#2161 SSL proxy prevents Squirrelmail 1.4.7 loading right_main.php

closed-fixed
Compose (426)
5
2006-07-25
2006-07-12
Skyjerk
No

squirrelmail 1.4.7 is on a system behind
an SSL proxy.

After clicking the send button in the compose window
it attempts to reload the frame with "right_main.php"
but it must be specifically asking for an absolute URL
starting with "http://"rather than a relative URL
and the frame gets loaded with an error screen saying

-------------------------------------------------------

"The requested URL /squirrelmail/src/right_main.php was
not found on this server.

Apache/1.3.34 Server at www.raventhorne.net Port 80"

--------------------------------------------------------

The "Port 80" is incorrect. The URL that accesses the
webmail is port 443

If I then hit the reload button on the browser it load
the page correctly.

I cant find the place in the code where it re-loads
that frame after sending a message so that I can fix it.

Discussion

  • Tomas Kuliavas
    Tomas Kuliavas
    2006-07-13

    Logged In: YES
    user_id=225877

    Check SquirrelMail src/configtest.php script. It shows base
    url detected by SquirrelMail.

     
  • Skyjerk
    Skyjerk
    2006-07-13

    Logged In: YES
    user_id=1459968

    Yes. It sees it as http rather than https.

    Thats because the machine its running on is not using SSL,
    but it is accessed from the internet via another system
    running an SSL proxy.

    How can I change the base URL to be https?

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-07-13

    Logged In: YES
    user_id=225877

    Could you create php test script with

    <?php
    header('Content-type: text/plain');
    var_dump($_SERVER);
    ?>

    and attach displayed information to this tracker?

     
  • Skyjerk
    Skyjerk
    2006-07-13

    Logged In: YES
    user_id=1459968

    array(33) {
    ["DOCUMENT_ROOT"]=>
    string(24) "/usr/local/apache/htdocs"
    ["HTTP_ACCEPT"]=>
    string(99)
    "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"
    ["HTTP_ACCEPT_CHARSET"]=>
    string(30) "ISO-8859-1,utf-8;q=0.7,*;q=0.7"
    ["HTTP_ACCEPT_ENCODING"]=>
    string(12) "gzip,deflate"
    ["HTTP_ACCEPT_LANGUAGE"]=>
    string(14) "en-us,en;q=0.5"
    ["HTTP_CONNECTION"]=>
    string(5) "close"
    ["HTTP_COOKIE"]=>
    string(42) "SQMSESSID=d92df8dc944e170468dd7d1c3dc52547"
    ["HTTP_HOST"]=>
    string(22) "osiris.raventhorne.net"
    ["HTTP_USER_AGENT"]=>
    string(81) "Mozilla/5.0 (X11; U; FreeBSD i386; en-US;
    rv:1.7.12) Gecko/20051013 Firefox/1.0.7"
    ["HTTP_X_FORWARDED_FOR"]=>
    string(13) "172.16.12.114"
    ["HTTP_X_FORWARDED_HOST"]=>
    string(19) "www.raventhorne.net"
    ["HTTP_X_FORWARDED_SERVER"]=>
    string(19) "www.raventhorne.net"
    ["PATH"]=>
    string(96)
    "/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin:/usr/local/pgsql/bin"
    ["REMOTE_ADDR"]=>
    string(13) "172.16.12.114"
    ["REMOTE_PORT"]=>
    string(5) "41576"
    ["SCRIPT_FILENAME"]=>
    string(50)
    "/usr/local/apache/htdocs/squirrelmail/src/test.php"
    ["SERVER_ADDR"]=>
    string(13) "172.16.12.115"
    ["SERVER_ADMIN"]=>
    string(27) "root@osiris.raventhorne.net"
    ["SERVER_NAME"]=>
    string(22) "osiris.raventhorne.net"
    ["SERVER_PORT"]=>
    string(2) "80"
    ["SERVER_SIGNATURE"]=>
    string(74) "<ADDRESS>Apache/1.3.34 Server at
    osiris.raventhorne.net Port 80</ADDRESS>
    "
    ["SERVER_SOFTWARE"]=>
    string(30) "Apache/1.3.34 (Unix) PHP/5.1.2"
    ["GATEWAY_INTERFACE"]=>
    string(7) "CGI/1.1"
    ["SERVER_PROTOCOL"]=>
    string(8) "HTTP/1.1"
    ["REQUEST_METHOD"]=>
    string(3) "GET"
    ["QUERY_STRING"]=>
    string(0) ""
    ["REQUEST_URI"]=>
    string(26) "/squirrelmail/src/test.php"
    ["SCRIPT_NAME"]=>
    string(26) "/squirrelmail/src/test.php"
    ["PATH_TRANSLATED"]=>
    string(50)
    "/usr/local/apache/htdocs/squirrelmail/src/test.php"
    ["PHP_SELF"]=>
    string(26) "/squirrelmail/src/test.php"
    ["REQUEST_TIME"]=>
    int(1152806489)
    ["argv"]=>
    array(0) {
    }
    ["argc"]=>
    int(0)
    }

     
  • macchese
    macchese
    2006-07-13

    Logged In: YES
    user_id=1253192

    I have the same problem running 1.4.7 (my squirrelmail is
    behind an apache-ssl reverse proxy): using an 1.4.6 it
    works fine.

     
  • Skyjerk
    Skyjerk
    2006-07-13

    Logged In: YES
    user_id=1459968

    Exactly the same config as me.

    1.4.6 worked fine for me as well.

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-07-13

    Logged In: YES
    user_id=225877

    open functions/strings.php, find get_location() function.

    locate lines that say
    ----
    if ( sqgetGlobalVar('sq_base_url', $full_url, SQ_SESSION) ) {
    return $full_url . $path;
    }
    ----

    and change them to

    ---
    return 'https://www.raventhorne.net' . $path;
    ---

    This should disable base URL detection and force use of URL,
    that is set in $full_url variable. Please note that I can't
    test this fix and I am not sure if it does not break cookies.

    SquirrelMail can detect external proxy address, but it can't
    detect port or use of ssl. Proxy does not add headers with
    port and protocol information.

    If SquirrelMail 1.4.6 works and 1.4.7 does not work, could
    you check base URL detected by SquirrelMail 1.4.6.

     
  • Skyjerk
    Skyjerk
    2006-07-13

    Logged In: YES
    user_id=1459968

    This change did correct the problem, although one difference
    I noted from 1.4.6 is that with 1.4.6 after a message is
    sent, the inbox screen that you are returned to says "Your
    Message has been sent." at the top.

    1.4.7 with the code fix doesnt print that message. Its just
    the inbox.

    The config test run on 1.4.6 shows the same base URL as when
    run with 1.4.7. That is to say "http" and NOT "https"

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-07-17

    • assigned_to: nobody --> tokul
     
    • assigned_to: tokul --> kink
     
  • Logged In: YES
    user_id=285765

    I've applied a bug fix to current devel and stable CVS that
    allows one to configure the proto+hostname+port part of the
    base uri (optionally), so situations like this where that
    goes wrong can then be fixed by the administrator. I think
    we cannot further improve our heuristic because some things
    we just don't know.

     
    • status: open --> closed-fixed
     
  • Logged In: NO

    os_shoman@aialight.com