search

pimlie / authres_status

Roundcube plugin that checks the Authentication-Results headers (rfc5451) of your emails and displays the verification status.
Other
34 stars 20 forks source link

Class 'DKIM_Verify' not found #12

Closed k0ste closed 8 years ago

k0ste commented 8 years ago

Hello. Plugin works okay. But if in Folder "bad" message, have this error (internal server error in Roundcube):

Error:


[02-Jun-2016 09:37:41 Asia/Novosibirsk] PHP Fatal error:  Uncaught Error: Class 'DKIM_Verify' not found in /usr/share/webapps/roundcubemail/plugins/authres_status/authres_status.php:375    
Stack trace:                                                                                                                                                                                 
#0 /usr/share/webapps/roundcubemail/plugins/authres_status/authres_status.php(190): authres_status->get_authentication_status(Object(rcube_message_header), 127, 21)                         
#1 /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_plugin_api.php(439): authres_status->messages_list(Array)                                                                    
#2 /usr/share/webapps/roundcubemail/program/steps/mail/func.inc(430): rcube_plugin_api->exec_hook('messages_list', Array)                                                                    
#3 /usr/share/webapps/roundcubemail/program/steps/mail/list.inc(103): rcmail_js_message_list(Array, false, Array)                                                                            
#4 /usr/share/webapps/roundcubemail/index.php(291): include_once('/usr/share/weba...')                                                                                                       
#5 {main}                                                                                                                                                                                    
  thrown in /usr/share/webapps/roundcubemail/plugins/authres_status/authres_status.php on line 375

It's easy to reproduce, catch this on messages from any message from my domain... Just send message from me to me via roundcube or thunderbird.

Example message:

Return-Path: <k.shalygin@e2e4online.ru>
Delivered-To: k.shalygin@e2e4online.ru
Received: from mx.e2e4online.ru (mx.e2e4online.ru [127.0.0.1])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    (No client certificate requested)
    (Authenticated sender: k.shalygin@e2e4online.ru)
    by mx.e2e4online.ru (Postfix) with ESMTPSA id B72D51F01CA2
    for <k.shalygin@e2e4online.ru>; Thu,  2 Jun 2016 09:43:51 +0600 (NOVT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=e2e4online.ru; s=mx;
    t=1464839031; bh=3g7dCsSnBa/3DzRzTpCh0KHYt2q+S7U/Pqk0vBBbOxc=;
    h=Date:From:To:Subject;
    b=Vauegk8GHg1aw+7QFq2hx+lYdHj4WZkhxmiL0yBeyrOyw4v57ERxabAYEqpvAEAiI
     gO3NovqJoN0GBkSDmxS4xRhq8TFEEW7hLC8Kqjf2A6BnteB2axOkL008idzb4g8buU
     S15ndSzjouhpGM2vbIxywpV27RZYIXxwpNkbP/1o=
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Thu, 02 Jun 2016 09:43:51 +0600
From: k.shalygin@e2e4online.ru
To: =?UTF-8?Q?=D0=A8=D0=B0=D0=BB=D1=8B=D0=B3=D0=B8=D0=BD_=D0=9A=D0=BE?=
 =?UTF-8?Q?=D0=BD=D1=81=D1=82=D0=B0=D0=BD=D1=82=D0=B8=D0=BD_=D0=9D=D0=B8?=
 =?UTF-8?Q?=D0=BA=D0=BE=D0=BB=D0=B0=D0=B5=D0=B2=D0=B8=D1=87?=
 <k.shalygin@e2e4online.ru>
Subject: test2
Message-ID: <789f8b6f82adc84bc0907e5d55925576@e2e4online.ru>
X-Sender: k.shalygin@e2e4online.ru
User-Agent: Roundcube Webmail/1.2.0

test2

Env:

plugin version 0.2.5 roundcube 1.2 stable

Resolved by:

Use internal DKIM verifier (if signature found but no auth. results header) = Disabled.

How I can set this option globally?

pimlie commented 8 years ago

Thank you for the report, thanks to the recent commits of Takika you should be able to include a config.inc.php in the plugin root folder (see config.inc.php.dist) to set this option globally.

Also, please make sure you have all dependencies installed. The DKIM_Verify class is provided by the angrychimp/php-dkim package, please check whether this package is available in /vendor

k0ste commented 8 years ago

Yes, I found config.inc.php.dist, but options without description.

Dependencies is installed. Module work's properly, but with exceptions.

pimlie commented 8 years ago

Sorry for asking, but is your report about the missing DKIM_Verify class or about how to always disable the internal DKIM verifier?

k0ste commented 8 years ago

Both.

pimlie commented 8 years ago

Which php version are you using?

I will look at adding some docs about the configuration

Takika commented 8 years ago

As I see I forgot to call load_config() in init() so config.inc.php never loaded. PR #13 fix this.

k0ste commented 8 years ago 
[k0ste@mx ~]$ php --version
PHP 7.0.7 (cli) (built: May 25 2016 18:40:26) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
[k0ste@mx ~]$ php -m
[PHP Modules]
Core
ctype
curl
date
dom
exif
fileinfo
filter
gettext
hash
iconv
imap
intl
json
ldap
libxml
mbstring
mcrypt
mysqli
mysqlnd
openssl
pcntl
pcre
PDO
pdo_pgsql
pgsql
Phar
posix
readline
Reflection
session
SimpleXML
SPL
standard
tokenizer
xml
xmlreader
xmlwriter
zlib
pimlie commented 8 years ago

@Takika, thanks. Was just looking at that indeed. But it also seems there are still places not checking $this->override when using config variables. E.g. line 370, did you do that on purpose?

@k0ste, could it be an autoloading issue with php7? What happens if you explictly include the DKIM class? At line 375: include $_SERVER["DOCUMENT_ROOT"].'/vendor/angrychimp/php-dkim/DKIM/Verify.php';

Takika commented 8 years ago

If you want to disable a config option and hard config it:

  1. Set it in config.inc.php: $config['use_fallback_verifier'] = false;
  2. Add this variable to the dont_override array in your main roundcube config.inc.php:
$config['dont_override'] = array(
...
'use_fallback_verifier',
...
);

If you do this the use_fallback_verifier config option won't show in Preferences/Authentication Status.

Takika commented 8 years ago

@pimlie : $this->override (and $config['dont_override']) only used when you want to hard config something and don't want to permit the end-user to change this config variable. In line 370 we check the use_fallback_verifier option and we don't have to know who set it to true (hard config by admin or soft config by the user preferences).

k0ste commented 8 years ago

@pimlie

What happens if you explictly include the DKIM class? At line 375

Yeah, work fine.

pimlie commented 8 years ago

@Takika, there still seems to be an issue. I expect that when I set: $config['use_fallback_verifier'] = true; $config['dont_override'] = array('use_fallback_verifier');

the internal verifier is always used. But it isn't, probably this is because $config only sets the default value and I am using an already configured account. Shouldn't we enforce thus overwrite any pre-existing config values for dont_override variables?

pimlie commented 8 years ago

@k0ste, could you try to change line 371 to if (!class_exists('Crypt_RSA') || !class_exists('DKIM_Verify')) {

It could be that the vendor autoloader is not loaded because the Crypt_RSA class already exists.

k0ste commented 8 years ago

@pimlie, same errors.

pimlie commented 8 years ago

@k0ste, unfortunately I am unable to reproduce this error. I have checked with php 7.0.7 and my configuration is able to load DKIM_Verify without problems. If you could debug the problem yourself a bit more that would be appreciated.

I have pushed a new config.inc.php.dist with better descriptions

pimlie commented 8 years ago

@Takika, ok it seems this is a problem within RC. They only check dont_override in rcube_config::set_user_prefs but when that method is called the plugins have not been initted yet it seems so dont_override from the plugin configs are ignored.

@k0ste, I will close this issue as there is nothing I can do atm to help you. Let me know if you have more information

Takika commented 8 years ago

@pimlie : If you check the dont_override when you show the preferences and hide the option to change an admin only setting we don't need the check in set_user_prefs.

pimlie commented 8 years ago

@Takika, why not? I want to be able to change the admin only settings regardless of the preferences of the user and whether the user already exists or not. Those admin only settings should always be applied, which without a dont_override implementation for userprefs wont be available. We could implement our own configuration file check, but I actually think we should either honor the fact that dont_override should be set in global config (not plugin config) or the rcube_config class should implement dont_override for plugin configurations as well. I already made a pull request for the last one: https://github.com/roundcube/roundcubemail/pull/5303

Takika commented 8 years ago

@pimlie : You can see how the main roundcube handle the dont_override settings, eg.: https://github.com/roundcube/roundcubemail/blob/master/program/steps/settings/func.inc#L191 If an option exists in dont_override it won't shown in the Preferences so the user can't change it. You can modify the dont_override variable from plugin config like this: $config['dont_override'][] = 'use_fallback_verifier';

phanky5 commented 2 months ago

Same issue for me in: Roundcube Webmail 1.5.0 authres_status 0.6.3

Resolved by:

Use internal DKIM verifier (if signature found but no auth. results header) = Disabled.

This didn't work as DKIM Verifier still gets called further down in the script throwing the same error.

could it be an autoloading issue with php7? What happens if you explictly include the DKIM class? At line 375: include /CORRECT-PASS-TO-FOLDER/vendor/angrychimp/php-dkim/DKIM/Verify.php';

This fixed it for me. I manually copied angrychimp over into the vendor directory then included it on top of authress_status.php.