Closed kirs closed 13 years ago
This one I have seen before. What type of OS are you on? The problem is that it's trying to access /dev/urandom and it can't open it.
In my opinion, it is only an OpenID library bug.
open up the CryptUtil.php file and tell me what it's defining that constant as. The only way that this error can occur is if 1) that const is set to NULL or 2) if there is an error opening /dev/urandom.
if (!defined('Auth_OpenID_RAND_SOURCE')) {
/*
* The filename for a source of random bytes. Define this yourself
* if you have a different source of randomness.
/
define('Auth_OpenID_RAND_SOURCE', '/dev/urandom');
}
alright, try adding a var_dump(Auth_OpenID_RAND_SOURCE) in an else clause and tell me if it outputs anything.
You are right, it was undefined.
A PHP Error was encountered Severity: Notice Message: Use of undefined constant Auth_OpenID_RAND_SOURCE - assumed 'Auth_OpenID_RAND_SOURCE' Filename: OpenID/CryptUtil.php Line Number: 17
and after
string(23) "Auth_OpenID_RAND_SOURCE"
Maybe, we should add
define('Auth_OpenID_RAND_SOURCE', NULL);
in the start of libraries/extid/ExtId.php ?
That would work as a patch, but falling back to NULL isn't considered "secure" (not that anyone is honestly going to hack it anyway(well, hopefully...)). It's up to you, it's your website. If you set it to NULL, it will fall back on using PHP's mt_rand function.
What would you do in this case? What you would recommend?
Well, I'm stubborn, I'd probably keep trying to figure out what's wrong, but that's me. I can't see that using NULL would cause any problems.
I've found the source of error!
Firstly, I have ran the simple /dev/urandom check like in CryptUtil.php:
$f = @fopen("/dev/urandom", "r");
var_dump($f);
It printed bool(false).
Then, ran just
$f = fopen("/dev/urandom", "r");
Warning: fopen(): open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s): (/home/user:.:/tmp) in /home/user/www/dostavka-peska.ru/test.php on line 2 Warning: fopen(/dev/urandom): failed to open stream: Operation not permitted in /home/user/www/dostavka-peska.ru/test.php on line 2
On my server, open_basedir restricted all paths except user's homedir. So, PHP had no permissions to /dev/urandom and that error with Auth_OpenID_RAND_SOURCE occured.
After fixing that, ExtID works fine!
I believe that open_basedir is also activated as part of safe mode. I will add a note about these in the documentation.
Before redirecting to EXTID_AUTH_AX OpenID resourse:
After redirect all works fine.