Hi Clément, Thank you for prompt response!
I made sure I have $keyphrase set. If I'm not mistaken it's required even for basic functionality. Otherwise you will see an error on the main web page. $keyphrase = "testsecret"; After changing $crypt_tokens to false it started working! The next obvious question is How safe is that solution? Would you recommend to use it in production? If not, should we try to fix the issue with encryption library? Please advise. FYI, I've noticed few minor issue in the log file (/var/log/httpd/ssp_error_log) when I opened a link with the token to setup a new password: [Thu Nov 16 22:42:04 2017] [error] [client 192.168.1.100] PHP Notice: Undefined variable: source in /usr/share/self-service-password/menu.php on line 25 [Thu Nov 16 22:42:04 2017] [error] [client 192.168.1.100] PHP Notice: Undefined variable: source in /usr/share/self-service-password/pages/resetbytoken.php on line 213 [Thu Nov 16 22:42:51 2017] [error] [client 192.168.1.100] PHP Notice: Undefined variable: source in /usr/share/self-service-password/menu.php on line 25, referer: http://testsrv1.example.com/index.php?action=resetbytoken&token=blablablablabla 2017-11-16 22:16 GMT-08:00 Clément OUDOT <clem.ou...@gmail.com>: > 2017-11-17 6:58 GMT+01:00 Aleksey Qwerty <russian.qwe...@gmail.com>: > > Hi there! > > > > First of all thank you for the great product. It looks and works > awesome! We > > just started using SSP v1.1-1 on recently updated CentOS 6.9 with > OpenLDAP. > > > > Hi, thanks for the feedback! > > > > We tested password change (Self service password) with PHPMailer > > successfully. > > Current issue that I'm trying to figure out is /?action=sendtoken > > functionality. When I try to use it (enter existing username and email) > > nothing happens, web page doesn't show any result or error. > > From OpenLDAP (slapd) debug I see it does search a user successfully. > Anyway > > OpenLDAP binding should not be an issue because "Self service password" > > works just fine. > > > > SSP error log file (/var/log/httpd/ssp_error_log) shows the following: > > > > [Thu Nov 16 21:29:15 2017] [error] [client 192.168.1.100] PHP Parse > error: > > syntax error, unexpected '[' in > > phar:///usr/share/self-service-password/lib/vendor/ > defuse-crypto.phar/src/RuntimeTests.php > > on line 110, referer: http://testsrv1.example.com/ > index.php?action=sendtoken > > > > Google didn't help and I'm not sure what troubleshooting steps should be > > taken. > > > > Our setup: > > - CentOS 6.9, minimal install. All from packages. > > - self-service-password-1.1-1.el6.noarch > > - openldap-servers-2.4.40-16.el6.x86_64 > > - php-5.3.3-49.el6.x86_64 > > - php-ldap-5.3.3-49.el6.x86_64 > > - apr-util-ldap-1.3.9-3.el6_0.1.x86_64 > > - httpd-2.2.15-60.el6.centos.6.x86_64 > > - php-mbstring-5.3.3-49.el6.x86_64 > > > Seems to be linked to cryptography lib.Could you confirm that you have > a value configured in $keyphrase? > > You can also try to set $crypt_tokens to false to be sure the issue is > linked to cryptography. You can then open an issue here: > https://github.com/ltb-project/self-service-password/issues > > Clément. > _______________________________________________ > ltb-users mailing list > ltb-users@lists.ltb-project.org > https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users -- BR, Aleksey Qwerty
_______________________________________________ ltb-users mailing list ltb-users@lists.ltb-project.org https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
