search

opnsense / plugins

OPNsense plugin collection
https://opnsense.org/
BSD 2-Clause "Simplified" License
849 stars 644 forks source link

ACME Client Automatisations results in fatal PHP error #4363

Open UG-N opened 18 hours ago

UG-N commented 18 hours ago

Important notices Before you add a new report, we ask you kindly to acknowledge the following:

Describe the bug We are using the automatisation feature "upload certificate via SFTP" to an windows server with openssl. The "Test connection" is working fine with every Identy Type (ed25519, RSA and ECDSA) but the real automatisation results in a fatal php error firmware crash.

To Reproduce Steps to reproduce the behavior:

  1. Go to ACME Client -> Automatisation
  2. Configure the SFTP Upload to an SSH Server
  3. Go to ACME Client -> Certificate and select an Certificate
  4. Add the created Automatisation to a certificate and run the automatisation
  5. Wait a few second and then check the firmware crash log in the system status section in the top right corner (it will become red)

Relevant log files System Information:

User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0 FreeBSD 14.1-RELEASE-p6 stable/24.7-n267939-fd5bc7f34e1 SMP amd64 OPNsense 24.7.9_1 b41ccdc9f Plugins os-acme-client-4.6 os-dmidecode-1.1_1 os-haproxy-4.3_1 os-iperf-1.0_2 os-smart-2.3 os-theme-cicada-1.38 os-theme-rebellion-1.9.1 os-theme-tukan-1.28 os-theme-vicuna-1.48 os-vnstat-1.3_1 Time Thu, 21 Nov 2024 22:21:26 +0100 OpenSSL 3.0.15 Python 3.11.10 PHP 8.2.25

PHP Errors:

[21-Nov-2024 22:21:16 Europe/Berlin] PHP Fatal error: Uncaught TypeError: OPNsense\AcmeClient\SSHKeys::getKnownHostKey(): Argument #2 ($port) must be of type int, string given, called in /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/SSHKeys.php on line 134 and defined in /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/SSHKeys.php:355 Stack trace:

0 /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/SSHKeys.php(134): OPNsense\AcmeClient\SSHKeys->getKnownHostKey('192.168.200.17', '')

1 /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/SftpClient.php(78): OPNsense\AcmeClient\SSHKeys->trustHost('192.168.200.17', false, '')

2 /usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php(325): OPNsense\AcmeClient\SftpClient->connect('192.168.200.17', 'Administrator', '', '')

3 /usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php(268): connectWithServer(Array, NULL)

4 /usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php(231): uploadCertificatesToHost(Array)

5 /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/Utils.php(277): commandUpload(Array)

6 /usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php(562): OPNsense\AcmeClient\Utils::runCLIMain('help', 'getOptionsById', Array, 0, 255)

7 {main}

thrown in /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/SSHKeys.php on line 355

Environment OPNsense 24.7.9_1-amd64 FreeBSD 14.1-RELEASE-p6 OpenSSL 3.0.15

OPNsense-bot commented 17 hours ago

Thank you for creating an issue. Since the ticket doesn't seem to be using one of our templates, we're marking this issue as low priority until further notice.

For more information about the policies for this repository, please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.

The easiest option to gain traction is to close this ticket and open a new one using one of our templates.