Jump to content

Recommended Posts

Posted

A new install of 14.1-34.42 gives the following errors when you first login and it prompts for a password change. Also, when you go to SSL Files, you get the attached. Obviously this version gone through a lot of QA before release...

In better news, they do seem to have fixed the broken SSL with the Freemium release

 

A PHP Error was encountered

Severity: 8192

Message: strcmp(): Passing null to parameter #1 ($string1) of type string is deprecated

Filename: controllers/Login.php

Line Number: 52

A PHP Error was encountered

Severity: 8192

Message: strcmp(): Passing null to parameter #1 ($string1) of type string is deprecated

Filename: controllers/Login.php

Line Number: 70

A PHP Error was encountered

Severity: 8192

Message: strcmp(): Passing null to parameter #1 ($string1) of type string is deprecated

Filename: controllers/Login.php

Line Number: 107

Capture.PNG

  • 2 weeks later...
Posted

I think that's coincidence - there wouldn't be any cookies against a previously unused IP address. Plus the PHP errors make it clear this is a server-side issue relating to opening some internally-generated SSL keys (which are chowned to root mode 0600), plus coding errors failing to sanitize arguments to strcmp() coupled with poor error-handling throughout. The permissions on the keys in /nsconfig/ssl don't alter, so this looks to be something trying to open them after privileges have been dropped. It happens only on first boot/access and does not reoccur if you reboot without saving which is why it appeared to disappear for you. The strcmp() error is shown whenever the force password change is shown in the web gui (if you change the password from the CLI you don't see it).

I did all my tests in incognito mode.

Stephen

Posted

The strcmp() errors are from lines like:

if (strcmp($this->input->post('challengepassword'), ""))

At the password change form there is no challengepassword field on first access, so it is null.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...