Fix so an error is loogged when encryption fails (#6948)

pull/6957/head
Aleksander Machniak 5 years ago
parent ed085db9e0
commit 20e25582e7

@ -5,6 +5,7 @@ CHANGELOG Roundcube Webmail
- Elastic: Fix position and style of auto-complete dropdown on small screens (#6951) - Elastic: Fix position and style of auto-complete dropdown on small screens (#6951)
- Redis: Improve error handling and phpredis 5.X support (#6888) - Redis: Improve error handling and phpredis 5.X support (#6888)
- Fix bug where cache keys were not case-sensitive on MySQL/MSSQL (#6942) - Fix bug where cache keys were not case-sensitive on MySQL/MSSQL (#6942)
- Fix so an error is loogged when encryption fails (#6948)
RELEASE 1.4-rc2 RELEASE 1.4-rc2
--------------- ---------------

@ -517,7 +517,7 @@ $config['x_frame_options'] = 'sameorigin';
// with any configured cipher_method (see below). // with any configured cipher_method (see below).
$config['des_key'] = 'rcmail-!24ByteDESkey*Str'; $config['des_key'] = 'rcmail-!24ByteDESkey*Str';
// Encryption algorithm. You can use any method supported by openssl. // Encryption algorithm. You can use any method supported by OpenSSL.
// Default is set for backward compatibility to DES-EDE3-CBC, // Default is set for backward compatibility to DES-EDE3-CBC,
// but you can choose e.g. AES-256-CBC which we consider a better choice. // but you can choose e.g. AES-256-CBC which we consider a better choice.
$config['cipher_method'] = 'DES-EDE3-CBC'; $config['cipher_method'] = 'DES-EDE3-CBC';

@ -850,7 +850,19 @@ class rcube
$method = $this->config->get_crypto_method(); $method = $this->config->get_crypto_method();
$opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true; $opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
$iv = rcube_utils::random_bytes(openssl_cipher_iv_length($method), true); $iv = rcube_utils::random_bytes(openssl_cipher_iv_length($method), true);
$cipher = $iv . openssl_encrypt($clear, $method, $ckey, $opts, $iv); $cipher = openssl_encrypt($clear, $method, $ckey, $opts, $iv);
if ($cipher === false) {
self::raise_error(array(
'file' => __FILE__,
'line' => __LINE__,
'message' => "Failed to encrypt data with configured cipher method: $method!"
), true, false);
return false;
}
$cipher = $iv . $cipher;
return $base64 ? base64_encode($cipher) : $cipher; return $base64 ? base64_encode($cipher) : $cipher;
} }

Loading…
Cancel
Save