Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encrypted scope-specific config values fail to decrypt on PHP7 #8591

Closed
zack6849 opened this issue Feb 17, 2017 · 8 comments
Closed

Encrypted scope-specific config values fail to decrypt on PHP7 #8591

zack6849 opened this issue Feb 17, 2017 · 8 comments
Labels
bug report Component: Payment Event: distributed-cd Distributed Contribution Day Fixed in 2.1.x The issue has been fixed in 2.1 release line Fixed in 2.2.x The issue has been fixed in 2.2 release line Issue: Clear Description Gate 2 Passed. Manual verification of the issue description passed Issue: Confirmed Gate 3 Passed. Manual verification of the issue completed. Issue is confirmed Issue: Format is valid Gate 1 Passed. Automatic verification of issue format passed Issue: Ready for Work Gate 4. Acknowledged. Issue is added to backlog and ready for development Reproduced on 2.1.x The issue has been reproduced on latest 2.1 release

Comments

@zack6849
Copy link
Contributor

It seems that scope based config fails to decrypt data on anything but the default store

We first noticed this when all of our stores apart from the default one failed to process paypal transactions. After further editing of the code so that we could actually see the username and password information being sent to paypal, we discovered the username field is blank, and the password field is garbled garbage data, which leads me to assume it's failed decryption.

I thought it might've just been leaving it encrypted, so i edited the code and told it to decrypt the already supposedly decrypted value, to no avail, so as of now it seems that PayPal on multi-store setups running 2.1.4 on PHP7 won't function (assuming that the PayPal account details are different than the default store, of course)

We couldn't find anything about others having this issue via google, which was quite surprising to me, so if you need any more information please don't hesitate to ask

Preconditions

  1. Magento v2.1.4
  2. PHP v7.0.6 on Ubuntu

Steps to reproduce

  1. Change PayPal password of non-default store
  2. Attempt to checkout
  3. User authentication unsuccessful

Expected result

  1. A successful transaction

Actual result

  1. The user field is blank, and the password field is garbed nonsense, from what I can only assume is a fail to decrypt (EG: c▒^`▒▒XP)

This issue feels quite similar to issues #2984 and #3305
@srenon srenon mentioned this issue Mar 3, 2017
Closed
@zack6849
Copy link
Contributor Author

@magento-team can we get an update on this?

@zack6849
Copy link
Contributor Author

@okolesnyk i don't like pinging people by name for attention or anything but this has been more than 3 months and we haven't even gotten an acknowledgment, this issue breaks paypal on multistore without workarounds, have you guys had a chance to even glance at this issue yet?

@magento-engcom-team magento-engcom-team added 2.1.x bug report Component: Payment Issue: Format is valid Gate 1 Passed. Automatic verification of issue format passed and removed G1 Passed labels Sep 5, 2017
@magento-engcom-team magento-engcom-team added the Issue: Clear Description Gate 2 Passed. Manual verification of the issue description passed label Oct 19, 2017
@magento-engcom-team
Copy link
Contributor

@zack6849 , thank you for your report.
Unfortunately, I could not reproduce the issue as you described it.
At step 1. I can not see the ability to change PayPal password for store.
paypal

Please provide more detailed steps to reproduce.

@magento-engcom-team magento-engcom-team self-assigned this Oct 19, 2017
@zack6849
Copy link
Contributor Author

This is with the PayFlow methods, not express checkout.

@magento-engcom-team
Copy link
Contributor

@zack6849 Thanks for the feedback.
Unfortunately, as for PayPal express checkout I cannot see the ability to change password for Payflow(Payflow Pro or Payflow Link) nor for any others PayPal payments methods in store scope either.
payflow pro
payflow link
And in case, I do same on website scope instead of store, I get successful transaction.
Please add more details to your description of the steps you followed when identifying this issue. Screenshots or logs would be helpful, too.

@magento-engcom-team
Copy link
Contributor

@zack6849, thank you for your report.
We've created internal ticket(s) MAGETWO-83646 to track progress on the issue.

@magento-engcom-team magento-engcom-team added Issue: Ready for Work Gate 4. Acknowledged. Issue is added to backlog and ready for development Issue: Confirmed Gate 3 Passed. Manual verification of the issue completed. Issue is confirmed Reproduced on 2.1.x The issue has been reproduced on latest 2.1 release labels Nov 10, 2017
@zack6849
Copy link
Contributor Author

Glad to hear you guys were able to reproduce it.

@okorshenko okorshenko removed the 2.1.x label Dec 14, 2017
magento-team pushed a commit that referenced this issue Dec 21, 2017
MAGETWO-84464: [2.2.x] Encrypted scope-specific config values fail to…
476036d 
… decrypt on PHP7 #8591
GaborSuranyi pushed a commit to fetchify-dev/magento2 that referenced this issue Jan 4, 2018
Removed decryption by default
1fb7204 
Based on GitHub: magento/magento2#8591

Decryption on config values shouldn't be a step by default. However on some PHP7 / Magento version mixes, this decryption doesn't happen by default.

Expanded code so that the decryption only happens, if the access token string doesn't look valid.
We'll try to get around Magento verification if possible, to get rid of encryption entirely.

Fix for the non-decryption is pending in Magento 2.2.X. magento/magento2@476036d
GaborSuranyi pushed a commit to fetchify-dev/magento2-ukpostcodelookup that referenced this issue Jan 16, 2018
Removed Decryption by default
66b9fad 
Based on GitHub: magento/magento2#8591

Decryption on config values shouldn't be a step by default. However on some PHP7 / Magento version mixes, this decryption doesn't happen by default.

Expanded code so that the decryption only happens, if the access token string doesn't look valid.
We'll try to get around Magento verification if possible, to get rid of encryption entirely.

Fix for the non-decryption is pending in Magento 2.2.X. magento/magento2@476036d

- also moved over getCfg wrapper for easier config access.
magento-engcom-team pushed a commit that referenced this issue Feb 13, 2018
MAGETWO-83646: Encrypted scope-specific config values fail to decrypt…
6a52bd3 
… on PHP7 #8591
magento-engcom-team pushed a commit that referenced this issue Feb 13, 2018
MAGETWO-83646: Encrypted scope-specific config values fail to decrypt…
4e6b770 
… on PHP7 #8591
magento-engcom-team pushed a commit that referenced this issue Feb 13, 2018
MAGETWO-83646: Encrypted scope-specific config values fail to decrypt…
968f200 
… on PHP7 #8591
magento-engcom-team pushed a commit that referenced this issue Feb 13, 2018
@igrybkov
Merge pull request #2063 from magento-chaika/Chaika_2.1.13_PR4
84f32b9 
Fixed issues:
MAGETWO-83646: Encrypted scope-specific config values fail to decrypt on PHP7 #8591
MAGETWO-85030: Integration test: fix an order into Magento\Catalog\Model\CategoryTreeTest::testGetChildren()
@magento-engcom-team magento-engcom-team added the Event: distributed-cd Distributed Contribution Day label Mar 19, 2018
@magento-engcom-team
Copy link
Contributor

Hi @zack6849 Thank you for reporting.
Issue has been fixed in 2.1 and 2.2. Most likely fix is going to be released with 2.2.4.
Thanks.

@zack6849 zack6849 added Fixed in 2.1.x The issue has been fixed in 2.1 release line Fixed in 2.2.x The issue has been fixed in 2.2 release line labels Oct 15, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug report Component: Payment Event: distributed-cd Distributed Contribution Day Fixed in 2.1.x The issue has been fixed in 2.1 release line Fixed in 2.2.x The issue has been fixed in 2.2 release line Issue: Clear Description Gate 2 Passed. Manual verification of the issue description passed Issue: Confirmed Gate 3 Passed. Manual verification of the issue completed. Issue is confirmed Issue: Format is valid Gate 1 Passed. Automatic verification of issue format passed Issue: Ready for Work Gate 4. Acknowledged. Issue is added to backlog and ready for development Reproduced on 2.1.x The issue has been reproduced on latest 2.1 release
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zack6849 @veloraven @okorshenko @magento-engcom-team