On Fri, Jan 2, 2009 at 11:20 AM, Jim Duda <jim@xxxxxxxxxxxx> wrote: > A recent upgrade to 1.4.14-1.fc9 appears to result > in an issue with login. > > After login, I'm immediately redirected to the redirect page. > I get "you must be logged in to access this page". > > I believe the actual login is working. If I use an invalid > login/password, then I get the "invalid login password" error. > > After I login, I can see successful login and logout messages > in /var/log/maillog. > > I have verified that IMAP is working using thunderbird client > configured for IMAP. > > I've also determined that the issue only occurs when trying to use port 443. > I need to use port 443 for two reasons. Thanks for the very thorough posting. The behavior you explain is typical of a situation where the browser doesn't have the cookie needed to re-athenticate when redirecting to webmail.php. You say your browser is accepting them, but perhaps there is an issue with the secure flag on the cookies? Some code that sets that flag was added to SM version 1.4.16 and slightly changed in 1.4.17, but this should not affect version 1.4.14, however, I cannot say what code Fedora may have added to that codebase (since it was part of a security fix, it is likely that you may have a hybrid between 1.4.14 and 1.4.16/17). The best way to know if we need to fix something is to install a snapshot of our 1.4.18SVN code, found near the bottom of our download page. Tarballs are there for easy download and installation. If that works (you can copy over your other SM config file, but you may want to run the config/conf.pl script and re-save (no other action required) to make sure it is up to date), then it's a problem with whatever Fedora have done to our code. > First, my ISP doesn't allow inbound port 80, and second, > my job only allows outbound ports 80 and 443. I use > squirrelmail to access my home mail server from work. > > Software versions: > Version: 1.4.17-1.fc9 (fedora 9 install via yum) > Plugins: squirrelspell, smapcop > PHP version: 5.2.6-2.fc9 Web server: apache 2.2.9-1.fc9 > IMAP: dovecot 1.0.15-14.fc9 > smtp: postfix 2.5.5-1.fc9 linux: 2.6.25.14 distro: fedora 9 - yum install > browsers: firefox, mozilla, and konquerer > > I haven't changed my squirrelmail configuration in a very long time. > This appears to have happened in the past couple of weeks. > I noticed today that there was a recent yum upgrade to squirrelmail. > > Using apache, I allow both ports 443 and 8024. Squirrelmail > works fine using 8024, but no 443. > > In apache, I alias as follows: > > http.conf > > snip ... > > Listen 8024 > Listen 443 > > Alias /webmail /usr/share/squirrelmail > <Directory /usr/share/squirrelmail> > Allow from all > AuthUserFile /etc/httpd/passwd/passwords > AuthType Basic > AuthName "Private" > Satisfy All > require user <my user list> > </Directory> > > I've read all the FAQs. > > I've verified that my browser is accepting cookies. > I've checked the permissions of /var/lib/php/sessions > I've checked the permissions of /var/local/squirrelemail/data > > If I changed the permissions of the data directory, when I attempt > to login as some user, squirrelemail complains that it doesn't have > access to the <user>.pref file. > > If I peek into the latest /var/lib/php/sessions file, I see my user > logged in and "is_logged_in" test messages in the session file. > > It all works using port 8024, but not 443 > > SquirrelMail configtest > > This script will try to check some aspects of your SquirrelMail configuration and point you to errors whereever it can find them. You need to go run conf.pl in the config/ directory first before you run this script. > > SquirrelMail version: 1.4.17-1.fc9 > Config file version: 1.4.0 > Config file last modified: 01 January 2009 11:06:41 > Checking PHP configuration... > PHP version 5.2.6 OK. > display_errors: 1 > error_reporting: 6143 > variables_order OK: EGPCS. > PHP extensions OK. Dynamic loading is enabled. > Checking paths... > Data dir OK. > Attachment dir is the same as data dir. > Plugins OK. > Themes OK. > Default language OK. > Base URL detected as: http://linux:8024/webmail/src (location base autodetected) > Checking outgoing mail service.... > SMTP server OK (220 <my server> SMTP Postfix) > Checking IMAP service.... > IMAP server ready (* OK Dovecot ready.) > Capabilities: * CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS STARTTLS AUTH=PLAIN > Checking internationalization (i18n) settings... > gettext - Gettext functions are available. On some systems you must have appropriate system locales compiled. > mbstring - Mbstring functions are available. > recode - Recode functions are unavailable. > iconv - Iconv functions are available. > timezone - Webmail users can change their time zone settings. > Checking database functions... > not using database functionality. > > Congratulations, your SquirrelMail setup looks fine to me! > > > > Any advice appreciated. > ------------------------------------------------------------------------------ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users