support external host for RC url and not only same host where installed owncloud

[mikygee]

Openbsd: 6.0

Hello,

I have the same problem as #375

I tried to start to debug and first I'm wondering about some code
/* Create the private and public key */
$res = openssl_pkey_new($config);

And I tried to execute a php test script like
// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details();
$pubKey = $pubKey["key"];
print "$pubKey\n";

And get this error
# php-5.6 /tmp/opkey.php
PHP Warning: openssl_pkey_new(): private key length is too short; it needs to be at least 384 bits, not 0 in /tmp/opkey.php on line 8
Warning: openssl_pkey_new(): private key length is too short; it needs to be at least 384 bits, not 0 in /tmp/opkey.php on line 8
PHP Warning: openssl_pkey_export(): cannot get key from parameter 1 in /tmp/opkey.php on line 11
Warning: openssl_pkey_export(): cannot get key from parameter 1 in /tmp/opkey.php on line 11
PHP Warning: openssl_pkey_get_details() expects parameter 1 to be resource, boolean given in /tmp/opkey.php on line 14
Warning: openssl_pkey_get_details() expects parameter 1 to be resource, boolean given in /tmp/opkey.php on line 14

From my understanding it would be nice if you added to your code something like
$config = array(
"digest_alg" => "sha512",
"private_key_bits" => 4096,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$res = openssl_pkey_new($config);

What do you think ?

[mckaygerhard]

helloo and thanks for help.. currently the app repository are staled, and onlymantainer mode are setted..

in nomadays, i have same problem and in recent commits was fixed. but now the problem seems are other..

independent of u'r settings, search into http://php.net/manual/en/function.openssl-pkey-new.php and seem the problem are not still related, do u have RC and OC in same host or different host/paths? different domains?

[mckaygerhard]

I cited from the other issue to continue the threatd:

Hi,
Yes RC and OC are on different hosts and I read the page (maybe I did something wrong but I think the problem is somewhere else)
I'm trying to continue to debug, and it seems the keys are generated when the user logs in.
What you have to know, is that I use nginx and it's chrooted, so I don't know but if php tries to reach openssl.conf out of the jail it might not work. I don't know...

due both are in different host and its a knowed issue, so about the environment, well try to configure a reverse proxy as wiki said.. and report feedback, until december 2016 i use reverse proxy (lighty) and After some time it stopped working..

about the chrooted env, maybe, but i dont think so, due i have same problem and my lighty was not chrooted! so dischard that reason..

CITED:

So the problem seems to be here

public static function cryptMyEntry($entry, $pubKey)
{
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->cryptMyEntry(): Starting encryption.'."$pubKey", OCP\Util::DEBUG);
if (openssl_public_encrypt($entry, $encryptedData, $pubKey) === false) {
The $pubKey is empty

i paste here too the debug provided:

When I press Update mail Identity I have the following logs

{"reqId":"gObvzwMCMHYoqR1ICO8s","remoteAddr":"10.5.8.2","app":"roundcube","message":"OC_RoundCube_App.class.php->checkLoginData(): Checking login data for oc user myuser","level":0,"time":"2017-02-02T20:48:00+01:00","method":"POST","url":"/index.php/apps/roundcube/ajax/userSettings.php"}
{"reqId":"gObvzwMCMHYoqR1ICO8s","remoteAddr":"10.5.8.2","app":"roundcube","message":"OC_RoundCube_App.class.php->checkLoginData(): Found login data for oc user myuser","level":0,"time":"2017-02-02T20:48:00+01:00","method":"POST","url":"/index.php/apps/roundcube/ajax/userSettings.php"}
{"reqId":"gObvzwMCMHYoqR1ICO8s","remoteAddr":"10.5.8.2","app":"roundcube","message":"OC_RoundCube_App.class.php->cryptEmailIdentity(): Found valid mail login data for user myuser (mail user: myuser@mydomain.org)","level":1,"time":"2017-02-02T20:48:00+01:00","method":"POST","url":"/index.php/apps/roundcube/ajax/userSettings.php"}
{"reqId":"gObvzwMCMHYoqR1ICO8s","remoteAddr":"10.5.8.2","app":"roundcube","message":"OC_RoundCube_App.class.php->cryptMyEntry(): Starting encryption.","level":0,"time":"2017-02-02T20:48:00+01:00","method":"POST","url":"/index.php/apps/roundcube/ajax/userSettings.php"}
{"reqId":"gObvzwMCMHYoqR1ICO8s","remoteAddr":"10.5.8.2","app":"PHP","message":"openssl_public_encrypt(): key parameter is not a valid public key at /owncloud/apps/roundcube/lib/RoundCubeApp.class.php#190","level":3,"time":"2017-02-02T20:48:00+01:00","method":"POST","url":"/index.php/apps/roundcube/ajax/userSettings.php"}

[mikygee]

Hello,
I managed to solve the problem.
The table oc_roundcube gets updated with something when I update Email entity.
You can tagg this issue or #375 as a bug
I'll try to prepare a patch, I'll check the version from december 2016 first.
Also I'm still not able to use the roundcube functionality, I did a tcpdump a see packets going in the right direction, and some trafic but then it times out.

[mckaygerhard]

well if u could help to improve and solve this, i can tag now as a bug, if u need a release of the RC plugin app for OC, please take from the nighty build, or use the files under src of the roundcube directory, please also take in consideration that the code of the OC php support the OC 7 api.. for me ;-)

the other issue i'll tagget as bug, but this i'll tagget as reature_request due in the wiki are well documented that both must reside in same server.. i'm very very busy now, but in the nights i'll try do all as possible to help please let me know any other needs for u and i hope u'r patch will help to main developer to return back to help us

[mikygee]

Hello,
Here's the patch. I have not been to make roundcube integration in owncloud successfully but I think the initial problem should be solved because I'm able to save the user's credentials in the database and I can see an entry is created.
The code of this plugin is buggy at some other places.
Please try this patch and let me know
# cd /var/www/owncloud/apps/roundcube/lib
# patch -p0 < 04Fev2017_patch_generateKeyPair.txt

04Fev2017_patch_generateKeyPair.txt

[mckaygerhard]

hello @mikygee thanks for contribute, i"m busy right now, i`ll revise better and commit u"r changes

[mikygee]

Hello,
Test it before, and let me know.

[mckaygerhard]

well men, i tested in both cases, u have right, as we discuss the method works as postded in the way u do.. great job men, i'll commit u'r changes right now...

i tested with oc 7, debian 5, php 5.3.22, mysql, rc and oc in different servers using a reverse proxy: both login works, autologin and manual

i tested with oc 7, debian 6, php 5.3.10, postgresql (witha very large amount of users, huge), rc and oc in same server, both autologin and manual seems to work

please in what environment do u test and have it working? to paste in changelog and see if original author gets some emotion here!

[mikygee]

Hello Lenz,
Don't hesitate to give me feedback before closing issues because in the meantime I added some code.
I'll put it in a new issue.

[mckaygerhard]

in the apps store please give some starts and feedback, to mke it revive this app

my special case its that i have a very very enforced and secure older servers, and i dont plant to upgrade nothing that are not broken (and not hacked ever!) so this app its the only that works with oc 7 and php 5.3

[mikygee]

Hello Lenz,
I use Openbsd 6.0 and Owncloud 8 and php 5.6
I didn't understand what you wrote.
I'm not a programmer, so I cannot do large code. I'm able to do small things and debug.

[mckaygerhard]

me too! i' not a programmer, me too only made some small fixed to my needs!