Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Raspberry Pi exception thrown on Rand function #115

Closed
rickiewars opened this issue Aug 30, 2021 · 13 comments
Closed

Raspberry Pi exception thrown on Rand function #115

rickiewars opened this issue Aug 30, 2021 · 13 comments

Comments

@rickiewars
Copy link
Contributor

I'm trying to run the user application on a Raspberry Pi.
I can reach the https://hostname/setup/ page but when I try to login with the correct password, I get the following PHP error:

Fatal error: Uncaught TypeError: rand(): Argument #2 ($max) must be of type int, float given in /opt/ldap_user_manager/includes/web_functions.inc.php:52 Stack trace: #0 /opt/ldap_user_manager/includes/web_functions.inc.php(52): rand(10000000, 100000000000) #1 /opt/ldap_user_manager/includes/web_functions.inc.php(151): generate_passkey() #2 /opt/ldap_user_manager/setup/index.php(15): set_setup_cookie(true) #3 {main} thrown in /opt/ldap_user_manager/includes/web_functions.inc.php on line 52

I got this error with the docker image version v1.7 and only on the Raspberry Pi. When I try this on my local machine, I don't get this error. I also get this error when using HTTP instead of HTTPS.

If needed, I've supplied a debug log.

Click to show debug log 
Generating CA key
Generating RSA private key, 2048 bit long modulus (2 primes)
...............+++++
.............+++++
e is 65537 (0x010001)
Generating CA certificate
Generating openssl configuration
Generating server key...
Generating RSA private key, 2048 bit long modulus (2 primes)
.................+++++
......................................................+++++
e is 65537 (0x010001)
Generating server signing request...
Generating server cert...
Signature ok
subject=CN = localhost
Getting CA Private Key

<VirtualHost *:80>

 RewriteEngine On
 RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

</VirtualHost>

<VirtualHost _default_:443>

 ServerName localhost

 DocumentRoot /opt/ldap_user_manager
 
 DirectoryIndex index.php index.html

 <Directory /opt/ldap_user_manager>
   Require all granted
 </Directory>

 SSLEngine On
 SSLCertificateFile /opt/ssl/server.crt
 SSLCertificateKeyFile /opt/ssl/server.key
 

</VirtualHost>
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Mon Aug 30 13:11:58.027308 2021] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/8.0.6 OpenSSL/1.1.1d configured -- resuming normal operations
[Mon Aug 30 13:11:58.027515 2021] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
[Mon Aug 30 13:12:39.450757 2021] [php:notice] [pid 27] [client 192.168.2.29:49426]  Session: orf_cookie wasn't sent by the client.
localhost:443 192.168.2.29 - - [30/Aug/2021:13:12:39 +0000] "GET /setup/ HTTP/1.1" 200 2775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0"
localhost:443 192.168.2.29 - - [30/Aug/2021:13:12:39 +0000] "GET /bootstrap/js/bootstrap.min.js HTTP/1.1" 200 10272 "https://192.168.2.58/setup/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0"
localhost:443 192.168.2.29 - - [30/Aug/2021:13:12:39 +0000] "GET /js/jquery-3.6.0.min.js HTTP/1.1" 200 31899 "https://192.168.2.58/setup/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0"
[Mon Aug 30 13:12:51.619788 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Session: orf_cookie wasn't sent by the client., referer: https://192.168.2.58/setup/
ldap_extended_operation_s
ldap_extended_operation
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 172.17.0.1:389
ldap_new_socket: 10
ldap_prepare_socket: 10
ldap_connect_to_host: Trying 172.17.0.1:389
ldap_pvt_connect: fd: 10 tm: -1 async: 0
attempting to connect: 
connect success
ldap_open_defconn: successful
ldap_send_server_request
ldap_result ld 0x21d0d38 msgid 1
wait4msg ld 0x21d0d38 msgid 1 (infinite timeout)
wait4msg continue ld 0x21d0d38 msgid 1 all 1
** ld 0x21d0d38 Connections:
* host: 172.17.0.1  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Mon Aug 30 13:12:51 2021


** ld 0x21d0d38 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x21d0d38 request count 1 (abandoned 0)
** ld 0x21d0d38 Response Queue:
   Empty
  ld 0x21d0d38 response count 0
ldap_chkResponseList ld 0x21d0d38 msgid 1 all 1
ldap_chkResponseList returns ld 0x21d0d38 NULL
ldap_int_select
read1msg: ld 0x21d0d38 msgid 1 all 1
read1msg: ld 0x21d0d38 msgid 1 message type extended-result
read1msg: ld 0x21d0d38 0 new referrals
read1msg:  mark request completed, ld 0x21d0d38 msgid 1
request done: ld 0x21d0d38 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_extended_result
ldap_parse_result
ldap_msgfree
[Mon Aug 30 13:12:51.758833 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Start STARTTLS connection to ldap://172.17.0.1, referer: https://192.168.2.58/setup/
[Mon Aug 30 13:12:51.759153 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Attempting to bind to ldap://172.17.0.1 as cn=admin,dc=ldapusermanager,dc=org, referer: https://192.168.2.58/setup/
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x21d0d38 msgid 2
wait4msg ld 0x21d0d38 msgid 2 (infinite timeout)
wait4msg continue ld 0x21d0d38 msgid 2 all 1
** ld 0x21d0d38 Connections:
* host: 172.17.0.1  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Mon Aug 30 13:12:51 2021


** ld 0x21d0d38 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x21d0d38 request count 1 (abandoned 0)
** ld 0x21d0d38 Response Queue:
   Empty
  ld 0x21d0d38 response count 0
ldap_chkResponseList ld 0x21d0d38 msgid 2 all 1
ldap_chkResponseList returns ld 0x21d0d38 NULL
ldap_int_select
read1msg: ld 0x21d0d38 msgid 2 all 1
read1msg: ld 0x21d0d38 msgid 2 message type bind
read1msg: ld 0x21d0d38 0 new referrals
read1msg:  mark request completed, ld 0x21d0d38 msgid 2
request done: ld 0x21d0d38 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_parse_result
ldap_msgfree
[Mon Aug 30 13:12:51.761448 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Bound successfully as cn=admin,dc=ldapusermanager,dc=org, referer: https://192.168.2.58/setup/
[Mon Aug 30 13:12:51.761532 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Initial setup: opening another LDAP connection to test authentication as cn=admin,dc=ldapusermanager,dc=org., referer: https://192.168.2.58/setup/
ldap_create
ldap_url_parse_ext(ldap://172.17.0.1)
ldap_extended_operation_s
ldap_extended_operation
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 172.17.0.1:389
ldap_new_socket: 11
ldap_prepare_socket: 11
ldap_connect_to_host: Trying 172.17.0.1:389
ldap_pvt_connect: fd: 11 tm: -1 async: 0
attempting to connect: 
connect success
ldap_open_defconn: successful
ldap_send_server_request
ldap_result ld 0x21cce18 msgid 1
wait4msg ld 0x21cce18 msgid 1 (infinite timeout)
wait4msg continue ld 0x21cce18 msgid 1 all 1
** ld 0x21cce18 Connections:
* host: 172.17.0.1  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Mon Aug 30 13:12:51 2021


** ld 0x21cce18 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x21cce18 request count 1 (abandoned 0)
** ld 0x21cce18 Response Queue:
   Empty
  ld 0x21cce18 response count 0
ldap_chkResponseList ld 0x21cce18 msgid 1 all 1
ldap_chkResponseList returns ld 0x21cce18 NULL
ldap_int_select
read1msg: ld 0x21cce18 msgid 1 all 1
read1msg: ld 0x21cce18 msgid 1 message type extended-result
read1msg: ld 0x21cce18 0 new referrals
read1msg:  mark request completed, ld 0x21cce18 msgid 1
request done: ld 0x21cce18 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_extended_result
ldap_parse_result
ldap_msgfree
[Mon Aug 30 13:12:51.788772 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Start STARTTLS connection to ldap://172.17.0.1, referer: https://192.168.2.58/setup/
[Mon Aug 30 13:12:51.788820 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Attempting to bind to ldap://172.17.0.1 as cn=admin,dc=ldapusermanager,dc=org, referer: https://192.168.2.58/setup/
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x21cce18 msgid 2
wait4msg ld 0x21cce18 msgid 2 (infinite timeout)
wait4msg continue ld 0x21cce18 msgid 2 all 1
** ld 0x21cce18 Connections:
* host: 172.17.0.1  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Mon Aug 30 13:12:51 2021


** ld 0x21cce18 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x21cce18 request count 1 (abandoned 0)
** ld 0x21cce18 Response Queue:
   Empty
  ld 0x21cce18 response count 0
ldap_chkResponseList ld 0x21cce18 msgid 2 all 1
ldap_chkResponseList returns ld 0x21cce18 NULL
ldap_int_select
read1msg: ld 0x21cce18 msgid 2 all 1
read1msg: ld 0x21cce18 msgid 2 message type bind
read1msg: ld 0x21cce18 0 new referrals
read1msg:  mark request completed, ld 0x21cce18 msgid 2
request done: ld 0x21cce18 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_parse_result
ldap_msgfree
[Mon Aug 30 13:12:51.790636 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Bound successfully as cn=admin,dc=ldapusermanager,dc=org, referer: https://192.168.2.58/setup/
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x21cce18 msgid 3
wait4msg ld 0x21cce18 msgid 3 (infinite timeout)
wait4msg continue ld 0x21cce18 msgid 3 all 1
** ld 0x21cce18 Connections:
* host: 172.17.0.1  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Mon Aug 30 13:12:51 2021


** ld 0x21cce18 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x21cce18 request count 1 (abandoned 0)
** ld 0x21cce18 Response Queue:
   Empty
  ld 0x21cce18 response count 0
ldap_chkResponseList ld 0x21cce18 msgid 3 all 1
ldap_chkResponseList returns ld 0x21cce18 NULL
ldap_int_select
read1msg: ld 0x21cce18 msgid 3 all 1
read1msg: ld 0x21cce18 msgid 3 message type bind
read1msg: ld 0x21cce18 0 new referrals
read1msg:  mark request completed, ld 0x21cce18 msgid 3
request done: ld 0x21cce18 msgid 3
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 3, msgid 3)
ldap_parse_result
ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
ldap_free_connection: actually freed
[Mon Aug 30 13:12:51.794309 2021] [php:notice] [pid 29] [client 192.168.2.29:49430]  Initial setup: able to authenticate as cn=admin,dc=ldapusermanager,dc=org., referer: https://192.168.2.58/setup/
ldap_free_connection 1 1
ldap_send_unbind
ldap_free_connection: actually freed
localhost:443 192.168.2.29 - - [30/Aug/2021:13:12:51 +0000] "POST /setup/ HTTP/1.1" 200 1091 "https://192.168.2.58/setup/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0"

My thanks in advance
@wheelybird
Copy link
Owner

Cheers. Which model of Raspberry Pi is this on?

@rickiewars
Copy link
Contributor Author

Hi, this was on the raspberry pi 3b with the armV7 cpu architecture if i'm correct

@rickiewars
Copy link
Contributor Author

@wheelybird, I've actually managed to fix the issue by changing lines 52, 53 and 54 in the /ldap-user-manager/www/includes/web_functions.inc.php file to:

 $rnd1 = rand(10000000, (int)100000000000);
 $rnd2 = rand(10000000, (int)100000000000);
 $rnd3 = rand(10000000, (int)100000000000);

I've forced a type-cast (or however it's named in php) to an integer in the second argument of the rand() function.
Aparently this was a bug introduced in PHP v8.
I've found a conversation about this issue on: barryvdh/laravel-dompdf#757

I'll commit a pull request with the changes I've made.

Greetings!

@wheelybird
Copy link
Owner

That's great! Cheers - I didn't get a chance to look into it.

rickiewars added a commit to rickiewars/ldap-user-manager that referenced this issue Sep 3, 2021
@rickiewars
Update web_functions.inc.php
306dad8 
Fix for issue wheelybird#115

Added typecast to int that fixes a fatal error telling that the second argument of rand() expects an int but a float is given on an ARMv7 architecture.
Problem seems to be introduced in PHP v8.
@rickiewars rickiewars mentioned this issue Sep 3, 2021
Merged
wheelybird pushed a commit that referenced this issue Sep 3, 2021
@rickiewars
Update web_functions.inc.php (#117)
7753eb4 
Fix for issue #115

Added typecast to int that fixes a fatal error telling that the second argument of rand() expects an int but a float is given on an ARMv7 architecture.
Problem seems to be introduced in PHP v8.
@wheelybird
Copy link
Owner

That's been pushed to wheelybird/ldap-user-manager:latest - give it a whirl and let me know if it's good and I'll update the v1.7 image too.

@rickiewars
Copy link
Contributor Author

rickiewars commented Sep 3, 2021
edited
Loading

On the latest tag I get the following error in the logs:
sed: can't read /etc/ldap/ldap.conf: No such file or directory

When I try to build the image from source, I get some GPG errors:

Step 2/13 : RUN apt-get update &&     apt-get install -y --no-install-recommends         libldb-dev libldap2-dev         libfreetype6-dev         libjpeg-dev         libpng-dev &&     rm -rf /var/lib/apt/lists/*
 ---> Running in 0034d376eed5
Get:1 http://deb.debian.org/debian bullseye InRelease [113 kB]
Get:2 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [36.8 kB]
Err:1 http://deb.debian.org/debian bullseye InRelease
  At least one invalid signature was encountered.
Err:3 http://deb.debian.org/debian bullseye-updates InRelease
  At least one invalid signature was encountered.
Err:2 http://security.debian.org/debian-security bullseye-security InRelease
  At least one invalid signature was encountered.
Reading package lists...
W: GPG error: http://deb.debian.org/debian bullseye InRelease: At least one invalid signature was encountered.
E: The repository 'http://deb.debian.org/debian bullseye InRelease' is not signed.
W: GPG error: http://deb.debian.org/debian bullseye-updates InRelease: At least one invalid signature was encountered.
E: The repository 'http://deb.debian.org/debian bullseye-updates InRelease' is not signed.
W: GPG error: http://security.debian.org/debian-security bullseye-security InRelease: At least one invalid signature was encountered.
E: The repository 'http://security.debian.org/debian-security bullseye-security InRelease' is not signed.
The command '/bin/sh -c apt-get update &&     apt-get install -y --no-install-recommends         libldb-dev libldap2-dev         libfreetype6-dev         libjpeg-dev         libpng-dev &&     rm -rf /var/lib/apt/lists/*' returned a non-zero code: 100

I can get around these errors by changing in the dockerfile the base image from php:8-apache to php:8-apache-buster but I'm not sure that is the long-term solution. When I make this change and build the image, the image works as expected.
My raspberry Pi runs Raspbian GNU/Linux 10 (buster) and that's where I'm building the image from source from.

@CHBMB
Copy link

CHBMB commented Sep 22, 2021

Just chipping in here, I'm also getting the sed error.

@wheelybird
Copy link
Owner

Thanks. I haven't had time recently to look into this, but hopefully the sed issue is easy to fix.

@mkueh
Copy link

mkueh commented Dec 28, 2021
edited
Loading

Hello guys,

i'm also getting the sed error... but only when i try to load an TLS-CACERT.

i hope that helps you find the bug.

At the moment i rollback to the version 1.6, thats works greate :)

@wheelybird
Copy link
Owner

Does it still happen with wheelybird/ldap-user-manager:latest?

@arcoast
Copy link

arcoast commented Jan 7, 2022

I'm still getting sed: can't read /etc/ldap/ldap.conf: No such file or directory on any version past v1.6 presuming it's the same issue described here.

@wheelybird
Copy link
Owner

Thanks for letting me know. I'll need to search in the attic for a Raspberry Pi to debug this with.

@wheelybird
Copy link
Owner

I've been unable to test this, but hopefully the latest release (v1.8) fixes the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@CHBMB @wheelybird @rickiewars @mkueh @arcoast