New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenSSL error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt #12924
Comments
Does the error disappear on next login? It can be caused by wrongly encrypted cookies from previous version (there was bug in the cookie encryption code in prior releases leading to this). PS: We were silently ignoring such errors in previous version, now they are displayed to allow diagnose problems. |
Hmm, but the error message should probably tell when did this happen. @ibennetch Maybe we should document this as known issue as this will happen to users using openssl direcly (not via phpseclib) on upgrade. |
- make it localized - correctly report that it's about cookies Issue #12924 Signed-off-by: Michal Čihař <michal@cihar.com>
Same message here after upgrading from 4.6.5.2. Disappeared after logging in and out. |
@nijel can we catch this error message and deal with it internally rather than making the user log out and back in again? If needed, we can show a message to the user after this that their cookies were reset or some such. |
Well there is no way to distinguish between corrupt cookies and cookies encrypted with wrong parameters used in previous versions, so we either show the error in all cases or never. On the other side nobody ever complained about missing such error message, so removing it's display might be reasonable... |
In the end I've decide to remove this error reporting. It is probably not useful to user in neither case, so let's just discard the errors so that they do not pop up later. The discarding is now in place for phpseclib as well. |
So there's nothing to add documentation about, then? |
No, I think it's better to not show this to user at all as he usually has no chance to fix the error. |
Problem Solved: Update phpmyadmin version to 4.9.1 |
Steps to reproduce
Expected behaviour
No error should occur in the login page.
Actual behaviour
I see error below the login box: "OpenSSL error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt"
Server configuration
Operating system: CentOS
Web server: Apache
Database: MariaDB
PHP version: 7.1.1 or 7.0.15 or 5.6.30
phpMyAdmin version: 4.6.6
Client configuration
Browser: Chrome
Operating system: Windows 10
The text was updated successfully, but these errors were encountered: