Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt #12924

Closed
nunoperalta opened this issue Jan 25, 2017 · 10 comments
Closed

OpenSSL error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt #12924

nunoperalta opened this issue Jan 25, 2017 · 10 comments
Assignees
@nijel
Labels
Bug A problem or regression with an existing feature
Milestone
4.7.0

Comments

@nunoperalta
Copy link

Steps to reproduce

  1. Install 4.6.6
  2. Open login page
  3. See error: "OpenSSL error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt"

Expected behaviour

No error should occur in the login page.

Actual behaviour

I see error below the login box: "OpenSSL error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt"

Server configuration

Operating system: CentOS

Web server: Apache

Database: MariaDB

PHP version: 7.1.1 or 7.0.15 or 5.6.30

phpMyAdmin version: 4.6.6

Client configuration

Browser: Chrome

Operating system: Windows 10
@nijel
Copy link
Contributor

nijel commented Jan 25, 2017
edited

Does the error disappear on next login? It can be caused by wrongly encrypted cookies from previous version (there was bug in the cookie encryption code in prior releases leading to this).

PS: We were silently ignoring such errors in previous version, now they are displayed to allow diagnose problems.

@nijel nijel added the question Used when we need feedback from the submitter or when the issue is a question about PMA label Jan 25, 2017
@nijel
Copy link
Contributor

nijel commented Jan 25, 2017

Hmm, but the error message should probably tell when did this happen.

@ibennetch Maybe we should document this as known issue as this will happen to users using openssl direcly (not via phpseclib) on upgrade.

phpmyadmin_-_2017-01-25_09 50 32

nijel added a commit that referenced this issue Jan 25, 2017
@nijel
Improve error message for cookie encryption
31084a0 
- make it localized
- correctly report that it's about cookies

Issue #12924

Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel nijel mentioned this issue Jan 25, 2017
Closed
@slokhorst
Copy link
Contributor

Same message here after upgrading from 4.6.5.2. Disappeared after logging in and out.

@cslevi81
Copy link

cslevi81 commented Jan 27, 2017
edited

Similar error message:
phpmyadmin_2017-01-27_14 59 26
I could login, use the PhpMyAdmin, but the error message occurs on login page (when I access the page via simple HTTP - not HTTPS - too).

Server configuration

Operating System: Debian 7.11
Web server: Apache 2.2.22
Database: MySQL 5.5.54
PHP: 5.6.30 (dotdeb)
PHP extension used: mysqli, curl, mbstring
PhpMyAdmin version: 4.6.6
OpenSSL version: 1.0.1t

Client configuration

Browser: Firefox 50.1.0
OS: xUbuntu 12.04.5

@ibennetch
Copy link
Member

@nijel can we catch this error message and deal with it internally rather than making the user log out and back in again? If needed, we can show a message to the user after this that their cookies were reset or some such.

@nijel
Copy link
Contributor

nijel commented Jan 30, 2017

Well there is no way to distinguish between corrupt cookies and cookies encrypted with wrong parameters used in previous versions, so we either show the error in all cases or never. On the other side nobody ever complained about missing such error message, so removing it's display might be reasonable...

@nijel nijel self-assigned this Feb 2, 2017
@nijel nijel added Bug A problem or regression with an existing feature and removed question Used when we need feedback from the submitter or when the issue is a question about PMA labels Feb 2, 2017
@nijel nijel added this to the 4.7.1 milestone Feb 2, 2017
@nijel nijel closed this as completed in 5022ff9 Feb 2, 2017
@nijel nijel modified the milestones: 4.7.0, 4.7.1 Feb 2, 2017
@nijel
Copy link
Contributor

nijel commented Feb 2, 2017

In the end I've decide to remove this error reporting. It is probably not useful to user in neither case, so let's just discard the errors so that they do not pop up later. The discarding is now in place for phpseclib as well.

@ibennetch
Copy link
Member

So there's nothing to add documentation about, then?

@nijel
Copy link
Contributor

nijel commented Feb 4, 2017

No, I think it's better to not show this to user at all as he usually has no chance to fix the error.

@alokupadhya
Copy link

Problem Solved:

Update phpmyadmin version to 4.9.1

https://stackoverflow.com/a/58005655/12088879

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 28, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@nijel nijel

Labels
Bug A problem or regression with an existing feature
Projects
None yet
Milestone
4.7.0
Development

No branches or pull requests
6 participants
@nijel @nunoperalta @ibennetch @slokhorst @cslevi81 @alokupadhya