-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IMAP auth is broken due to change of config variables, error on ssl mode #52
Comments
Just ran into the same issue, you have to escape the ssl_mode param:
and I added an empty domain param, so the new source code doesn't change the username. I hope this helps. |
thanks @MarBie77 that fixed it for me |
thank you for reporting! @janaurka see #49 for the changed IMAP auth: Please kindly note that this app is not above v1.0.0, so breaking changes can happen any time. Regarding the possible sslmodes I first have to check what roundcube takes as parameters there. At least |
D*mn, I’ve thought that I tested this quickly and it did not work for me. Although I did not enter an empty string for the domain. Whatever if it works, I’m pretty happy @violoncelloCH: awesome thx, also for writing/maintaining this plugin. i did not mean to be harsh or so. I’m aware on how stressful/annoying it can be to maintain open source software and some random people open angry bugs and basically yell at you for doing stuff they can use for free. again: danke tuusig (thanks a lot in swiss german). I’d leave it open for now, feel free to close @violoncelloCH as soon as everything is merged to master and release is carved or whatever. |
The following works for me[tm]: And I put the hostname into the chrooted hosts file (/var/www/etc/hosts), so that validation may succeed. But I still would prefer to have some documentation on how to put those the PHP parameters correctly into the config file. |
thank you @janaurka for these words :) as far as I understand from https://github.com/roundcube/roundcubemail/wiki/Configuration#imap-server-connection and roundcube's source code (https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap_generic.php#L972-L987 && https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap_generic.php#L1034-L1062) @daviddahlberg I think I don't fully get what you mean. Do you mean documentation about non-validated certs? |
A quick update of available apps ended here on this topic... ;-) array ( First I replaced with: Unfortunate this didn't solve the problem... After replacing "localhost" with the FQDN of my server everything worked like a charm again, so I assume you can't ignore the certificate check anymore. Is this correct or is there a different way to do this? |
I also tried various different config settings starting from the old working parameters (993 and SSL against my domain name) and still can not authenticate. Dovecot shows the following: Mar 17 15:21:56 XXXX dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=::1, lip=::1, TLS, session=<xxxx/xxxxxxxxxxxxxxxxxxxxxx> I reverted back to 0.5.1 and it worked again, especially the user= field in the log is then populated which indicates that the requests to IMAP are malformed |
The code taken from roundcube is giving in this way another problem: |
I can confirm this. With localhost I get only "Login failed". However, I see now the following error messages: [PHP] Error: Undefined offset: 1 at /www/htdocs/..../user_external/lib/imap/imap_rcube.php#149 [PHP] Error: Undefined index: force_caps at /www/htdocs/.../user_external/lib/imap/imap_rcube.php#945 |
@daviddahlberg @Erling74 @Flachzange
indeed, looks like roundcube's implementation doesn't allow this... however I think the advantages are way bigger than the disadvantages and ignoring certificate check is an edge-case anyway (you can simply use the FQDN or plain IMAP if you want to use localhost). However PRs (also to the documentation) are always welcome! @PaulFreund could you open a new issue with details about your problem and configuration? @lsbbs that seems to be not related to the change to roundcube's imap implementation. It looks like it's coming from this commit: a7e276f (this stripes away the domain part, if a domain is specified) from which version did you update to v0.6? Could you also create a new issue with further details to continue discussing this? |
@violoncelloCH |
@Flachzange take a look at #56 (that's the same) |
Changed config as noted above, but now nextcloud windows client fails to authenticate. The web auth works, but that does not help. |
@alexhass are you using app-passwords / tokens for your sync client? If so, it might be worth a try to set new ones and revoke the old ones. |
@lsbbs <https://github.com/lsbbs> that seems to be not related to the
change to roundcube's imap implementation. It looks like it's coming
from this commit: a7e276f
<a7e276f>
(this stripes away the domain part, if a domain is specified) from which
version did you update to v0.6? Could you also create a new issue with
further details to continue discussing this?
Did not test this, but if the domain name is stripped out this will
cause duplicate usernames.
I updated now one instance to the latest release and this stripping out
the domain name caused now a new problem:
The usernames have been in 14.x: "user@domain"
Now the username is only "user"
All group assignments are gone. Shared folders, contacts, calendars wit
a group: Gone.
Changing the basic behave of the external user authentication was IMHO
not a really clever idea.
Stripping the domain name a configurable option would be ok, but
enabling it by default: Really not a clever idea for installations updated.
|
@lsbbs as I said, if you want to continue discussing this, open a specific issue for it. This issue here is definitely not the place to do it, as this issue is solved (documentation) and is only still open as information. |
Hi @violoncelloCH,
is somewhat inadequate. This failed upgrade has given me a lot of headaches today. Please be more careful with changes to such a sensitive module. Thanks a lot for your work on nextcloud, nevertheless. |
Completely agree with @madmas. These ways of working will make people lose trust in the development of the plugin and nextcloud in general. (still appreciate the work though) |
@madmas I get your point... @madmas & @lsbbs please take a look at #68 and #64; please split those two completely separate points |
i am confused .. NC16 still lists this Plugin .. which one is the active development ? "https://github.com/nextcloud/apps/tree/master/user_external" or "https://github.com/nextcloud/user_external" ? |
@trueshanti what do you mean with "still lists this plugin"? |
Hi @janaurka i lost track of the solution-path on this
What was your solution to this ? kindly |
What i meant: in Nextcloud16 the Plugin "external user" contends itself with "Authenticate user login against ... IMAP" . to my understanding (albeit 0.6.3 just released) this is an actual feature , yes ? so it should work ? |
nevermind .. i found #64 to be the right issue for me .. thank you |
1030: Update user_external example for nextcloud r=mergify[bot] a=kesselb ## What type of PR? documentation ## What does this PR do? Update the user_external example for Nextcloud due an upstream change. PHP will remove the imap extension. Newer user_external releases requires a different configuration for imap. ### Related issue(s) - nextcloud/user_external#52 ## Prerequistes Before we can consider review and merge, please make sure the following list is done and checked. If an entry in not applicable, you can check it or remove it from the list. - [x] In case of feature or enhancement: documentation updated accordingly - [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file. Co-authored-by: Daniel Kesselberg <mail@danielkesselberg.de>
Hi *
After upgrading to
user_external v0.6
logging in usingIMAP
does not work anymore.I’m seeing the following in the logs:
I have changed the config from something like:
to
(as it should be according to the updated readme).
which caused the error message in
nextcloud.log
as shown above.Running Nextcloud Stable latest (15.0.5).
Also changing the way the config file is parsed during a release is kinda uncool, especially since there is no remark in the release comments as breaking changes. Would be cool, if breaking changes would be announced at least in the GH release and if possible also in the Nextcloud UI/occ when trying to perform an update.
+ it would be great if there would be a list of possible options (eg for the ssl mode) at least somewhere in the code :)
lmk if you need more logoutput and stuff. I’ve fixed the problem for now by c&p the
imap.php
file from the release before and simply not running any sanity check on the files, which is ... suboptimal.cheers
The text was updated successfully, but these errors were encountered: