Error 500 when making a new account; Seems like a SSL error

[riahc3]

🐛 Bug Report

When I try to make a new account, a error 500 pops up and the email is never received.

Environment

Where are you running/using Password Pusher?

• [ ] pwpush.com
• [X] Docker Image
  • [X] pwpush
  • [ ] custom image
• [ ] Heroku
• [ ] Digital Ocean
• [ ] Microsoft Azure
• [ ] Google Cloud
• [ ] AWS
• [ ] Source Code
• [ ] Other (please specify)

Screenshots

📈 Expected behavior

Make a account

📎 Additional context

From what I am seeing, it seems to be a issue where it connects to a relay thru SSL even though I tell it not to:

  # Email delivery errors will be shown in the application
PWP__MAIL__RAISE_DELIVERY_ERRORS=true
#  raise_delivery_errors: true

  # Allows you to use a remote mail server. Just change it from its default "localhost" setting.
PWP__MAIL__SMTP_ADDRESS=emailrelay.company.com
 # smtp_address: emailrelay.company.com

  # If you need to specify a HELO domain, you can do it here.
PWP__MAIL__SMTP_DOMAIN=company.com
  #smtp_domain: 'company.com'

  # Port of the SMTP server
PWP__MAIL__SMTP_PORT=46525
 # smtp_port: 46525

  # If your mail server requires authentication, you need to specify the
  # authentication type here. This is a string and one of :plain (will send
  # the password in the clear), :login (will send password Base64 encoded)
  # or :cram_md5 (combines a Challenge/Response mechanism to exchange
  # information and a cryptographic Message Digest 5 algorithm to hash
  # important information)
  #
  # Important: Comment this out if your server doesn't require authentication.
  #
PWP__MAIL__SMTP_AUTHENTICATION=plain
 # smtp_authentication: 'plain'

  # If your mail server requires authentication, set the username in this setting.
PWP__MAIL__SMTP_USER_NAME=company
 # smtp_user_name: 'company'

  # If your mail server requires authentication, set the password in this setting.
PWP__MAIL__SMTP_PASSWORD=company24*
 # smtp_password: 'company24*'

  # Use STARTTLS when connecting to your SMTP server and fail if unsupported.
PWP__MAIL__SMTP_STARTTLS=false
  # smtp_starttls: false

  # Detects if STARTTLS is enabled in your SMTP server and starts to use it. Defaults to true.
PWP__MAIL__SMTP_ENABLE_STARTTLS_AUTO=false
#  smtp_enable_starttls_auto: true

  # Number of seconds to wait while attempting to open a connection.
PWP__MAIL__SMTP_OPEN_TIMEOUT=10
#  smtp_open_timeout: 10

  # Number of seconds to wait until timing-out a read(2) call.
PWP__MAIL__SMTP_READ_TIMEOUT=10
#  smtp_read_timeout: 10

  # When using TLS, you can set how OpenSSL checks the certificate. This is
  # useful if you need to validate a self-signed and/or a wildcard certificate.
  # This can be one of the OpenSSL verify constants, :none or :peer
  # Environment Variable Override: PWP__MAIL__SMTP_OPENSSL_VERIFY_MODE='none'
  # smtp_openssl_verify_mode: 'peer'

  # Configure the e-mail address which will be shown as 'From' in emails
  # See config/initializers/devise.rb where this is used
PWP__MAIL__MAILER_SENDER="company Password Pusher" <companypwpush@company.com>
#  mailer_sender: '"company Password Pusher" <companypwpush@company.com>'

[pglombardo]

Hi @riahc3,

PWP__MAIL__RAISE_DELIVERY_ERRORS=true
#  raise_delivery_errors: true

You are using environment variables inside of the yaml file. PWP__MAIL__RAISE_DELIVERY_ERRORS is an environment variable. raise_delivery_errors is the YAML equivalent. But beware that spacing is important in yaml files. The indentation defines the hierarchy.

So you shouldn't be commenting out those values in the settings.yml file and adding the environment variables.

[riahc3]

Hi @riahc3,

PWP__MAIL__RAISE_DELIVERY_ERRORS=true
#  raise_delivery_errors: true

You are using environment variables inside of the yaml file. PWP__MAIL__RAISE_DELIVERY_ERRORS is an environment variable. raise_delivery_errors is the YAML equivalent. But beware that spacing is important in yaml files. The indentation defines the hierarchy.

So you shouldn't be commenting out those values in the settings.yml file and adding the environment variables.

That was just a copy/paste :) I commented out all the settings.yml vs environment variables

It seemed to be a configuration on email relay; My coworker fixed :)

[riahc3]

Reopened: He fixed it but it broke other things so he had to revert it.

What he sees in the logs is that it tries to connect via SSL, even though the configuration shows it should NOT connect thru SSL.

Is there something wrong???

[pglombardo]

Hi @riahc3 - I'm not sure that I understand. What tries to connect via SSL?

If there is a 500 error, there should be a exception log inside the container at /opt/PasswordPusher/log/production.log. That should provide some useful info.

[riahc3]

Hi @riahc3 - I'm not sure that I understand. What tries to connect via SSL?

If there is a 500 error, there should be a exception log inside the container at /opt/PasswordPusher/log/production.log. That should provide some useful info.

Sorry.

I try to register a new account and when it tries to connect to the SMTP server, it tries to connect thru SSL, instead of non SSL, like I set in the configuration.

This is seen on the email relay server.

Im gonna try to access that log; Im sorry but I am not a expert at Docker so might have issues accessing it.

[riahc3]

I was able to get it :)

E, [2024-05-21T15:21:31.893063 #24] ERROR -- : [7759b990-3d9f-4d65-8a96-1e8820d0530d]
[7759b990-3d9f-4d65-8a96-1e8820d0530d] TypeError (no implicit conversion of Symbol into Integer):
[7759b990-3d9f-4d65-8a96-1e8820d0530d]
[7759b990-3d9f-4d65-8a96-1e8820d0530d] app/controllers/application_controller.rb:18:in `custom_set_locale_from_url'
E, [2024-05-21T15:22:35.625864 #20] ERROR -- : [c574fa97-d3a6-4d2a-8652-37a91840a909]
[c574fa97-d3a6-4d2a-8652-37a91840a909] TypeError (no implicit conversion of Symbol into Integer):
[c574fa97-d3a6-4d2a-8652-37a91840a909]
[c574fa97-d3a6-4d2a-8652-37a91840a909] app/controllers/application_controller.rb:18:in `custom_set_locale_from_url'

[riahc3]

The entire log is this:

513468a1a7b1:/opt/PasswordPusher/log$ tail -f production.log
[c3e34cb8-3ca0-4dcc-b548-2bb0534f587a]
E, [2024-05-21T13:20:31.189856 #20] ERROR -- : [92ada506-165a-4e3e-95a4-63192910390b]
[92ada506-165a-4e3e-95a4-63192910390b] ActionController::RoutingError (No route matches [GET] "/cgi-bin/luci/;stok=/locale"):
[92ada506-165a-4e3e-95a4-63192910390b]
E, [2024-05-21T15:00:59.168146 #24] ERROR -- : [7628907e-8c95-4996-8943-fd807e5452f0]
[7628907e-8c95-4996-8943-fd807e5452f0] ActionController::RoutingError (No route matches [GET] "/aaa9"):
[7628907e-8c95-4996-8943-fd807e5452f0]
E, [2024-05-21T15:01:04.246115 #20] ERROR -- : [1352cb3d-4d20-461f-93ef-3801cbdccc47]
[1352cb3d-4d20-461f-93ef-3801cbdccc47] ActionController::RoutingError (No route matches [GET] "/aab8"):
[1352cb3d-4d20-461f-93ef-3801cbdccc47]
E, [2024-05-21T15:21:31.893063 #24] ERROR -- : [7759b990-3d9f-4d65-8a96-1e8820d0530d]
[7759b990-3d9f-4d65-8a96-1e8820d0530d] TypeError (no implicit conversion of Symbol into Integer):
[7759b990-3d9f-4d65-8a96-1e8820d0530d]
[7759b990-3d9f-4d65-8a96-1e8820d0530d] app/controllers/application_controller.rb:18:in `custom_set_locale_from_url'
E, [2024-05-21T15:22:35.625864 #20] ERROR -- : [c574fa97-d3a6-4d2a-8652-37a91840a909]
[c574fa97-d3a6-4d2a-8652-37a91840a909] TypeError (no implicit conversion of Symbol into Integer):
[c574fa97-d3a6-4d2a-8652-37a91840a909]
[c574fa97-d3a6-4d2a-8652-37a91840a909] app/controllers/application_controller.rb:18:in `custom_set_locale_from_url'

[riahc3]

More logs:

irb(main):001> TestMailer.send_test_email("email@company.com").deliver_now

--> Configured FROM: address: '"Company Password Pusher" <companypwpush@company.com>'
--> raise_delivery_errors is set to true in the configuration.  This will raise an error if the email fails to send.
--> Attempting to send a test email to email@company.com...
--> It seems that the Email sent successfully!  Check destination inbox for the test email.

--> If you see an error, please paste this output into a GitHub issue for help.
  --> Make sure that no sensitive data is included.
  --> https://github.com/pglombardo/PasswordPusher/issues/new/choose

(irb):1:in `<main>': no implicit conversion of Symbol into Integer (TypeError)

      OpenSSL::SSL::SSLSocket.new socket, context
                                  ^^^^^^^^^^^^^^^
irb(main):002>

[pglombardo]

Ok that is an email configuration issue. The SSL is when it's attempting to establish a TLS connection to the email server.

What version of the container are you running and can you share your email configuration (without passwords)?

[pglombardo]

Related thread with a fix here: https://github.com/pglombardo/PasswordPusher/issues/982#issuecomment-2074569015

[riahc3]

> # Email delivery errors will be shown in the application
> PWP__MAIL__RAISE_DELIVERY_ERRORS=true
> #  raise_delivery_errors: true
> 
>   # Allows you to use a remote mail server. Just change it from its default "localhost" setting.
> PWP__MAIL__SMTP_ADDRESS=emailrelay.company.com
>  # smtp_address: emailrelay.company.com
> 
>   # If you need to specify a HELO domain, you can do it here.
> PWP__MAIL__SMTP_DOMAIN=company.com
>   #smtp_domain: 'company.com'
> 
>   # Port of the SMTP server
> PWP__MAIL__SMTP_PORT=46525
>  # smtp_port: 46525
> 
>   # If your mail server requires authentication, you need to specify the
>   # authentication type here. This is a string and one of :plain (will send
>   # the password in the clear), :login (will send password Base64 encoded)
>   # or :cram_md5 (combines a Challenge/Response mechanism to exchange
>   # information and a cryptographic Message Digest 5 algorithm to hash
>   # important information)
>   #
>   # Important: Comment this out if your server doesn't require authentication.
>   #
> PWP__MAIL__SMTP_AUTHENTICATION=plain
>  # smtp_authentication: 'plain'
> 
>   # If your mail server requires authentication, set the username in this setting.
> PWP__MAIL__SMTP_USER_NAME=company
>  # smtp_user_name: 'company'
> 
>   # If your mail server requires authentication, set the password in this setting.
> PWP__MAIL__SMTP_PASSWORD=company24*
>  # smtp_password: 'company24*'
> 
>   # Use STARTTLS when connecting to your SMTP server and fail if unsupported.
> PWP__MAIL__SMTP_STARTTLS=false
>   # smtp_starttls: false
> 
>   # Detects if STARTTLS is enabled in your SMTP server and starts to use it. Defaults to true.
> PWP__MAIL__SMTP_ENABLE_STARTTLS_AUTO=false
> #  smtp_enable_starttls_auto: true
> 
>   # Number of seconds to wait while attempting to open a connection.
> PWP__MAIL__SMTP_OPEN_TIMEOUT=10
> #  smtp_open_timeout: 10
> 
>   # Number of seconds to wait until timing-out a read(2) call.
> PWP__MAIL__SMTP_READ_TIMEOUT=10
> #  smtp_read_timeout: 10
> 
>   # When using TLS, you can set how OpenSSL checks the certificate. This is
>   # useful if you need to validate a self-signed and/or a wildcard certificate.
>   # This can be one of the OpenSSL verify constants, :none or :peer
>   # Environment Variable Override: PWP__MAIL__SMTP_OPENSSL_VERIFY_MODE='none'
>   # smtp_openssl_verify_mode: 'peer'
> 
>   # Configure the e-mail address which will be shown as 'From' in emails
>   # See config/initializers/devise.rb where this is used
> PWP__MAIL__MAILER_SENDER="company Password Pusher" <companypwpush@company.com>
> #  mailer_sender: '"company Password Pusher" <companypwpush@company.com>'

I want to stress that I am using environment variables and the rest is commented out :)

Ah and version. I just run this:

docker run -d -p 5100:5100 --env-file /home/pwpush/pwpush-docker-env-file pglombardo/pwpush:latest

[pietro95]

Hello, same problem here. Trying to use a simple internal mail relay on port 25, with no SSL and no authentication, I get the same error: INFO -- : [bdd0b909-8770-49ce-a285-b278b3e36b2f] Failed delivery of mail 664d9b9eeff60_1659c7c90734@60e1360e5136.mail error_class=TypeError error_message="no implicit conversion of Symbol into Integer"

Using the latest version of the docker container.

[pglombardo]

Unfortunately email is the most problematic. Most have no issue but for those that do, they can be a headache.

@pietro95 Follow these instructions and open a new issue so we can investigate your situation in parallel but separately.

@riahc3 try removing the environment variables like another user did here:

PWPMAILSMTP_ENABLE_STARTTLS_AUTO PWPMAILSMTP_OPEN_TIMEOUT PWPMAILSMTP_READ_TIMEOUT

You don't have to specify every single value - just the ones you want to override. I suspect your issue is related to TLS and one of the settings.

[riahc3]

I have great news for you @pglombardo It is a bug :)

With:

docker run -d -p 5100:5100 --env-file /home/pwpush/pwpush-docker-env-file pglombardo/pwpush:latest

It does not work.

With

docker run -d -p 5100:5100 --env-file /home/pwpush/pwpush-docker-env-file pglombardo/pwpush:release

It works.

Like I commented with my coworkers, for some reason, the enable/disabling of SSL seems to be broken, so that needs to be checked out.

Ill leave the issue open so you can confirm it is indeed a bug and once its fixed, it can be closed.

Also, for clarity (although this might break things), action-mailer-configuration says:

smtp_settings | :enable_starttls

While in your variable is:

PWPMAILSMTP_STARTTLS

It should be

PWPMAILSMTP_ENABLE_STARTTLS

[pglombardo]

I wish it was that simple. The release tag is no longer used and hasn't been updated in a long time - so it's pointing to an old release. The changes since then has fixed email for a number of users so unfortunately there is no going back without affecting that group.

What you can do though is run the release tag and dump the SMTP settings using these instructions. Then run latest, do the same and compare the differences.

I've be very interested in what you find.

[pglombardo]

If you figure out the problem, I'd love to add your config for local postfix to the Known Configurations.

[riahc3]

OK, sorry, give me a second and Ill do it right now.

[riahc3]

docker run -d -p 5100:5100 --env-file /home/pwpush/pwpush-docker-env-file pglombardo/pwpush:release

May 23 11:38:26 emailrelay postfix/smtpd[30325]: initializing the server-side TLS engine
May 23 11:38:26 emailrelay postfix/smtpd[30325]: connect from unknown[1.2.3.4]
May 23 11:38:26 emailrelay postfix/smtpd[30325]: E95C7440362: client=unknown[1.2.3.4], sasl_method=PLAIN, sasl_username=username
May 23 11:38:26 emailrelay postfix/cleanup[30329]: E95C7440362: message-id=<664f0e92b9599_e46a1426267@288d12ea8298.mail>
May 23 11:38:26 emailrelay postfix/qmgr[25886]: E95C7440362: from=<companypwpush@company.com>, size=2394, nrcpt=1 (queue active)
May 23 11:38:27 emailrelay postfix/smtpd[30325]: disconnect from unknown[1.2.3.4] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6
May 23 11:38:28 emailrelay postfix/smtp[30330]: E95C7440362: to=<myname@company.com>, relay=company-com.mail.protection.outlook.com[9.8.7.6]:25, delay=1.6, delays=0.06/0.01/0.25/1.3, dsn=2.6.0, status=sent (250 2.6.0 <664f0e92b9599_e46a1426267@288d12ea8298.mail> [InternalId=3706556808941, Hostname=VI2PR09MB7330.eurprd09.prod.outlook.com] 12161 bytes in 0.320, 37.093 KB/sec Queued mail for delivery)
May 23 11:38:28 emailrelay postfix/qmgr[25886]: E95C7440362: removed

docker run -d -p 5100:5100 --env-file /home/pwpush/pwpush-docker-env-file pglombardo/pwpush:latest

May 23 11:40:11 emailrelay postfix/qmgr[25886]: 225EF440362: removed
May 23 11:41:46 emailrelay postfix/smtpd[30325]: connect from unknown[1.2.3.4]
May 23 11:41:46 emailrelay postfix/smtpd[30325]: setting up TLS connection from unknown[1.2.3.4]
May 23 11:41:46 emailrelay postfix/smtpd[30325]: unknown[1.2.3.4]: TLS cipher list "aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH"
May 23 11:41:46 emailrelay postfix/smtpd[30325]: SSL_accept:before SSL initialization
May 23 11:41:46 emailrelay postfix/smtpd[30325]: SSL_accept:error in before SSL initialization
May 23 11:41:46 emailrelay postfix/smtpd[30325]: SSL_accept error from unknown[1.2.3.4]: lost connection
May 23 11:41:46 emailrelay postfix/smtpd[30325]: lost connection after STARTTLS from unknown[1.2.3.4]
May 23 11:41:46 emailrelay postfix/smtpd[30325]: disconnect from unknown[1.2.3.4] ehlo=1 starttls=0/1 commands=1/2

Here you can see the SAME configuration file but release vs latest

[riahc3]

All sensible information has been replaced:

root@pwpush:/home/user# docker run -d -p 5100:5100 --env-file /home/pwpush/pwpush-docker-env-file pglombardo/pwpush:latest
b1df4824f23cb608a24510ae82e5e5936b270923fb772ead7aa80891f56fa864
root@pwpush:/home/user# docker exec -it b1df4824f23cb608a24510ae82e5e5936b270923fb772ead7aa80891f56fa864 /bin/bash
b1df4824f23c:/opt/PasswordPusher$ ./bin/pwpush console
Password Pusher Version: 1.40.12
Loading production environment (Rails 7.1.3.2)
irb(main):001> Rails.application.config.action_mailer.smtp_settings
=> {:address=>"emailrelay.user.local", :port=>46525, :domain=>"user.com", :open_timeout=>10, :read_timeout=>10, :authentication=>"plain", :user_name=>"user", :password=>"pass90*", :openssl_verify_mode=>:none}
irb(main):002>

If I run release, I cannot access ./bin/pwpush console

[pglombardo]

Give me a bit to take a look - juggling a couple things.

If I run release, I cannot access ./bin/pwpush console

Try bin/rails console. The pwpush command wasn't added until later.

[riahc3]

(again, things have been changed for privacy, i just randomly changed it)

ce099d8dac47:/opt/PasswordPusher$ bin/rails console
Password Pusher Version: 1.39.4
Loading production environment (Rails 7.1.3.2)
irb(main):001> Rails.application.config.action_mailer.smtp_settings
=>
{:address=>"emailrelay.company.com",
 :port=>46525,
 :user_name=>"user",
 :password=>"pass90*",
 :authentication=>"plain",
 :enable_starttls_auto=>false,
 :open_timeout=>10,
 :read_timeout=>10,
 :domain=>"company.com",
 :openssl_verify_mode=>:none}
irb(main):002>

[riahc3]

The bug is pretty clear :) :enable_starttls_auto=>false,

[pglombardo]

Agree - that helped. I think I might have found the cause. Let me fix and put together another release.

[pglombardo]

v1.40.14 Docker containers are building now. That release should allow you to set :enable_starttls_auto=>false. Fingers crossed 😄

[riahc3]

v1.40.14 Docker containers are building now. That release should allow you to set :enable_starttls_auto=>false. Fingers crossed 😄

Sorry for not coming back sooner.

Yup, now it works correctly.

[pglombardo]

Excellent! - Thanks for all the research and testing @riahc3.

[riahc3]

Excellent! - Thanks for all the research and testing @riahc3.

Can we use the latest tag? I ask in order if we reboot the server, so it can get and use the latest Docker image

[riahc3]

Excellent! - Thanks for all the research and testing @riahc3.

Can we use the latest tag? I ask in order if we reboot the server, so it can get and use the latest Docker image

Hello @pglombardo

I need a confirmation that I can now use the latest tag so I can put this in full production: The idea is to setup the docker container to autostart if the box is rebooted.

Thanks

[riahc3]

OK, I just checked it: No, latest still downloads 1.40.12 instead of 1.40.14 :(

Could you please update this? That way each time the host is rebooted, the docker image is also updated. Thank you

[pietro95]

hi @riahc3 , rebooting the server does NOT force a pull of the new image, so the container will always restart with the same image. You have to do it manually, or using another container such as Watchtower witch will update the image - and the associate container - for you.

If you want to do manually I think you should send this two command: docker pull pglombardo/pwpush:latest docker restart yourcontainername

[riahc3]

hi @riahc3 , rebooting the server does NOT force a pull of the new image, so the container will always restart with the same image. You have to do it manually, or using another container such as Watchtower witch will update the image - and the associate container - for you.

If you want to do manually I think you should send this two command: docker pull pglombardo/pwpush:latest docker restart yourcontainername

I dont know anything about Docker.

How do I set it up so it can always pull and use the latest image (which would be tag latest) and start up on host boot?

I currently run:

docker run -d -p 5100:5100 --env-file /home/pwpush/pwpush-docker-env-file pglombardo/pwpush:latest

[pietro95]

Ok so using this command you are telling docker to start a container, using the image "pglombardo/pwpush:latest". Two things can happen:

• If your docker installation does not have the image, it will first start a pull from the Docker Hub, then it will start the container with the image it has downloaded;
• If your docker installation does have the image, it will start the container with the image it has internally, even if that is not anymore the latest one;

As stated before after you start the container for the first time and you always want to be on the latest version you have two options:

• Use this container (which is the one I use): https://github.com/containrrr/watchtower this Container will automatically update the image and the container, every time a new image is pushed to the Docker Hub;
• Manually donwload the container with the command I suggested on the latest post. If you want to automate it I think you can do a cronjob or something similar;

I dont know if there are other ways, I have a basic knowledge of docker but I think that you should be able to do it with my suggestion!

[riahc3]

Well, this is more of a Docker issue that has nothing to do with this so.....Closing since the issue seems to be solved