Hi all. I am having a very strange problem when trying to run PGP under
Unix shell from inside a php script. I am trying to encrypt the body of an
email message. And, bizarrely, I can get it to work fine several different
ways (using exec(), popen(), backtick, etc), but (here's the strange part)
every time the script works fine, I get an "internal web server" (Apache)
error when the script terminates. Whenever I try an exec() or popen()
command that DOESN'T work, Apache DOESN'T complain! In other words, when
the call to PGP works, Apache fails and vice-versa! It feels like PGP and
Apache are working together to make sure I can't get the job done!
Now, when I use GNUPG instead of PGP, everything works fine (and no Apache
error). So, I think the problem has something to do with the way PHP, PGP,
Unix and Apache interact together. One solution is to just use GNUPG
instead of PGP, but I like PGP better.
Note: I am running my PHP script through a program called php-cgiwrap which
makes the PHP script execute as me on the server rather than as "nobody". I
can't let the script execute as "nobody" because "nobody" doesn't have
permission to run PGP, but I do.
I would greatly appreciate help on getting the PGP approach to work
perfectly. I am posting both the PGP and GNUPG code snippets below (note:
all the GNUPG snippets work perfectly). Thanks.
Kurt Bertone
/**************************************************************************/
Here are some code snippets where the PGP works fine, but Apache complains:
<script language="php">
/* set up some strings */
$pgppath = "/usr/home/myhome/.pgp";
$uid = "Recipient Name <[EMAIL PROTECTED]>";
$to = "[EMAIL PROTECTED]";
$subject = "Seekwit Message";
$from = "[EMAIL PROTECTED]";
$msg = "This is a vewy, vewy seekwit message.";
putenv("PGPPATH=$pgppath");
/* following works fine, except we get the Apache error */
$cmd = "/usr/local/bin/pgp -feat '$uid' | /usr/bin/mail -s '$subject' $to";
$pp = popen($cmd, "w");
fputs($pp, $msg);
pclose($pp);
/* following works fine, except we get the Apache error */
$cmd = "echo '$msg' | /usr/local/bin/pgp -feat '$uid' | /usr/bin/mail -s
'$subject' $to";
`$cmd`;
/* following works fine, except we get the Apache error */
$cmd = "echo '$msg' | /usr/local/bin/pgp -feat '$uid'";
$encrypted = `$cmd`;
$encrypted = "From: $from\n\n" . $encrypted;
mail($to, $subject, "", "$encrypted");
</script>
/**************************************************************************/
The following GNUPG code works perfectly - no problems at all.
<script language="php">
/* set up some strings */
$pgppath = "/usr/home/myhome/.pgp";
$uid = "Recipient Name <[EMAIL PROTECTED]>";
$to = "[EMAIL PROTECTED]";
$subject = "Seekwit Message";
$from = "[EMAIL PROTECTED]";
$msg = "This is a vewy, vewy seekwit message.";
putenv("GNUPGHOME=$gnupghome");
/* following works perfectly */
$cmd = "/usr/local/bin/gpg --textmode --always-trust ";
$cmd .= "--armor --batch --no-secmem-warning --homedir '$gnupghome' ";
$cmd .= "--compress-algo 1 --cipher-algo cast5 --recipient '$uid' --encrypt
";
$cmd .= "| /usr/bin/mail -s '$subject' $to";
$pp = popen($cmd, "w");
fputs($pp, $msg);
pclose($pp);
/* following works perfectly */
$cmd = "echo '$msg' | /usr/local/bin/gpg --textmode --always-trust ";
$cmd .= "--armor --batch --no-secmem-warning --homedir '$gnupghome' ";
$cmd .= "--compress-algo 1 --cipher-algo cast5 --recipient '$uid' --encrypt
";
$cmd .= "| /usr/bin/mail -s '$subject' $to";
`$cmd`;
/* following works perfectly */
$cmd = "echo '$msg' | /usr/local/bin/gpg --textmode --always-trust ";
$cmd .= "--armor --batch --no-secmem-warning --homedir '$gnupghome' ";
$cmd .= "--compress-algo 1 --cipher-algo cast5 --recipient
'$uid' --encrypt";
$encrypted = `$cmd`;
$encrypted = "From: $from\n\n" . $encrypted;
mail($to, $subject, "", $encrypted);
</script>
