search

StartupAPI / users

:zap: User management tool to be used in on-line projects. Includes admin dashboard.
http://www.StartupAPI.com/
MIT License
60 stars 24 forks source link

Uncaught Exception: No usable ciphers available #292

Closed marcofrl1 closed 4 years ago

marcofrl1 commented 5 years ago

Hi, i installed the StartupAPI on a new server Ubuntu 18.04 with php 7.2. The installation present problem to detect mcrypt, the module is correct loaded, but not recognized.

php -m | grep mcrypt

mcrypt

The SSL seems not be used and the installation not permit to create the first user. Can you check the compatibility with php version ? I need to implement the site very fast because the old server with old version of PHP (5.3) need to be removed from the ced for security problems. Thanks

sergeychernyshev commented 5 years ago

Latest version should be compatible with latest versions of PHO and uses OpenSSL instead of mcrypt when mcrypt is not available. Did you try upgrading?

marcofrl1 commented 5 years ago

I have the last version, if i remove the mcrypt the installation don't work, if mcrypt is present i have error on regitration.php and login.php

MARCO FIORLETTA

This e-mail (including attachments) is intended only for the recipient(s) named above. It may contain confidential or privileged information and should not be read, copied or otherwise used by any other person. If you are not the named recipient, please contact (info@m2syseng.com) and delete the e-mail from your system.

Il 2019-10-17 14:46 Sergey Chernyshev ha scritto:

Latest version should be compatible with latest versions of PHO and uses OpenSSL instead of mcrypt when mcrypt is not available. Did you try upgrading?

-- You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub [1], or unsubscribe [2].

Links:

[1] https://github.com/StartupAPI/users/issues/292?email_source=notifications&email_token=AA7BKCCW4ZBSF6CXR7ZZXDLQPBNDFA5CNFSM4JBYTX72YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBP64LA#issuecomment-543157804 [2] https://github.com/notifications/unsubscribe-auth/AA7BKCH7F32FLNNG5RTOA3LQPBNDFANCNFSM4JBYTX7Q

sergeychernyshev commented 5 years ago

Can you post error messages you are getting on the screen and in the logs?

marcofrl1 commented 5 years ago

FATAL ERROR: Uncaught Exception: No usable ciphers available in /var/www/html/users/classes/CookieStorage.php:76 Stack trace: #0 /var/www/html/users/classes/CookieStorage.php(85): MrClay_CookieStorage::getOpenSSLCipher() #1 /var/www/html/users/classes/CookieStorage.php(194): MrClay_CookieStorage->encrypt('S1Xpx5oFAc4tjcg...', 'S1Xpx5oFAc4tjcg...') #2 /var/www/html/users/classes/CookieStorage.php(157): MrClay_CookieStorage->_storeEncrypted('users-userid', 2) #3 /var/www/html/users/classes/User.php(2702): MrClay_CookieStorage->store('users-userid', 2) #4 /var/www/html/users/login.php(49): User->setSession(false) #5 {main} thrown in /VAR/WWW/HTML/USERS/CLASSES/COOKIESTORAGE.PHP on line 76

IF YOU WANT CAN TRY BY YOURSELF TO HTTP://AUTH.SSOLO.CO.UK

MARCO FIORLETTA

This e-mail (including attachments) is intended only for the recipient(s) named above. It may contain confidential or privileged information and should not be read, copied or otherwise used by any other person. If you are not the named recipient, please contact (info@m2syseng.com) and delete the e-mail from your system.

Il 2019-10-17 17:01 Sergey Chernyshev ha scritto:

Can you post error messages you are getting on the screen and in the logs?

-- You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub [1], or unsubscribe [2].

Links:

[1] https://github.com/StartupAPI/users/issues/292?email_source=notifications&email_token=AA7BKCDUGQVF35KLKB2QXUTQPB43LA5CNFSM4JBYTX72YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBQNJRQ#issuecomment-543216838 [2] https://github.com/notifications/unsubscribe-auth/AA7BKCHQ5M5QBWMFEMBUX5TQPB43LANCNFSM4JBYTX7Q

sergeychernyshev commented 5 years ago

It looks like you are using OpenSSL, not mcrypt, but your host does not have OpenSSL ciphers from this list: https://github.com/StartupAPI/users/blob/master/classes/CookieStorage.php#L70-L72 (AES-256-CTR, AES-256-CFB, AES-128-CFB).

Can you check on your host, which cyphers are actually available?

sergeychernyshev commented 5 years ago

Running this in command line should do it:

php -r "echo var_export(openssl_get_cipher_methods());"
sergeychernyshev commented 5 years ago

From the quick research I did, it is likely that your system uses an older version of OpenSSL library which does not provide some of these cyphers.

marcofrl1 commented 5 years ago

Thanks , Now i'm at work . Tomorrow morning i try your resolution .

⁣Ottieni BlueMail per Android ​

Il giorno 18 ott 2019, 21:18, alle ore 21:18, Sergey Chernyshev notifications@github.com ha scritto:

From the quick research I did, it is likely that your system uses an older version of OpenSSL library which does not provide some of these cyphers.

-- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: https://github.com/StartupAPI/users/issues/292#issuecomment-543896800

sergeychernyshev commented 4 years ago

No reply, I assume it was fixed