Bug 18727 - imapd/pop*d have internal SSL support but still use/depend on stunnel
imapd/pop*d have internal SSL support but still use/depend on stunnel
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: imap (Show other bugs)
7.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Dale Lovelace
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-10-09 13:05 EDT by Christian Hechelmann
Modified: 2007-04-18 12:29 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-11-27 04:53:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Christian Hechelmann 2000-10-09 13:05:33 EDT
In the imap-4.7c2-12 package shipped with RH7.0 the imapd, ipop?d servers
are built with internal SSL support, i.e. when run from port imaps/pop-?s
they will detect and use SSL by themselves.

In the specfile however imapd and ipo?d are set to start via stunnel.
This is both redundant and unfortunate, since when run via stunnel the
daemons won't get the true client ip adress from which the connection
originated. Instead they get 127.0.0.1 (localhost). This completely breaks
DRAC (dynamic relay authorization control) AKA POP-before-SMTP.
Comment 1 Nalin Dahyabhai 2000-10-10 12:50:37 EDT
The native SSL support was added some time after the stunnel setup was added to
the package.  We'll have to change this.  I'll mark this one as resolved when we
get a package built with the changes.
Comment 2 Andreas Metzler 2000-11-27 04:53:22 EST
You can mark this resolved, v2000 has been uploaded. (even for RH6.x).
Comment 3 Arenas Belon, Carlo Marcelo 2000-12-19 11:54:30 EST
fixed on errata :

http://www.redhat.com/support/errata/RHSA-2000-102.html

* Tue Oct 10 2000 Nalin Dahyabahai <nalin@redhat.com>
- switch to internal SSL support instead of using stunnel (#18727)

Note You need to log in before you can comment on or make changes to this bug.