Roundcube not working after last php update [SOLVED]

whahn1983 · 2014-09-15 02:43:20

After the last php update my roundcubemail stopped working. The log-in page loads and after attempting to log in I get the following error:

IMAP Error in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_imap.php (184): Login failed for email@example.com from 192.168.1.1. Could not connect to ssl://localhost:993: Unknown reason (fsockopen() function disabled?)

Last edited by whahn1983 (2014-09-19 18:46:11)

Pierre · 2014-09-15 04:21:49

Do you use a valid SSL cert? PHP 5.6 checks these now by default.

whahn1983 · 2014-09-15 05:24:25

Yes and I just confirmed that it is pulling that from my roundcube log in page.

rumpelsepp · 2014-09-15 09:19:08

backport to 1.0 see here: http://trac.roundcube.net/changeset/3b55da7ba60/github
ticket see here: http://trac.roundcube.net/ticket/1489948

tranqil · 2014-09-15 10:00:19

As temporary workaround, you can replace "localhost" with your real domain name (must match the common name in your ssl certificate) in the roundcube configuration. E.G. ssl://localhost -> ssl://my.domain.tld, and of course make the imap server reachable from outside via ssl.

ngollon · 2014-09-15 10:14:14

I had a similar problem this morning. I added the intermediate certificate used to sign my certificate to /etc/ssl/certs and then added this path into the new openssl.capath variable in my php.ini.

Maybe one of these steps was not really necessary, but it works now

whahn1983 · 2014-09-15 14:35:44

Ok so my crt file is in my /etc/httpd/conf folder so I added that path to the openssl.capath variable (also tried specifying the file with openssl.cafile). I also tried changing my roundcube config.php to ssl://mydomain instead of ssl://localhost. Still same error.

Ashren · 2014-09-15 22:19:22

After several hours of wrestling with this problem I downgraded to php-5.5 which let me login again.

Fail. But I need to have access to my roundcube.

Last edited by Ashren (2014-09-15 22:20:24)

rumpelsepp · 2014-09-16 08:59:21

I fixed it yesterday. I modified the PKGBUILD to get the upstream fix.

# $Id$
# Maintainer: Sergej Pupykin <pupykin.s+arch@gmail.com>

pkgname=roundcubemail
pkgver=1.0.2.3b55da
pkgrel=1
pkgdesc="A PHP web-based mail client"
arch=('any')
url="http://www.roundcube.net"
license=('GPL')
depends=('php')
optdepends=('python2')
backup=('etc/webapps/roundcubemail/.htaccess'
	'etc/webapps/roundcubemail/apache.conf')
install=roundcubemail.install
options=('!strip' 'emptydirs')
source=("${pkgname}::git+https://github.com/roundcube/roundcubemail.git#commit=9a498212446f6c9a186df5652a7625526b590b78"
	apache.conf)
md5sums=('SKIP'
         'f11b17e2a80b383cde4af963fb307541')

prepare() {
  cd ${srcdir}/${pkgname}
  sed -i \
    -e "s|RCUBE_INSTALL_PATH . 'temp.*|'/var/cache/roundcubemail';|" \
    -e "s|RCUBE_INSTALL_PATH . 'logs.*|'/var/log/roundcubemail';|" \
    config/defaults.inc.php \
    program/lib/Roundcube/rcube_config.php
}

package() {
  mkdir -p ${pkgdir}/etc/webapps/roundcubemail
  mkdir -p ${pkgdir}/usr/share/webapps
  mkdir -p ${pkgdir}/var/log
  cd ${pkgdir}/usr/share/webapps
  cp -ra ${srcdir}/${pkgname} roundcubemail
  cd roundcubemail

  mv .htaccess $pkgdir/etc/webapps/roundcubemail/
  ln -s /etc/webapps/roundcubemail/.htaccess .htaccess

  mv config $pkgdir/etc/webapps/roundcubemail/
  ln -s /etc/webapps/roundcubemail/config config

  install -dm0750 $pkgdir/var/{log,cache}/roundcubemail
  install -Dm0644 $srcdir/apache.conf $pkgdir/etc/webapps/roundcubemail/apache.conf

#  install -dm0755 $pkgdir/etc/php/conf.d/
#  cat <<EOF >$pkgdir/etc/php/conf.d/$pkgname.ini
#open_basedir = ${open_basedir}:/etc/webapps/roundcubemail:/usr/share/webapps/roundcubemail:/var/log/roundcubemail:/var/cache/roundcubemail
#EOF

  rm -rf temp logs
}

Then I added these values to my roundcube config:

// IMAP socket context options
// See http://php.net/manual/en/context.ssl.php
// The example below enables server certificate validation
//$config['imap_conn_options'] = array(
//  'ssl'         => array(
//     'verify_peer'  => true,
//     'verify_depth' => 3,
//     'cafile'       => '/etc/openssl/certs/ca.crt',
//   ),
// );
$config['imap_conn_options'] = array(
 'ssl'         => array(
     'verify_peer'       => false,
     'verfify_peer_name' => false,
  ),
);

// SMTP connection timeout, in seconds. Default: 0 (use default_socket_timeout)
// Note: There's a known issue where using ssl connection with
// timeout > 0 causes connection errors (https://bugs.php.net/bug.php?id=54511)
$config['smtp_timeout'] = 5;

// SMTP socket context options
// See http://php.net/manual/en/context.ssl.php
// The example below enables server certificate validation, and
// requires 'smtp_timeout' to be non zero.
// $config['smtp_conn_options'] = array(
//   'ssl'         => array(
//     'verify_peer'  => true,
//     'verify_depth' => 3,
//     'cafile'       => '/etc/openssl/certs/ca.crt',
//   ),
// );
$config['smtp_conn_options'] = array(
  'ssl'         => array(
      'verify_peer'      => false,
      'verify_peer_name' => false,
  ),
);

It works like a charm.

whahn1983 · 2014-09-16 14:50:33

So I updated my owncloud and added those config options and now i get the following error:

Warning: stream_socket_client(): SSL: Connection reset by peer in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_imap_generic.php on line 860

Warning: stream_socket_client(): Failed to enable crypto in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_imap_generic.php on line 860

Warning: stream_socket_client(): unable to connect to ssl://localhost:993 (Unknown error) in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_imap_generic.php on line 860
IMAP Error in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_imap.php (184): Login failed for mail@example.com from x.x.x.x(X-Forwarded-For: x.x.x.x). Could not connect to ssl://localhost:993: Unknown reason

whahn1983 · 2014-09-18 01:36:53

Ok problem solved.

1) manually updated roundcube php files from upstream git changes
2) added the IMAP_conn_options array with verify_peer true, verify_depth 3, and specify the same cafile .pem as dovecot/postfix (self signed)

bsujja · 2014-09-18 01:51:11

whahn1983 wrote:

Ok problem solved.
1) manually updated roundcube php files from upstream git changes
2) added the IMAP_conn_options array with verify_peer true, verify_depth 3, and specify the same cafile .pem as dovecot/postfix (self signed)

Can you specify which php files and the url of git to get the files?

whahn1983 · 2014-09-18 03:44:30

http://trac.roundcube.net/changeset/3b55da7ba60/github

bsujja · 2014-09-18 16:01:24

I got the latest roundcubemail package from upstream and tried various imap_conn_options as suggested here including verify_peer true combined with cafile specification and verify_peer false. Still as soon as I upgrade back to php 5.6, the same error as post #1 occurs. I don't know if my self-sign cert which is xx.crt as against xx.pem was the culprit or if my server software nginx plays a part in this.

whahn1983 · 2014-09-18 16:35:22

I had to make sure that it was the full pem with the intermediate ca. So basically for my cert I did:

cat cert.crt cert.key > myca.pem
cat myca.pem intermediateca.pem > final.pem

I also got it to work on my self signed as well but it had to be the same .pem file that postfix and dovecot was using. They all have to match as well as your domain name for each.

bsujja · 2014-09-19 17:11:49

I'm still struggling. Here are details of my configs.

Self-sign certificate related:

# cd /etc/ssl/private/
# openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out server.key
# openssl req -new -key server.key -out server.csr
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

/etc/postfix/main.cf

...
smtpd_tls_cert_file = /etc/ssl/private/server.crt
smtpd_tls_key_file = /etc/ssl/private/server.key
...

/etc/dovecot/dovecot.conf

...
ssl_cert = </etc/ssl/private/server.crt
ssl_key = </etc/ssl/private/server.key

/etc/webapps/roundcubemail/config/config.inc.php
Option 1:

...
$config['default_host'] = 'ssl://localhost/';
$config['default_port'] = 993;

$config['imap_conn_options'] = array(
  'ssl'         => array(
	 'verify_peer'  => false,
	 'verfify_peer_name' => false,
   ),
);

Option 2:

...
$config['imap_conn_options'] = array(
  'ssl'         => array(
	 'verify_peer'  => true,
         'verify_depth' => 3,
         'cafile'       => '/etc/ssl/private/server.crt',
   ),
);

Anything still missing?

whahn1983 · 2014-09-19 17:54:14

Does your certificate specify localhost as the domain?

bsujja · 2014-09-19 18:38:03

Working now!

I recreated the key and the cert by specifying localhost as the Common Name in the cert request process. It works only for option 1 (verify_peer' => false, 'verfify_peer_name' => false,) though. Anyway, many thanks.

whahn1983 · 2014-09-19 18:45:54

Awesome. I'm going to change this thread to "Solved".

print · 2016-07-28 05:53:58

$config['imap_conn_options'] = array(
  'ssl'         => array(
	 'verify_peer'  => true,
	 'verfify_peer_name' => false,
   ),
);

Sorry for the necrobump, but the above is what worked for me after hours of searching - this configuration ensures the certificate is valid, but it does not require that the common name matches (I think).

WorMzy · 2016-07-31 12:44:10

Thanks for sharing, I'm going to take this opportunity to close this old thread.

Arch Linux

#1 2014-09-15 02:43:20

Roundcube not working after last php update [SOLVED]

#2 2014-09-15 04:21:49

Re: Roundcube not working after last php update [SOLVED]

#3 2014-09-15 05:24:25

Re: Roundcube not working after last php update [SOLVED]

#4 2014-09-15 09:19:08

Re: Roundcube not working after last php update [SOLVED]

#5 2014-09-15 10:00:19

Re: Roundcube not working after last php update [SOLVED]

#6 2014-09-15 10:14:14

Re: Roundcube not working after last php update [SOLVED]

#7 2014-09-15 14:35:44

Re: Roundcube not working after last php update [SOLVED]

#8 2014-09-15 22:19:22

Re: Roundcube not working after last php update [SOLVED]

#9 2014-09-16 08:59:21

Re: Roundcube not working after last php update [SOLVED]

#10 2014-09-16 14:50:33

Re: Roundcube not working after last php update [SOLVED]

#11 2014-09-18 01:36:53

Re: Roundcube not working after last php update [SOLVED]

#12 2014-09-18 01:51:11

Re: Roundcube not working after last php update [SOLVED]

#13 2014-09-18 03:44:30

Re: Roundcube not working after last php update [SOLVED]

#14 2014-09-18 16:01:24

Re: Roundcube not working after last php update [SOLVED]

#15 2014-09-18 16:35:22

Re: Roundcube not working after last php update [SOLVED]

#16 2014-09-19 17:11:49

Re: Roundcube not working after last php update [SOLVED]

#17 2014-09-19 17:54:14

Re: Roundcube not working after last php update [SOLVED]

#18 2014-09-19 18:38:03

Re: Roundcube not working after last php update [SOLVED]

#19 2014-09-19 18:45:54

Re: Roundcube not working after last php update [SOLVED]

#20 2016-07-28 05:53:58

Re: Roundcube not working after last php update [SOLVED]

#21 2016-07-31 12:44:10

Re: Roundcube not working after last php update [SOLVED]

Board footer