search

Blount / Cheky

Alerte mail et RSS pour Leboncoin.fr
GNU General Public License v3.0
156 stars 46 forks source link

images non sauvegardées #64

Closed piem closed 6 years ago

piem commented 7 years ago

hello and thanks for writing cheky,

saving an ad works, except images are not saved. making <cheky>/static/media/annonce writeable by the server seems to help, since a folder <username> then gets created there, but images are still not there.

piem commented 7 years ago

relevant error messages in the logs look like:


2017-06-06T09:53:53+02:00 ERROR E_WARNING copy(): Failed to enable crypto (/path/to/cheky/app/models/Storage/AdPhoto.php:40)
2017-06-06T09:53:53+02:00 ERROR E_WARNING copy(https://img0.leboncoin.fr/ad-large/valid-image-id.jpg): failed to open stream: operation failed (/path/to/cheky/app/models/Storage/AdPhoto.php:40)
2017-06-06T09:53:53+02:00 ERROR E_WARNING copy(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (/path/to/cheky/app/models/Storage/AdPhoto.php:40)
Blount commented 7 years ago

Your server seems to have a SSL certificate misconfiguration. You should update your certificate bundle stored in /etc/ssl.

piem commented 7 years ago

hi @Blount

I doubt it comes from my server's /etc/ssl. I can fetch this url without any problem from there:

$ HEAD https://img2.leboncoin.fr/ad-large/avalidimg.jpg | grep -i SSL
Client-SSL-Cert-Issuer: /C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
Client-SSL-Cert-Subject: /OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=*.leboncoin.fr
Client-SSL-Cipher: ECDHE-RSA-AES128-SHA256
Client-SSL-Socket-Class: IO::Socket::SSL
$ echo $?
0
Blount commented 7 years ago

I think, you should explore PHP configuration to solve this issue or upgrade it. What is your PHP version ? Similare error can found here : https://github.com/composer/composer/issues/5685

piem commented 7 years ago 
$ php -v
PHP 5.6.30-0+deb8u1 (cli) (built: Feb  8 2017 08:50:21) 
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies
$ php -r "copy('https://img4.leboncoin.fr/ad-image/avalidimg.jpg', 'testimg.jpg');"
$ identify testimg.jpg 
testimg.jpg JPEG 690x460 690x460+0+0 8-bit sRGB 61.8KB 0.010u 0:00.010
Blount commented 7 years ago

Can you create a PHP file with this line and call it via web server ?

piem commented 7 years ago

thanks for your feedback @Blount. i see similar log entries in /var/log/apache2/error.log when accessing a file containing this line.

[Tue Jun 06 12:51:43.301978 2017] [:error] [pid 484] [client myip:48953] PHP Warning:  copy(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /path/to/cheky/test.php on line 2
[Tue Jun 06 12:51:43.302058 2017] [:error] [pid 484] [client myip:48953] PHP Warning:  copy(): Failed to enable crypto in /path/to/cheky/test.php on line 2
[Tue Jun 06 12:51:43.302168 2017] [:error] [pid 484] [client myip:48953] PHP Warning:  copy(https://img4.leboncoin.fr/ad-image/validimg.jpg): failed to open stream: operation failed in /path/to/cheky/test.php on line 2
Blount commented 7 years ago

Ok, that's because PHP from the command line and PHP from the web server can have a different configuration.

piem commented 7 years ago

how can i check the differences between both configs?

Blount commented 7 years ago

Exemple, diff /etc/php5/cli/php.ini /etc/php5/fpm/php.ini

But, the differences can be in the internal PHP source code. I don't have any idea on how to solve this. Sorry.