Cant create any paste

[Maik-Thiele]

After downloading the latest version, I uploaded it, typed in some random bla and clicked on send.
An error of making the text with no answer from the server appears.

I checked this on two different hosters, same error.
My websites for this: http://thelostone.org / http://thelostone.co.at
Using PHP 5.6 if its important.

Thanks for any help

[rugk]

What version of PrivateBin are you using?
Additionally could you please look into the server error log (PHP errors or webserver errors) and paste potential error messages here?

And BTW: I hope you are planning to deploy HTTPS on your server. 😃

[Maik-Thiele]

Normally https should be activated on htelostone.org... I should recheck this!

Like I said, I use the latest master on both servers,
I tested it out just one or two hours before I posted here.

I have no webserver logs I can look into, but I can enable php errors (in the index?).

[rugk]

You do not redirect to HTTPS. Also you only support RSA and you might want to improve this ssl config (try to get A). You you might consider to use this generator for this. But I'll get off-topic...

As the master branch is updated continuously updated, it does not help to say "I use the lastest master". It helps much more to paste the commit hash here. E.g. a9759f1, which the latest master at the time of writing. Do you use it?
BTW: In the template issue there is an explanation how to get this git hash. If you would have filled this out this more carefully, we could help you much better.

I have no webserver logs I can look into,

Really? Do you have them disabled?

I can enable php errors (in the index?).

Yes, you might do that temporarily. It would be very helpful.

[elrido]

As you get the generic error, the script encountered a situation it couldn't handle. Could you check what errors PHP returns (possibly by enabling the PHP errors as you suggest)?

Otherwise the most likely candidate to check is that the folder the script resides in has permissions set so that the webserver / PHP-process can create its folders in it. If you happen to run CentOS / Red Hat you might also need to adjust SELinux settings.

[Maik-Thiele]

I just can say that I activated ssl on one.com. It seems that this hoster is crap in any way.

I dont know how I can input a commit hash, oserwise I would do it.

No, I simply have a host who didnt provide logs. Anyway.

After include error_reporting(E_ALL); into the index.php I get nothing too.
I tested it again with error_reporting(-1); and nothing too.

Ah and btw I found the commit thing, no I know better how to ask for a thing.
Latest commit a9759f1 9 hours ago

[Maik-Thiele]

I ask the support for the logs and he gives me this, hopefully it helps:

[Tue Aug 16 18:54:53 2016] [warn] [client 82.165.156.248] mod_fcgid: stderr: #0 thelostone.co.at/root/lib/Persistence/ServerSalt.php(56): random_bytes(256), referer: http://thelostone.co.at/

[Tue Aug 16 18:54:53 2016] [warn] [client 82.165.156.248] mod_fcgid: stderr: #1 thelostone.co.at/root/lib/Persistence/ServerSalt.php(83): PrivateBin\Persistence\ServerSalt::generate(), referer: http://thelostone.co.at/

[Tue Aug 16 18:54:53 2016] [warn] [client 82.165.156.248] mod_fcgid: stderr: #2 thelostone.co.at/root/lib/Persistence/TrafficLimiter.php(85): PrivateBin\Persistence\ServerSalt::get(), referer: http://thelostone.co.at/

[Tue Aug 16 18:54:53 2016] [warn] [client 82.165.156.248] mod_fcgid: stderr: #3 thelostone.co.at/root/lib/Persistence/TrafficLimiter.php(127): PrivateBin\Persistence\TrafficLimiter::getHash('sha256'), referer: http://thelostone.co.at/

[Tue Aug 16 18:54:53 2016] [warn] [client 82.165.156.248] mod_fcgid: stderr: #4 thelostone.co.at/root/lib/PrivateBin.php(217): PrivateBin\Persistence\TrafficLimiter::canPass(), referer: http://thelostone.co.at/

[Tue Aug 16 18:54:53 2016] [warn] [client 82.165.156.248] mod_fcgid: stderr: #5 thelostone.co.at/root/lib/PrivateBin.php(130): PrivateBin\PrivateBin->_create(), referer: http://thelostone.co.at/

[Tue Aug 16 18:54:53 2016] [warn] [client 82.165.156.248] mod_fcgid: stderr: #6 thelostone.co.at/root/vendor/paragonie/random_compat/lib/random.php on line 185, referer: http://thelostone.co.at/

[elrido]

Sorry that you are having trouble with the project. Thank you for providing the logs!

The error seems to be that the "There is no suitable CSPRNG installed on your system" Exception is thrown by the random_compat library.

Could you therefore check if the mcrypt extension is available on your system? It is a last fallback to provide the cryptographically safe random number used as the servers salt in hashing.

[Maik-Thiele]

No need be say sorry, you cant something my webhost didnt do. :)

I use this code for checking:
<?php if(function_exists('mcrypt_encrypt')) { echo "mcrypt is loaded!"; } else { echo "mcrypt isn't loaded!"; } ?>

It says: mcrypt is loaded!

[elrido]

Thank you for checking this. I revisited the code of the random_compat library and it should only fail on line 185 of random.php if all methods of acquiring cryptographically safe randomness fail. Could you run the following check for all these methods and post its output here?

echo '<pre>PHP version used: ', PHP_VERSION, PHP_EOL,
    'extension libsodium is loaded: ',
    (extension_loaded('libsodium') ? 'true' : 'false'), PHP_EOL,
    '/dev/urandom exists and is readable: ',
    (is_readable('/dev/urandom') ? 'true' : 'false'), PHP_EOL,
    'extension mcrypt is loaded: ',
    (extension_loaded('mcrypt') ? 'true' : 'false'), PHP_EOL,
    'function mcrypt_create_iv exists: ',
    (function_exists('mcrypt_create_iv') ? 'true' : 'false'), PHP_EOL,
    'extension com_dotnet is loaded: ',
    (extension_loaded('com_dotnet') ? 'true' : 'false'), '</pre>';

[Maik-Thiele]

thelostone.org server (Hoster: One.com):

PHP version used: 5.6.24
extension libsodium is loaded: false
/dev/urandom exists and is readable: false
extension mcrypt is loaded: true
function mcrypt_create_iv exists: true
extension com_dotnet is loaded: false

thelostone.co.at server (Hoster: Nitrado.de):

PHP version used: 5.6.21
extension libsodium is loaded: false
/dev/urandom exists and is readable:
Warning: is_readable(): open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s): (thelostone.co.at/root/:/var/customers/tmp/xxx/:/usr/share/php/:/usr/share/php5/:/tmp/) in /var/customers/webs/xxx/thelostone.co.at/root/index2.php on line 6
false
extension mcrypt is loaded: true
function mcrypt_create_iv exists: true
extension com_dotnet is loaded: false

I edited my costumer folder with xxx, btw.

[elrido]

Ok, now its clear what the problem is: /dev/urandom isn't accessible.

This is a requirement to have mcrypt_create_iv and the other mechanisms work with cryptographically safe randomness. If your hoster can't or won't make this accessible to you it will not work. I hope you can find a solution with them.

Edit: If you don't, you need to generate the server salt only once. You could generate it on some other site (or locally) and then move it into the data folder of these two hosts (they need to be unique per installation).

[Maik-Thiele]

Humm... thats bad. Then I need to use sadly another script. :(
You also will loose possible users if it isnt a way around it, because they have hundredthousand of user. :/

[elrido]

@rugk In the light of this ticket, do you think we should introduce an unsafe fallback which raises a visible warning message on the homepage? At least it would work, even if the salt could be weak.

[rugk]

Hmm, if dev/urandom is not accessible at all, I think there is no solution at all (besides PHP (in PHP 7) or Libsodium, which may circumvent the open_basedir restriction).

However I am quite sure that a generation of the server salt once would not be enough, because we also generate an unique salt for each Paste.

@elrido You know that I certainly would not like an insecure fallback. But I am in favour of a more meaningful error message. Maybe something like this:

The server is not configured to create secure random numbers. The server admin needs setup this server.

So there PrivateBin should still be unusable, because when there is no Server Salt much things are weakened (think of the security audit...), so in this case it should not really be usable. In this case we could provide instructions on how to use it.

Note that random_comb also supported OpenSSL a while ago, but it has been removed (the openssl_random_pseudo_bytes is not really designed to provide secure random numbers). With OpenSSL open_basedir would not be a problem (of course OpenSSL needs to be installed).
So we could theoretically add a fallback to OpenSSL, however I am against this for two reasons:

1. Before we introduced random_comp we alos only used mcrypt, so we would even go beyond our old security level.
2. We should really not tackle with secure third-party implementations. They have their reasons to implement it in this way and when we change the algorithm it can only make it insecure.

However it would be okay for me to introduce a setting (disabled, obviously), which changes the pad Salt generation, so that it is done in the old way (using the server salt). This way we would still have to provide instructions how the server admin can create the server salt, but this has only to be done once.

@Nerdcoat At first: Thanks for opening this issue, it helped us very much.
So as for your case: You could try to get your hoster to install Libsodium and activate it for PHP. Here are some links of this extension: libsodium.org and paragonie.com.

[elrido]

Probably it would be easier to convince the hosters to change their open_basedir settings to include the /dev/urandom file.

[elrido]

FYI: I did now write a clarification on this into the installation documents (wiki and INSTALL.md). We will otherwise not address it, as this only affects PHP versions below 7.0 and uncommon server configurations.

[rugk]

I did now also wrote a FAQ about this: https://github.com/PrivateBin/PrivateBin/wiki/FAQ

I also added some other nice questions. As it is a wiki everyone is welcome to edit it.