Hello Patrick,
it seems that a few things have changed, so I've fixed the issue
to make the feature work again.
Please apply the following commits:
https://bitbucket.org/jsuto/piler/commits/4a131f3058766ecdeb3021f5478746f58938c2c8
https://bitbucket.org/jsuto/piler/commits/427114b89202e3658664540e2eb5d30feeba659b
OR
simply overwrite
https://bitbucket.org/jsuto/piler/src/master/util/sign.php
and
https://bitbucket.org/jsuto/piler/src/master/webui/system/helper/TrustedTimestamps.php
then add the following to /var/piler/www/config.php:
$config['TSA_VERIFY_CERTIFICATE'] = true;
Janos
PS: Thank you Frank for the freetsa.org hint. It works properly.
On 2020-10-17 12:45, Wagner, Patrick wrote:
Hello Janos,
I've changed the DECRYPT_ATTACHMENT_BINARY to pileraget and I've
re-read the two links you sent, but are not sure I could've missed
anything?
For the packaged 1.3.5 release, is there more to do than to add the
four TSA_XXX config lines and to add a regular cronjob to execute
sign.php as piler user?
"Something" is definitely happening, as I can read mails via web UI
just fine, until 500 non-stamped mails have been reached, where
suddenly a batch of 500 e-mails is no longer readable.
For what it's worth, here's my entry taken from the piler user crontab:
0 * * * * /usr/bin/php /usr/libexec/piler/sign.php --webui
/var/piler/www --mode unit
And here's what happens if I run it manually:
piler@mypiler01:~$ /usr/bin/php /usr/libexec/piler/sign.php --webui
/var/piler/www --mode unit
PHP Warning: Use of undefined constant COUNT - assumed 'COUNT' (this
will throw an Error in a future version of PHP) in
/usr/libexec/piler/sign.php on line 3
PHP Warning: Use of undefined constant HASH_VALUE - assumed
'HASH_VALUE' (this will throw an Error in a future version of PHP) in
/usr/libexec/piler/sign.php on line 4
PHP Warning: Use of undefined constant RESPONSE_STRING - assumed
'RESPONSE_STRING' (this will throw an Error in a future version of
PHP) in /usr/libexec/piler/sign.php on line 5
PHP Warning: Use of undefined constant RESPONSE_TIME - assumed
'RESPONSE_TIME' (this will throw an Error in a future version of PHP)
in /usr/libexec/piler/sign.php on line 6
PHP Warning: Use of undefined constant START_ID - assumed 'START_ID'
(this will throw an Error in a future version of PHP) in
/usr/libexec/piler/sign.php on line 7
PHP Warning: Use of undefined constant STOP_ID - assumed 'STOP_ID'
(this will throw an Error in a future version of PHP) in
/usr/libexec/piler/sign.php on line 8
PHP Warning: ini_set(): Headers already sent. You cannot change the
session module's ini settings at this time in
/var/piler/www/config.php on line 333
PHP Warning: session_start(): Cannot start session when headers
already sent in /var/piler/www/system/request.php on line 30
piler@mypiler01:~$ echo $?
0
Should I be using a different PHP version or are those warnings to be
expected?
FreeTSA should be available for your testing purposes.
Thanks,
Patrick
On 16.10.2020 21:19, s...@acts.hu wrote:
Hello Patrick,
for starters the DECRYPT_ATTACHMENT_BINARY should be pileraget (not
pilerget).
Also it might be worth to go over the steps and check if everything is
setup properly:
https://bitbucket.org/jsuto/piler/issues/480/support-rfc3161-trusted-timestamps
https://www.mail-archive.com/piler-user@list.acts.hu/msg00785.html
In the meantime I try to find a TSA provider suitable for testing
purposes.
If anyone on the list was familiar with any, or better could provide a
test
account, it would be great.
Janos
On 2020-10-16 20:02, Patrick Wagner wrote:
Hello everyone,
we're testing the TSA signing feature of Piler. When I login as
auditor all mails are listed correctly in the Web GUI upper pane /
list. When I click on a mail the header and content are displayed
below if that mail was not signed (yet). Clicking on a signed mail
however does not refresh the lower pane and continues to display
either the last non-stamped mail or remains blank (if no mail had
been
selected before). With pilerget on the CLI the mails are displayed
correctly.
What's wrong? Do I have to change any configuration?
I added these lines in config-site.php:
$config['TSA_PUBLIC_KEY_FILE'] = '/etc/piler/tsa.publickey.pem';
$config['TSA_START_ID'] = 1;
$config['TSA_STAMP_REQUEST_UNIT_SIZE'] = 500;
$config['TSA_URL'] = 'http://zeitstempel.dfn.de';
$config['DECRYPT_BINARY'] = '/usr/bin/pilerget';
$config['DECRYPT_ATTACHMENT_BINARY'] = '/usr/bin/pilerget';
Thanks,
Patrick
# piler -V
piler 1.3.5, build 997, Janos SUTO <s...@acts.hu>
Build Date: Sun Apr 21 16:50:30 UTC 2019
ldd version: ldd (Ubuntu GLIBC 2.27-3ubuntu1) 2.27
gcc version: gcc version 7.3.0 (Ubuntu 7.3.0-27ubuntu1~18.04)
OS: Linux 188ae4f9894f 4.15.0-47-generic #50-Ubuntu SMP Wed Mar 13
10:44:52 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Configure command: ./configure --prefix=/usr --sysconfdir=/etc
--localstatedir=/var --with-database=mariadb
MySQL client library version: 10.2.9
Extractors: /usr/bin/pdftotext /usr/bin/catdoc /usr/bin/catppt
/usr/bin/xls2csv /usr/bin/unrtf /usr/bin/tnef
Ubuntu 18.04.5 LTS
PHP 7.2.24-0ubuntu0.18.04.6 (as supplied with the distro)
MariaDB 10.1.44 (as supplied with the distro)