Enabling smtp-tls results in "network unreachable" w/ IPv6

[rcubetrac]

Reported by karasu on 27 Mar 2013 20:01 UTC as Trac ticket #1489024

On a host without a global IPv4 address, roundcube cannot connect to an IPv6 smtp-server if the server is specified with tls:_ (+tls port). Roundcube has no problems connecting to the very same server using smtp with ssl:_ (+ssl port).

The system on which roundcube is running has a global IPv6 address as well as a local IPv4 (for resolving DNS names). Interestingly, roundcube is able to connect to the same mailserver with imap+tls. A similar problem exists in the managesieve plugin.

The following entries can be found in roundcube's error-log:

[10:58:19](18-Mar-2013) Network is unreachable (101): 
[10:58:19](18-Mar-2013) Failed to connect socket: Network is unreachable (): 
[10:58:19 +0000](18-Mar-2013): SMTP Error: SMTP error: Connection failed: Failed to connect socket: Network is unreachable in /srv/roundcube/program/include/main.inc on line 1485 (POST /?_unlock=loading1363604383576&_lang=en?_task=mail&_action=send)

Keywords: smtp, tls, ipv6
Migrated-From: http://trac.roundcube.net/ticket/1489024

[rcubetrac]

Summary changed by karasu on 27 Mar 2013 20:25 UTC

Enabling imap-tls results in "network unreachable" w/ IPv6

Enabling smtp-tls results in "network unreachable" w/ IPv6

[rcubetrac]

Comment by @alecpl on 27 Mar 2013 20:42 UTC

Can you connect using telnet? Doesn't look like Roundcube issue.

[rcubetrac]

Comment by karasu on 27 Mar 2013 20:58 UTC

Connecting with telnet works fine, as does imap-tls and smtp-ssl. It's just smtp-tls that's not working as intended.

[rcubetrac]

Comment by @alecpl on 29 Mar 2013 08:58 UTC

Make sure Roundcube code uses correct host and port in line 106 of lib/Roundcube/rcube_smtp.php:

console($smtp_host, $smtp_port);
$this->conn = new Net_SMTP($smtp_host, $smtp_port, $helo_host);

This will log host and port to errors/console file. You can try to debug using console() also the code in lib/Net/Socket.php c.a. line 133. If host and port aren't malformed there, then it's not Roundcube issue.

[rcubetrac]

Comment by @alecpl on 29 Mar 2013 09:20 UTC

Found something. It looks like Net_Socket and PHP issue. http://pear.php.net/bugs/bug.php?id=18231. After applying the patch, configuring smtp_server using IPv6 address should work. Please, confirm.

[rcubetrac]

Comment by karasu on 29 Mar 2013 14:37 UTC

Adding the lines above to roundcube's rcube_smtp.php prints the correct hostname and port in the console-logfile.

I've applied the patch (with a slight offset), but it didn't fix the issue, at least when using the hostname. However, regardless of whether the patch is applied or not, specifying the server with its full IPv6-address instead of the hostname works:

$rcmail_config[= 'tls://[2a01:dead::b33f]('smtp_server'])';
$rcmail_config[= 587;

whereas using the hostname doesn't. The hostname can be used for ssl and works just fine, even though the connection is established over IPv6, so this works:

$rcmail_config['smtp_server']('smtp_port']) = 'ssl://mail.domain.tld';
$rcmail_config[= 465;

whereas this doesn't:

$rcmail_config['smtp_server']('smtp_port']) = 'tls://mail.domain.tld';
$rcmail_config['smtp_port'] = 587;

I understand that this error is rather obscure and may well be caused by some other component, I'm just curious as to why the problem only occurs with tls-connections.

[rcubetrac]

Comment by @alecpl on 15 May 2013 10:42 UTC

Are you sure it works with other IMAP clients? If so, the only thing I can think of is a bug in PHP's stream_socket_enable_crypto() function which is used in tls connections. The Net_Socket update with the mentioned patch has been committed in e5b376b.

[rcubetrac]

Status changed by @alecpl on 15 May 2013 10:42 UTC

new => closed

[rcubetrac]

Milestone changed by @alecpl on 15 May 2013 10:42 UTC

later => 1.0-beta