search

FreePBX / issue-tracker

The unified FreePBX issue tracker.
https://www.freepbx.org
GNU General Public License v3.0
7 stars 1 forks source link

[bug]: random passwords generated cause asterisk info to report connection failure for ARI #164

Closed dolesec closed 3 months ago

dolesec commented 3 months ago

FreePBX Version

FreePBX 17

Issue Description

previously reported in https://github.com/FreePBX/issue-tracker/issues/132

after setting up a fresh install and enabling the ARI I noted asterisk info reporting it was unable to connect to the ARI Screenshot 2024-05-14 at 8 22 54 PM

I recalled the previous issue and noted I had a + in the randomly generated username after the latest install ... Screenshot 2024-05-14 at 8 21 24 PM

it seems this is causing the failure , if I add that symbol in as part of the username or password the failure is reported; not sure about other characters but this certainly deserves another look

Operating Environment

freepbx17 , debian 12 


+-------------------+------------+---------+-------------+-----------+
| Module            | Version    | Status  | License     | Signature |
+-------------------+------------+---------+-------------+-----------+
| amd               | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| announcement      | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| api               | 17.0.1.1   | Enabled | AGPLv3+     | Sangoma   |
| areminder         | 17.0.3.9   | Enabled | Commercial  | Sangoma   |
| arimanager        | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| asterisk-cli      | 17.0.2     | Enabled | GPLv3+      | Sangoma   |
| asteriskinfo      | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| backup            | 17.0.5.23  | Enabled | GPLv3+      | Sangoma   |
| blacklist         | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| broadcast         | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| builtin           |            | Enabled |             | Unsigned  |
| bulkhandler       | 17.0.4     | Enabled | GPLv3+      | Sangoma   |
| calendar          | 17.0.4.7   | Enabled | GPLv3+      | Sangoma   |
| callaccounting    | 17.0.5     | Enabled | Commercial+ | Sangoma   |
| callback          | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| callerid          | 17.0.1     | Enabled | Commercial  | Sangoma   |
| callforward       | 17.0.1.3   | Enabled | AGPLv3+     | Sangoma   |
| calllimit         | 17.0.1.2   | Enabled | Commercial  | Sangoma   |
| callrecording     | 17.0.3.6   | Enabled | AGPLv3+     | Sangoma   |
| callwaiting       | 17.0.3.2   | Enabled | GPLv3+      | Sangoma   |
| cdr               | 17.0.4.13  | Enabled | GPLv3+      | Sangoma   |
| cdrpro            | 17.0.3.14  | Enabled | Commercial  | Sangoma   |
| cel               | 17.0.2.7   | Enabled | GPLv3+      | Sangoma   |
| certman           | 17.0.3.10  | Enabled | AGPLv3+     | Sangoma   |
| cidlookup         | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| conferences       | 17.0.3.1   | Enabled | GPLv3+      | Sangoma   |
| conferencespro    | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| configedit        | 17.0.1.1   | Enabled | AGPLv3+     | Sangoma   |
| contactmanager    | 17.0.5.8   | Enabled | GPLv3+      | Sangoma   |
| core              | 17.0.9.49  | Enabled | GPLv3+      | Sangoma   |
| cos               | 17.0.1.1   | Enabled | Commercial  | Sangoma   |
| customappsreg     | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| dashboard         | 17.0.4.2   | Enabled | AGPLv3+     | Sangoma   |
| daynight          | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| dictate           | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| directory         | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| donotdisturb      | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| endpoint          | 17.0.1.60  | Enabled | Commercial  | Sangoma   |
| extensionroutes   | 17.0.1     | Enabled | Commercial  | Sangoma   |
| extensionsettings | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| fax               | 17.0.3.2   | Enabled | GPLv3+      | Sangoma   |
| faxpro            | 17.0.1.14  | Enabled | Commercial  | Sangoma   |
| featurecodeadmin  | 17.0.2     | Enabled | GPLv3+      | Sangoma   |
| filestore         | 17.0.2.11  | Enabled | AGPLv3      | Sangoma   |
| findmefollow      | 17.0.4.6   | Enabled | GPLv3+      | Sangoma   |
| firewall          | 17.0.1.18  | Enabled | AGPLv3+     | Sangoma   |
| framework         | 17.0.15.21 | Enabled | GPLv2+      | Sangoma   |
| hotelwakeup       | 17.0.1.5   | Enabled | GPLv2       | Sangoma   |
| iaxsettings       | 17.0.1     | Enabled | AGPLv3      | Sangoma   |
| infoservices      | 17.0.1     | Enabled | GPLv2+      | Sangoma   |
| ivr               | 17.0.5     | Enabled | GPLv3+      | Sangoma   |
| languages         | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| logfiles          | 17.0.3.1   | Enabled | GPLv3+      | Sangoma   |
| manager           | 17.0.5     | Enabled | GPLv2+      | Sangoma   |
| miscapps          | 17.0.3     | Enabled | GPLv3+      | Sangoma   |
| miscdests         | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| music             | 17.0.4     | Enabled | GPLv3+      | Sangoma   |
| outroutemsg       | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| paging            | 17.0.3     | Enabled | GPLv3+      | Sangoma   |
| pagingpro         | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| parking           | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| parkpro           | 17.0.1.4   | Enabled | Commercial  | Sangoma   |
| pbxmfa            | 17.0.2     | Enabled | Commercial+ | Sangoma   |
| phpinfo           | 17.0.1     | Enabled | GPLv2+      | Sangoma   |
| pinsets           | 17.0.3.1   | Enabled | GPLv3+      | Sangoma   |
| pinsetspro        | 17.0.2     | Enabled | Commercial  | Sangoma   |
| pm2               | 17.0.3.2   | Enabled | AGPLv3+     | Sangoma   |
| presencestate     | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| printextensions   | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| queueprio         | 17.0.1.4   | Enabled | GPLv3+      | Sangoma   |
| queues            | 17.0.1.8   | Enabled | GPLv2+      | Sangoma   |
| queuestats        | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| qxact_reports     | 17.0.2     | Enabled | Commercial  | Sangoma   |
| recording_report  | 17.0.3.8   | Enabled | Commercial  | Sangoma   |
| recordings        | 17.0.2.2   | Enabled | GPLv3+      | Sangoma   |
| restapps          | 17.0.1.14  | Enabled | Commercial  | Sangoma   |
| ringgroups        | 17.0.2.4   | Enabled | GPLv3+      | Sangoma   |
| sangomaconnect    | 17.0.1.27  | Enabled | Commercial  | Sangoma   |
| sangomacrm        | 17.0.1.5   | Enabled | Commercial  | Sangoma   |
| sangomartapi      | 17.0.1.23  | Enabled | Commercial  | Sangoma   |
| setcid            | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| sipsettings       | 17.0.6.7   | Enabled | AGPLv3+     | Sangoma   |
| sipstation        | 17.0.3.3   | Enabled | Commercial  | Sangoma   |
| sms               | 17.0.1.10  | Enabled | Commercial  | Sangoma   |
| smsplus           | 17.0.3     | Enabled | Commercial  | Sangoma   |
| soundlang         | 17.0.4.1   | Enabled | GPLv3+      | Sangoma   |
| sysadmin          | 17.0.1.74  | Enabled | Commercial  | Sangoma   |
| timeconditions    | 17.0.1.15  | Enabled | GPLv3+      | Sangoma   |
| tts               | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| ttsengines        | 17.0.1     | Enabled | AGPLv3      | Sangoma   |
| ucp               | 17.0.4.14  | Enabled | AGPLv3+     | Sangoma   |
| userman           | 17.0.6.21  | Enabled | AGPLv3+     | Sangoma   |
| vmblast           | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| vmnotify          | 17.0.1.5   | Enabled | Commercial  | Sangoma   |
| voicemail         | 17.0.5.15  | Enabled | GPLv3+      | Sangoma   |
| voicemail_report  | 17.0.1.1   | Enabled | Commercial  | Sangoma   |
| voipinnovations   | 17.0.1.4   | Enabled | Commercial  | Sangoma   |
| vqplus            | 17.0.1.16  | Enabled | Commercial  | Sangoma   |
| weakpasswords     | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| webrtc            | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
+-------------------+------------+---------+-------------+-----------+

Relevant log output

No response

jissphilip commented 3 months ago

HI @dolesec ,

As per the code there is no chance to generate the username with + symbol Not sure how you got this on new install ` //generate random username

        $str_result       = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
        $manageruser      = substr(str_shuffle($str_result),0,12);

`

Generating password we use

md5(openssl_random_pseudo_bytes(16))

which will not have + symbol

dolesec commented 3 months ago

@jissphilip me either - however it was present upon the new install and previously reported as well

I also see a '+' in my asterisk manager password generated by the system , does it use the same logic ?

jissphilip commented 3 months ago

@dolesec No .There is a difference But as per code no chance of generating + symbol

dolesec commented 3 months ago

@jissphilip - mystery then : (

anyway if that character or others will cause a failure to connect the field should have some validation itself and not allow me to use an invalid character ... currently I can do so and induce the failure at will

jissphilip commented 3 months ago

@dolesec We will add a check on reload and will notify on dashboard that system have a bad character(+) on ARI/AMI

dolesec commented 3 months ago

perfect - ty sir !

dolesec commented 3 months ago

@kguptasangoma @jissphilip - I understand you say the code can't be doing this however it is somehow ... on my newly created AWS test system I noted the new warning ... this is a fresh install with no changes - all I did was enable ARI and the warning presented it self

it most certainly is occurring and this issue should be reopened and further investigated

Screenshot 2024-05-19 at 8 17 21 PM

Screenshot 2024-05-19 at 8 21 54 PM

+-------------------+------------+---------+-------------+-----------+
| Module            | Version    | Status  | License     | Signature |
+-------------------+------------+---------+-------------+-----------+
| amd               | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| announcement      | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| api               | 17.0.1.1   | Enabled | AGPLv3+     | Sangoma   |
| areminder         | 17.0.3.9   | Enabled | Commercial  | Sangoma   |
| arimanager        | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| asterisk-cli      | 17.0.2     | Enabled | GPLv3+      | Sangoma   |
| asteriskinfo      | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| backup            | 17.0.5.26  | Enabled | GPLv3+      | Sangoma   |
| blacklist         | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| broadcast         | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| builtin           |            | Enabled |             | Unsigned  |
| bulkhandler       | 17.0.4     | Enabled | GPLv3+      | Sangoma   |
| calendar          | 17.0.4.9   | Enabled | GPLv3+      | Sangoma   |
| callaccounting    | 17.0.5     | Enabled | Commercial+ | Sangoma   |
| callback          | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| callerid          | 17.0.1     | Enabled | Commercial  | Sangoma   |
| callforward       | 17.0.1.3   | Enabled | AGPLv3+     | Sangoma   |
| calllimit         | 17.0.1.2   | Enabled | Commercial  | Sangoma   |
| callrecording     | 17.0.3.6   | Enabled | AGPLv3+     | Sangoma   |
| callwaiting       | 17.0.3.2   | Enabled | GPLv3+      | Sangoma   |
| cdr               | 17.0.4.13  | Enabled | GPLv3+      | Sangoma   |
| cdrpro            | 17.0.3.14  | Enabled | Commercial  | Sangoma   |
| cel               | 17.0.2.7   | Enabled | GPLv3+      | Sangoma   |
| certman           | 17.0.3.10  | Enabled | AGPLv3+     | Sangoma   |
| cidlookup         | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| conferences       | 17.0.3.1   | Enabled | GPLv3+      | Sangoma   |
| conferencespro    | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| configedit        | 17.0.1.1   | Enabled | AGPLv3+     | Sangoma   |
| contactmanager    | 17.0.5.8   | Enabled | GPLv3+      | Sangoma   |
| core              | 17.0.9.52  | Enabled | GPLv3+      | Sangoma   |
| cos               | 17.0.1.1   | Enabled | Commercial  | Sangoma   |
| customappsreg     | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| dashboard         | 17.0.4.2   | Enabled | AGPLv3+     | Sangoma   |
| daynight          | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| dictate           | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| directory         | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| donotdisturb      | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| endpoint          | 17.0.1.61  | Enabled | Commercial  | Sangoma   |
| extensionroutes   | 17.0.1     | Enabled | Commercial  | Sangoma   |
| extensionsettings | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| fax               | 17.0.3.2   | Enabled | GPLv3+      | Sangoma   |
| faxpro            | 17.0.1.14  | Enabled | Commercial  | Sangoma   |
| featurecodeadmin  | 17.0.2     | Enabled | GPLv3+      | Sangoma   |
| filestore         | 17.0.2.11  | Enabled | AGPLv3      | Sangoma   |
| findmefollow      | 17.0.4.6   | Enabled | GPLv3+      | Sangoma   |
| firewall          | 17.0.1.21  | Enabled | AGPLv3+     | Sangoma   |
| framework         | 17.0.15.21 | Enabled | GPLv2+      | Sangoma   |
| hotelwakeup       | 17.0.1.5   | Enabled | GPLv2       | Sangoma   |
| iaxsettings       | 17.0.1     | Enabled | AGPLv3      | Sangoma   |
| infoservices      | 17.0.1     | Enabled | GPLv2+      | Sangoma   |
| ivr               | 17.0.6     | Enabled | GPLv3+      | Sangoma   |
| languages         | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| logfiles          | 17.0.3.1   | Enabled | GPLv3+      | Sangoma   |
| manager           | 17.0.5     | Enabled | GPLv2+      | Sangoma   |
| miscapps          | 17.0.3     | Enabled | GPLv3+      | Sangoma   |
| miscdests         | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| music             | 17.0.4     | Enabled | GPLv3+      | Sangoma   |
| outroutemsg       | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| paging            | 17.0.3     | Enabled | GPLv3+      | Sangoma   |
| pagingpro         | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| parking           | 17.0.2.2   | Enabled | GPLv3+      | Sangoma   |
| parkpro           | 17.0.1.4   | Enabled | Commercial  | Sangoma   |
| pbxmfa            | 17.0.2     | Enabled | Commercial+ | Sangoma   |
| phpinfo           | 17.0.1     | Enabled | GPLv2+      | Sangoma   |
| pinsets           | 17.0.3.1   | Enabled | GPLv3+      | Sangoma   |
| pinsetspro        | 17.0.2     | Enabled | Commercial  | Sangoma   |
| pm2               | 17.0.3.2   | Enabled | AGPLv3+     | Sangoma   |
| presencestate     | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
| printextensions   | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| queueprio         | 17.0.1.4   | Enabled | GPLv3+      | Sangoma   |
| queues            | 17.0.1.8   | Enabled | GPLv2+      | Sangoma   |
| queuestats        | 17.0.1.6   | Enabled | Commercial  | Sangoma   |
| qxact_reports     | 17.0.2     | Enabled | Commercial  | Sangoma   |
| recording_report  | 17.0.3.8   | Enabled | Commercial  | Sangoma   |
| recordings        | 17.0.2.2   | Enabled | GPLv3+      | Sangoma   |
| restapps          | 17.0.1.14  | Enabled | Commercial  | Sangoma   |
| ringgroups        | 17.0.2.4   | Enabled | GPLv3+      | Sangoma   |
| sangomaconnect    | 17.0.1.27  | Enabled | Commercial  | Sangoma   |
| sangomacrm        | 17.0.1.5   | Enabled | Commercial  | Sangoma   |
| sangomartapi      | 17.0.1.23  | Enabled | Commercial  | Sangoma   |
| setcid            | 17.0.1.2   | Enabled | GPLv3+      | Sangoma   |
| sipsettings       | 17.0.6.7   | Enabled | AGPLv3+     | Sangoma   |
| sipstation        | 17.0.3.3   | Enabled | Commercial  | Sangoma   |
| sms               | 17.0.1.10  | Enabled | Commercial  | Sangoma   |
| smsplus           | 17.0.3     | Enabled | Commercial  | Sangoma   |
| soundlang         | 17.0.4.1   | Enabled | GPLv3+      | Sangoma   |
| sysadmin          | 17.0.1.77  | Enabled | Commercial  | Sangoma   |
| timeconditions    | 17.0.1.15  | Enabled | GPLv3+      | Sangoma   |
| tts               | 17.0.1.1   | Enabled | GPLv3+      | Sangoma   |
| ttsengines        | 17.0.1     | Enabled | AGPLv3      | Sangoma   |
| ucp               | 17.0.4.14  | Enabled | AGPLv3+     | Sangoma   |
| userman           | 17.0.6.21  | Enabled | AGPLv3+     | Sangoma   |
| vmblast           | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| vmnotify          | 17.0.1.5   | Enabled | Commercial  | Sangoma   |
| voicemail         | 17.0.5.15  | Enabled | GPLv3+      | Sangoma   |
| voicemail_report  | 17.0.1.1   | Enabled | Commercial  | Sangoma   |
| voipinnovations   | 17.0.1.4   | Enabled | Commercial  | Sangoma   |
| vqplus            | 17.0.1.16  | Enabled | Commercial  | Sangoma   |
| weakpasswords     | 17.0.1     | Enabled | GPLv3+      | Sangoma   |
| webrtc            | 17.0.2.1   | Enabled | GPLv3+      | Sangoma   |
+-------------------+------------+---------+-------------+-----------+
kguptasangoma commented 3 months ago

Thanks @dolesec , will check this one asap.

kguptasangoma commented 3 months ago

Next freepbx rpm will have the fix.

dolesec commented 3 months ago

@kguptasangoma when you say RPM im a little confused ...

you mean this deb package...

root@fpbx17:~# apt list | grep freepbx17 

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

freepbx17/bookworm,now 17.1-1.sng12 amd64 [installed]

so when published I should be able to use the command below ?

root@fpbx17:~# apt-get --only-upgrade install freepbx17
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
freepbx17 is already the newest version (17.1-1.sng12).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
kguptasangoma commented 3 months ago

Hi @dolesec Good Morning. freepbx17 package will have the fix, but you can not upgrade that because thats only for doing initial setup. This fix is to avoid seeing the same issue on any new system. For you as system is already configured , please manually modify the username/password.

kguptasangoma commented 3 months ago

New install should not see this error.

uj commented 1 month ago

This is STILL an issue! I just downloaded the newest v16 ISO from the website, installed it, ran all of the updates, and it said "The Asterisk REST Interface is not able to connect please check configuration in advanced settings." when I go to Reports -> Asterisk Info.

I checked the ARI username and password in advanced settings (you can see it by enabling the Read-Only settings) ... and there it is, there is a slash "/" in the username! This was a brand new install, and this was auto-generated by the install, not by me.

I removed the slash from the username, and everything worked properly after doing that.

kguptasangoma commented 1 month ago

Hi @uj We have fixed this issue for new freepbx 17 installation. We have not built new 16 iso with this.