View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000835 | OXID eShop (all versions) | 1. ----- eShop frontend ----- | public | 2009-04-28 11:39 | 2012-12-10 14:37 |
| Reporter | marco_steinhaeuser | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 4.1.1 revision 18442 | ||||
| Fixed in Version | 4.1.6 revision 22740 | ||||
| Summary | 0000835: define a fallback if /dev/urandom doesn't exist | ||||
| Description | On some servers, you get an error message logging into openID: Fatal error: Define Auth_OpenID_RAND_SOURCE as null to continue with an insecure random number generator. in /var/www/vhosts/demo.shirtnetwork.de/httpdocs/oxid/die-shirttuner/core/openid/Auth/OpenID/CryptUtil.php on line 52 Define a fallback to use a different method. The solution is here: http://www.oxid-esales.com/de/resources/forum/allgemeines/fatal-error-define-auth-openid-rand-source-null-continue-insecure-random | ||||
| Tags | No tags attached. | ||||
| Theme | |||||
| Browser | All | ||||
| PHP Version | 5.2.6 | ||||
| Database Version | 5.0.33 | ||||
|
|
fixed problem and added possibility to define custom path: if ( !defined('Auth_OpenID_RAND_SOURCE') ) { if ( $sRandSource = oxConfig::getInstance()->getConfigParam( 'sAuthOpenIdRandSource' ) ) { define( 'Auth_OpenID_RAND_SOURCE', $sRandSource ); } elseif ( PHP_OS == 'WINNT' || ( @fopen( '/dev/urandom', 'r' ) === false ) ) { /** * in case shop runs on windows or other system, which does not have '/dev/urandom' */ define( 'Auth_OpenID_RAND_SOURCE', null ); } } |
|
|
To define 'Auth_OpenID_RAND_SOURCE' (filename for a source of random bytes) add parameter to config.inc.php file: $this->sAuthOpenIdRandSource = '/dev/urandom'; Set this field and its value according to your server configuration. |
