On Sun, Jan 4, 2009 at 6:29 AM, Jim Duda <jim@xxxxxxxxxxxx> wrote: > Paul Lesniewski wrote: > >>> I installed the SVN version as you requested. >>> The banner displays as: >>> >>> SquirrelMail version 1.4.17 [SVN] >> >> Looks like the script that generates snapshots stalled out in >> December. Too bad. I'll have to get with the team on that one. So >> for now, you'd have to resort to an anonymous SVN checkout instead to >> get our newest code. >> >>> So, I know I'm pointing to the proper version. >> >> Unfortunately, you aren't. > > Okay, I installed from SVN. Now my banner says: > SquirrelMail version 1.4.18 [SVN] > > Same behavior. Everything works fine using port 8024, but not using 443. > >> >> As well as getting the newest SM code, you need to inspect the cookies >> in your browser. It may be possible that you are experiencing bug >> #2388423, which is addressed in 1.4.18SVN. > > Using firefox, I can see that the cookies for the server are available. > I don't have the knowledge to determine if they are correct. > > I have four cookies "SQMSESSID". > I have two cookies "squirrelmail_language" > I have one cookie "key" > > If I remove the cookies, then use port 443 again, I only have one > set (4 totals), all of which are coded with > "Send For: Encrypted connections only" > > Next I downgraded to this version (banner display): > SquirrelMail version 1.4.16 > > Now, both ports 443 and 8024 work properly. > > So, there was something different between version 1.4.16 and 1.4.17 which > caused my specific behaviour change in squirrelmail. > > However, it's possible my problem might be caused by the fact I am > not using port 443 is a standard SSL manner. I don't use SSL at > all and I've never figured out how to set it up in the proper > use case. I only use ports 443 since it's accessible both from > work and through my ISP. And, some change in 1.4.17 was fixing > some bug which allowed me to use 443 when I shouldn't have been > able too. I dunno ... you know more about this than I do. > I'm certainly willing to learn about how to setup SSL if necessary > to properly use port 443. That's a very risky bet. All the software in the equation - from the browser to the web server to SquirrelMail all typically assume 443 == SSL. It is possible to use non-SSL connections on port 443, but it's always going to introduce a higher probability that problems like this will occur. One thing you can do with 1.4.18 (BTW, the snapshots on our download page are working again) is to turn off $only_secure_cookies (config/conf.pl-->4-->16. Only secure cookies if poss.) because you indicated that you are NOT using SSL but the SSL-only flag is turned on. ------------------------------------------------------------------------------ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
