Bug #25375
closed
Extension rsaauth 1.3.0 missing dependency for openssl
0%
Description
rsaauth needs to be able to execute openssl and must be able to call the functions openssl_pkey_new and openssl_pkey_export as is tested within the functions withtin the extension.
However, it does not say "openssl required" nor does it throw an error, when openssl is not accessible.
Deny PHP access to exec('openssl…
Either Passwords will be unencrypted or you will not be able to login as a frontend user, once you have activated loginSecurityLevel=rsa for frontend users.
(issue imported from #M18013)
Updated by Steffen Gebert over 13 years ago
Hi Daniel,
saltedpasswords ships with checks, whether it's possible with the environment to use it. These checks show you red or green messages after installing in the Extension Manager.
There's also no dependency on the PHP module openssl, as it also works with the command line of openssl.
If none of this prerequisites is met, it shows you warnings that saltedpasswords will not work.
Do you think this is not sufficient or is it not the way I describe?
Using rsaauth standalone IMHO makes no sense. IIRC it also doesn't tell you, what options you have to change to modify the login process (which will result in failing logins without openssl).
Updated by Susanne Moog over 13 years ago
- Status changed from Needs Feedback to Closed
- Target version deleted (
0)
Closing this issue because of no feedback within more than a month.