Bug 18727 - imapd/pop*d have internal SSL support but still use/depend on stunnel
Summary: imapd/pop*d have internal SSL support but still use/depend on stunnel
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: imap
Version: 7.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Dale Lovelace
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-10-09 17:05 UTC by Christian Hechelmann
Modified: 2007-04-18 16:29 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2000-11-27 09:53:24 UTC
Embargoed:

Attachments (Terms of Use)

Description Christian Hechelmann 2000-10-09 17:05:33 UTC 
In the imap-4.7c2-12 package shipped with RH7.0 the imapd, ipop?d servers
are built with internal SSL support, i.e. when run from port imaps/pop-?s
they will detect and use SSL by themselves.

In the specfile however imapd and ipo?d are set to start via stunnel.
This is both redundant and unfortunate, since when run via stunnel the
daemons won't get the true client ip adress from which the connection
originated. Instead they get 127.0.0.1 (localhost). This completely breaks
DRAC (dynamic relay authorization control) AKA POP-before-SMTP.
Comment 1 Nalin Dahyabhai 2000-10-10 16:50:37 UTC 
The native SSL support was added some time after the stunnel setup was added to
the package.  We'll have to change this.  I'll mark this one as resolved when we
get a package built with the changes.
Comment 2 Andreas Metzler 2000-11-27 09:53:22 UTC 
You can mark this resolved, v2000 has been uploaded. (even for RH6.x).
Comment 3 Arenas Belon, Carlo Marcelo 2000-12-19 16:54:30 UTC 
fixed on errata :

http://www.redhat.com/support/errata/RHSA-2000-102.html

* Tue Oct 10 2000 Nalin Dahyabahai <nalin>
- switch to internal SSL support instead of using stunnel (#18727)
Note You need to log in before you can comment on or make changes to this bug.