Bug #55396
closed
"Invalid RSA public key" malfunction on (backend) login
100%
Description
I don't know what exactly causes this problem, but when we upgraded to PHP 5.4, backend login to our TYPO3 installations (6.1.x, but also 6.2 beta) started failing with the (JavaScript) error message "Invalid RSA public key". Only disabling RSA authentication solved the problem (I guess that FE login would have also been affected, but I didn't investigate).
Today I tracked this down to a failing openssl_csr_new() call in rsaauth/Classes/Backend/PhpBackend.php. It turned out that changing
$csr = openssl_csr_new(array(), $privateKey);
to
$csr = openssl_csr_new(array(
"localityName" => "foo",
"organizationName" => "bar",
), $privateKey);
solves the problem. If you omit either of the two keys (the actual values don't seem to matter), login will fail and you'll get that "Invalid RSA public key" error message again. So at least in our installation context (Gentoo Linux, Kernel 3.8.3-hardened, OpenSSL 1.0.1f, PHP 5.4.24), these arguments seem to be mandatory for RSA authentication to work.
Please find attached a patch for PhpBackend.php.
Files
Updated by Mathias Schreiber about 9 years ago
- Status changed from New to Needs Feedback
- Assignee set to Mathias Schreiber
Hi Joschi,
is this still a problem on 6.2 or 7?
Updated by Alexander Opitz almost 9 years ago
- Status changed from Needs Feedback to Closed
- Assignee deleted (
Mathias Schreiber) - Target version deleted (
next-patchlevel)
No feedback within the last 90 days => closing this issue.
If you think that this is the wrong decision or experience this issue again, then please write to the mailing list typo3.teams.bugs with issue number and an explanation or open a new ticket and add a relation to this ticket number.
Updated by Joschi Kuphal almost 9 years ago
Hi Mathias, hi Alex,
yes, this is still an issue, even with the latest 7.3, although I'm pretty sure that not every OS (version) is affected.
Sorry for not responding earlier. As I didn't get any notification that someone finally responded (the bug report is more than one and a half years old!) I didn't realize I should do something. Will write to the list.
Cheers
Updated by Mathias Schreiber almost 9 years ago
- Status changed from Closed to New
- Target version set to 7.4 (Backend)
- Sprint Focus set to On Location Sprint
Updated by Gerrit Code Review almost 9 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40372
Updated by Gerrit Code Review almost 9 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40372
Updated by Gerrit Code Review almost 9 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40372
Updated by Gerrit Code Review almost 9 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40372
Updated by Gerrit Code Review almost 9 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40372
Updated by Gerrit Code Review almost 9 years ago
Patch set 1 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40453
Updated by Alexander Krist almost 9 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 532aba10a51ecace2102c9ec5cd11b705287c848.
Updated by Mathias Schreiber almost 9 years ago
- Sprint Focus deleted (
On Location Sprint)
Updated by Riccardo De Contardi over 6 years ago
- Status changed from Resolved to Closed