
verified publisher icon laminas

No IMAP connection with PHP 7.4

Open pxlcore opened this issue 5 years ago • 4 comments

Hi,

I upgraded my Linux server Ubuntu 18.04 to 20.04. PHP version switched from 7.3 to 7.4.

After this Upgrade I could not connetct to my mail server anymore. Parameters didn't change.

So I tried a fresh copy of laminas mail (2.12.3) on both systems (Ubuntu 18.04 -> PHP 7.3.x and Ubuntu 20.04 -> PHP 7.4).

On the old system the connection worked well. On the new system I got the error:


Warning: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol in /var/www/html/lm/vendor/laminas/laminas-mail/src/Protocol/Imap.php on line 100

Fatal error: Uncaught Laminas\Mail\Protocol\Exception\RuntimeException: cannot enable TLS in /var/www/html/lm/vendor/laminas/laminas-mail/src/Protocol/Imap.php:102 Stack trace: #0 /var/www/html/lm/vendor/laminas/laminas-mail/src/Storage/Imap.php(221): Laminas\Mail\Protocol\Imap->connect() #1 /var/www/html/lm/index.php(34): Laminas\Mail\Storage\Imap->__construct() #2 {main} thrown in /var/www/html/lm/vendor/laminas/laminas-mail/src/Protocol/Imap.php on line 102

The little script I used: I need to use novalidatecert because of self signed certificates.

<?php
use Laminas\Mail\Storage\Imap;

// Connecting with Imap:
$mail = new Imap([
    'host'     => '192.168.xxx.xxx',
    'user'     => 'user1',
    'password' => 'p@ssword',
    'ssl'      => 'TLS',
    'novalidatecert' => true,
]);

echo 'Messages: ' . $mail->countMessages();

I don't know if this error really belongs to the PHP version or it is something else.

pxlcore

pxlcore avatar Nov 12 '20 10:11 pxlcore

You may try to change the /usr/lib/ssl/openssl.conf to allow minor versions for clients, like so MinProtocol = TLSv1.0.

malukenho avatar Nov 12 '20 14:11 malukenho

This is due to a change in the openssl library shipped with PHP 7.4; it's more strict. The solution is as you noted (disabling certificate validation when needed). I think what would be best is to document the options each of the storage adapters accepts.

weierophinney avatar Nov 12 '20 20:11 weierophinney

Thank you for your help.

The hint to OpenSSL solved my problem. I used the solution from here. After a server restart all worked well.

pxlcore avatar Nov 13 '20 06:11 pxlcore

i would also recomend to change your ip of the host as a dns name eg: mail.laminas.com

alainseys avatar Nov 13 '20 22:11 alainseys