Hi,

I am working with drupal 8 beta 15.
I used this module to send mail trough smtp.gmail.com
I use tls port 587
I also used the MailSystem module to set the mailsystem to smtp.

Works excellent !!

I upgraded from php 5.5 to php 5.6 and then this module stopped working.

I tried to duplicate by writing my own php script using PHPMailer.
The issue was the same there, but there I could create a workaround by adding the following code :

$mail->smtpConnect([
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
]
]);

How can I implement this in Your module ?

Regards,

Hans Nieuwenhuis

CommentFileSizeAuthor
#12 smtp-ssl-context-options-2566561-12-d7.patch.patch9.39 KBParin
#4 smtp-disable-certificate-verification-2566561-4-7.43.patch563 bytesPisco
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

jhmnieuwenhuis created an issue. See original summary.

jhmnieuwenhuis’s picture

jhmnieuwenhuis CreditAttribution: jhmnieuwenhuis commented

I solved this issue.

I edited the php script SMTP.php and added a few lines :

  public function Connect($host, $port = 0, $tval = 30) {
   ...
   ...
    // get any announcement
    $announce = $this->get_lines();

    if ($this->do_debug >= 2) {
      echo "SMTP -> FROM SERVER:" . $announce . $this->CRLF . '<br />';
    }

    // next lines added by Hans Nieuwenhuis to disable certificate verification
    //
    $contextOptions = array(
                            'ssl' => array(
                                           'verify_peer' => false,
                                           'verify_peer_name' => false,
                                          ),
                            );
    stream_context_set_option($this->smtp_conn, $contextOptions );
    // end of addition by Hans Nieuwenhuis

    return TRUE;
 }
ptmkenny’s picture

ptmkenny CreditAttribution: ptmkenny commented
Status: Active » Needs work

@jhmnieuwenhuis Could you please contribute this as a patch so that it can be tested against the automated tests?

Pisco’s picture

Pisco CreditAttribution: Pisco commented
Status: Needs work » Needs review
FileSize
smtp-disable-certificate-verification-2566561-4-7.43.patch563 bytes

I created a patch from the above comment as it solved the issue for me.

Status: Needs review » Needs work

The last submitted patch, 4: smtp-disable-certificate-verification-2566561-4-7.43.patch, failed testing.

The last submitted patch, 4: smtp-disable-certificate-verification-2566561-4-7.43.patch, failed testing.

Pisco’s picture

Pisco CreditAttribution: Pisco as a volunteer commented
Version: 8.x-1.x-dev » 7.x-1.x-dev

I believe this error applies to version 7.x-1.x

Pisco’s picture

Pisco CreditAttribution: Pisco as a volunteer commented
Status: Needs work » Needs review

The tests passed for version 7.x-1.x and I'd appreciate if someone could confirm so that I can set the status to RTBC.

vesnadrupal’s picture

vesnadrupal CreditAttribution: vesnadrupal commented

This patch is not working on my side...

BD3’s picture

BD3 CreditAttribution: BD3 commented

+1 Working for me great on two separate sites on separate servers.

SocialNicheGuru’s picture

SocialNicheGuru CreditAttribution: SocialNicheGuru commented

Is this more of a workaround.

SSL certs are not being validated.

Parin’s picture

Parin CreditAttribution: Parin commented
Title: Php 5.6 SSL operation failed with code 1 » PHP 5.6 SSL operation failed with code 1
FileSize
smtp-ssl-context-options-2566561-12-d7.patch.patch9.39 KB

I believe we should at least provide some SSL context options for end users instead of simply disabling those cert checks on behalf of them.

Status: Needs review » Needs work

The last submitted patch, smtp-ssl-context-options-2566561-12-d7.patch.patch, failed testing.

Parin’s picture

Parin CreditAttribution: Parin commented
Status: Needs work » Needs review

Mark as Needs Review

Vollzeitaffe’s picture

Vollzeitaffe CreditAttribution: Vollzeitaffe as a volunteer commented

Parin's last patch worked for me. But now I dont need it anymore :D

The error made me realize that my mailserver (letsencrypt) wasnt serving the fullchain.pem.

Now everything works like a charm - certs get verified as they should. Since letsencrypt is giving certs out for free nobody needs no self signed certs dispite issueing certs for *.example.com (catchall)

cheers!

NWOM’s picture

NWOM CreditAttribution: NWOM commented
Issue tags: -php 5.6 introduces smtp issue

#12 applied cleanly and fixed my periodic issue. Thank you!

NWOM’s picture

NWOM CreditAttribution: NWOM commented
Status: Needs review » Reviewed & tested by the community
NWOM’s picture

NWOM CreditAttribution: NWOM commented
Status: Reviewed & tested by the community » Needs work

Actually it appears the periodic issue is still there even after disabling the following:

  • Verify SMTP server SSL certificate
  • Verify SMTP server SSL certificate CN

The following error was shown and the e-mail was not sent:

Warning: stream_socket_enable_crypto(): SSL: Handshake timed out in SMTP->StartTLS() (line 232 of /var/aegir/platforms/panopoly-7.x-1.43/sites/SITE/modules/smtp/smtp.transport.inc).

After waiting a moment, and trying again, the e-mail is sent with success.

skylord’s picture

skylord CreditAttribution: skylord commented
Status: Needs work » Reviewed & tested by the community

Patch from #12 works like a charm and provide flexibility needed to support internal company mail servers. "Handshake timed out" mentioned in #18 is definitely separate issue as i think and is not related directly to certificate issues (maybe we need separate setting for specifying handshake timeout).

rpayanm’s picture

rpayanm
he/him
Primary language Spanish
CreditAttribution: rpayanm at Kadabra commented

I can confirm that it works!

After commit this path we should bring it to version 8.x

peraltamori’s picture

peraltamori CreditAttribution: peraltamori as a volunteer and commented

Patch from #12 works

dsrikanth’s picture

dsrikanth CreditAttribution: dsrikanth commented

I can confirm this patch is working.

kruser’s picture

kruser CreditAttribution: kruser commented

12 fixed it for me too.

wundo’s picture

wundo CreditAttribution: wundo at Chuva Inc. for Galoa Science commented
wundo’s picture

wundo CreditAttribution: wundo at Chuva Inc. for Galoa Science commented
Status: Reviewed & tested by the community » Fixed

  • wundo committed af2a93d on 7.x-1.x authored by Parin 
    Issue #2566561 by Pisco, Parin, NWOM, jhmnieuwenhuis, wundo: PHP 5.6 SSL...
wundo’s picture

wundo CreditAttribution: wundo at Chuva Inc. for Galoa Science commented
Status: Reviewed & tested by the community » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.