Closed k1rb closed 10 months ago
Hello @k1rb,
You have install RC instance in container environment?
This plugin don't tested on any container environment, plugin writed only for clean install on windows/linux environment. I'am busy on another projects now. I need some time for deploy container environment and test plugin for potential fix.
@Pavlo-Lyha , you misunderstand: he was providing instructions for a container should you wish to test that way, but that's not the nature of the problem. I'm experiencing the exact same thing, running the very latest versions of Ubuntu and apt-repo nginx on a new, dedicated machine with absolutely nothing else on it. Virgin install, the Duo MFA app is broken out of the box. I suspect Roundcube changed something because it was working perfectly until I did an apt update, then your plugin broke. I nuked and greenfielded the install with the exact same result. Your work has been FABULOUS for many years, but it's now broken with their latest release.
Hello @RastonWarrior, I am understand issue nature described by @k1rb, but each environment unique. For me, as development, need fully understand environment configuration, because issue may not linked with software code and issue may can be in misconfiguration environment. Maybe it's linked with specific container environment or container environment nature. Maybe? Can possible. I don't know this now, it's require testing. I am only indicate that software code tested only in clean install on windows/linux environment and RC version on that time and not tested on any container environment. For long time, from last my post, I am not receive any additional comments for this issue. Maybe in new version RC some core code changed and it influences on Duo code. I don't know this now, it's require testing. I'm guessing where the problem might be, but without testing it's just a guess. I'am busy on another projects now. I need some time for deploy new RC version in test environment and test plugin for potential fix also as for container environment.
The image provided by roundcube uses Debian 12, Apache 2.4.57, PHP 8.1.21. I'm sure you could quickly test using a virtual machine with the same packages.
For more information about the packages and or configuration files used:
One question/comment on this: As I also observed this problem, I saw the commit at https://github.com/leonardomarino/duo_auth/commit/a9f3bae169ce26bb67e1ae2c5f009181966596a9 changed the class name from "duo_auth" to "duo_sdk". This probably causes this issue here as Roundcube looks for a class with the same name as the plugin. Is there a reason why this was changed? The commit itself seems to be a about a different thing (rc_path).
One question/comment on this: As I also observed this problem, I saw the commit at a9f3bae changed the class name from "duo_auth" to "duo_sdk". This probably causes this issue here as Roundcube looks for a class with the same name as the plugin. Is there a reason why this was changed? The commit itself seems to be a about a different thing (rc_path).
@Pavlo-Lyha what is your take on this? looks like it should be "duo_auth".
"duo_sdk" changed back to "duo_auth"
"your_session_name" changed back to "roundcube_sessid"
require "./vendor/firebase/php-jwt/src/JWTExceptionWithPayloadInterface.php";
Included above BeforeValidException which looks for it aimlessly otherwise.
It's trying to parse duo.conf, but the actual config file is now named duo_auth.conf - needs to be changed on either end.
These changes fixed the plugin for me on a latest fresh RC install, for what's that worth.
Fixed on master
Running roundcube from roundcube/roundcubemail (1.6.2-apache).
When I follow the plugin install/configuration instructions in README.md the files seem to be created and everything but duo doesn't work on login and an error is generated in logs.
If you want to spin up a container like this for testing, see run command below. This image doesn't have directory
/var/lib/php
so for sessions I've setsession.save_path
to/var/www/html/session
created directory and set owner towww-data:www-data
. I do plan on moving this later but his works for now.I ran the container without the volume mounts first then used
podman cp
(ordocker cp
) to copy webroot androundcube-override.ini
to host for later volume mount. Once done, usedpodman exec -ti roundcube bash
to get into the container and run the commands shown in your README.md.