Changed the ‘auth’ line.
Restartet nginx services
Restartet all three php services that appear in my systemctl list.
Le prolème est toujours là.
Bonjour,
Même problème ici, après désinstallation / réinstallation d’opensondage.
Version installée : 1.1.19~ynh1
erreur constatée : PHP Fatal error: Uncaught PHPMailer\PHPMailer\Exception: SMTP Error: Could not connect to SMTP host. in /var/www/opensondage/vendor/phpmailer/phpmailer/src/PHPMailer.php:2157
Le port 25 est bien ouvert en local, J’ai fait un regen-conf qui n’a rien changé au problème.
As a temporary workaround, editing the config.php and changing use_smtp to false may do the trick but it’d be nice if somebody could run further testing playing with the other settings …
I tried the configuration with an external SMTP and it works fine.
So it seems there is an error with the SMTP on localhost authentification.
After one trial sondage with 'use_smtp' => false there was 'username' => 'opensondage' and some random password filled in the config.php. Switching back to 'use_smtp' => true didn’t work with these credentials.
Here my working config:
// Config
$config = [
/* general config */
'use_smtp' => true, // use email for polls creation/modification/responses notification
'smtp_options' => [
'host' => 'my_ext_SMTP.com', // SMTP server (you could add many servers (main and backup for example) : use ";" like separator
'auth' => true, // Enable SMTP authentication
'username' => 'my_ext_username', // SMTP username
'password' => 'my_ext_password', // SMTP password
'secure' => 'ssl', // Enable encryption (false, tls or ssl)
'port' => 465, // TCP port to connect to
],
Yes so my guess is that using “localhost” ain’t good because localhost doesn’t have a valid certificate for … localhost … neither wont 127.0.0.1
What should be tried is probably to replace 'host' => 'localhost', with 'host' => 'the.main.domain', for example
Hi there,
I found this topic (and Wrong email address · Issue #96 · YunoHost-Apps/opensondage_ynh · GitHub , too) and tried some suggestions.
Finally I can confirm that this configuration solves the issue for me:
// Database administrator email
const ADRESSEMAILADMIN = 'my-ynh-admin@my-ynh.org'; // This is my custom ynh-Admin (not user `admin`)
// [...]
// Config
$config = [
/* general config */
'use_smtp' => true,
'smtp_options' => [
'host' => 'my-ynh.org', // This must *not* be localhost
'auth' => true, // Enable SMTP authentication
'username' => 'my-ynh-admin', // changed by hand
'password' => 'MyRealClearTextPW', // changed by hand
'secure' => false,
'port' => 25,
],
/* home */
// [...]
];
So the only thing left is that now all mails are sent from my-ynh-admin@my-ynh.org and not from opensondage@my-ynh.org.
I tried to change that, too, (by only changing const ADRESSEMAILADMIN) and got this error message:
<opensondage@my-ynh.org>: Sender address rejected: not owned by user my-ynh-admin
So I tried to go back and set SMTP-Username to opensondage and the old SMTP-Passwort (that has been in this configfile before), but this leads to
PHP message: PHP Fatal error: Uncaught PHPMailer\PHPMailer\Exception: SMTP Error: Could not authenticate.
So obviously the mail credentials of user opensondage are invalid.
Then I tried your config with
'username' => '__APP__',
'password' => '__MAIL_PWD__',
But this also leads to SMTP Error: Could not authenticate.
As I don’t know YNH-internals (and your Variables(?) __APP__ and __MAIL_PWD__) that much or changing mail credentials I’m finished with my best (working) bet and the config above with all mails sent from my-ynh-admin@my-ynh.org.
Christian
Merci “chmeyer”
ça fonctionne pour moi aussi, mais question peut être idiote ça ne pose pas de problème de sécurité ?
Hello dupfly,
sorry, I don’t understand french, but I think, you meant security concerns with putting SMTP-credentials in the config file. When this file somehow get’s hacked / leaked an attacker is able to hijack the complete server.
Yes, I think too, it should be more safe to use the opensondage-user with a SMTP-only password.
The only thing is: I don’t know how to do it.
My main thing was to confirm that 'host' => 'my-ynh.org' works and 'host' => 'localhost' doesn’t.
Maybe @Aleks has an answer to this point.
1 Like
I don’t know what security concern there are : having cleartext passwords (or whatever secret - as long as they’re only used for program-to-program auth) in configuration files is perfectly fine and happens all the time, and there’s pretty much no way around it. Here, this is for SMTP auth, but the most common example is SQL db access.
The real question is “can you leverage this secret to escalate privileges or other impact on the machine”, and the answer should definitely be “no”. In this case, the SMTP credential is only used for the user to be able to send email, same as an SQL password which can only be used to read/write the app’s DB.
Edit: well i didn’t read the part about I’m finished with my best (working) bet and the config above with all mails sent from my-ynh-admin@my-ynh.org. … Obviously DO NOT use a human password in a configuration file … If you’re looking for the SMTP credentials for opensondage, check grep mail_pwd /etc/yunohost/apps/opensondage/settings.yml …
1 Like
The issue should be fixed in upcoming Testing by ericgaspar · Pull Request #99 · YunoHost-Apps/opensondage_ynh · GitHub btw
Thanks for clarifying that a human admin password is not a good idea to be stored in a config file.
I tried to use your hint and looked for the details from /etc/yunohost/apps/opensondage/settings.yml, but using the values for app (=opensondage) and mail_pwd (=24 digit hex number) still does not work for me:
SMTP Error: Could not authenticate.
Only when I use the value from email (which is the same as in admin followed by the domain name) and my human password the mail is send.
So I’m still not happy with the situation.
Mise a jour de 1.1.17~ynh3 vers 1.1.19~ynh2, même résultat cela ne fonctionne pas, toujours la page blanche.
Pareil ici, toujours la page blanche
J’ai essayé de mettre à jour en version 1.1.19~ynh2 mais sans succès.
Premier point, la mise à jour ne regénère pas la configuration. Quand j’essaye yunohost tools regen-conf opensondage c’est en échec, mais je n’ai pas trovué le log détaillé.
J’ai mis à jour manuellement mon config.php pour indiquer mon domaine principal (cat /etc/yunohost/current_host) dans smtp_options/host mais ça ne fonctionne pas non plus :
Le log /var/log/nginx/$domain-error.log dit :
2024/02/17 15:12:48 [error] 556565#556565: *43904 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught│
PHPMailer\PHPMailer\Exception: SMTP Error: The following recipients failed: $(myadress): <($my_ynh_user)>: │
Sender address rejected: not logged in
Si ça peut aider…
Ici, paraeil. Après changer config.php par main. C’est l’erreur:
2024/02/18 12:30:36 [error] 902807#902807: *39570 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught PHPMailer\PHPMailer\Exception: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting in /var/www/opensondage/vendor/phpmailer/phpmailer/src/PHPMailer.php:1982
Stack trace:
#0 /var/www/opensondage/vendor/phpmailer/phpmailer/src/PHPMailer.php(1653): PHPMailer\PHPMailer\PHPMailer->smtpSend()
#1 /var/www/opensondage/vendor/phpmailer/phpmailer/src/PHPMailer.php(1491): PHPMailer\PHPMailer\PHPMailer->postSend()
#2 /var/www/opensondage/app/classes/Framadate/Services/MailService.php(67): PHPMailer\PHPMailer\PHPMailer->send()
#3 /var/www/opensondage/create_date_poll.php(213): Framadate\Services\MailService->send()
#4 {main}
thrown in /var/www/opensondage/vendor/phpmailer/phpmailer/src/PHPMailer.php on line 1982" while reading response header from upstream, client: 2003:xy:zz33:000:5e5e:f97c:7715:dad6, server: my.domain, request: "POST /umfrage/create_date_poll.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php/php8.0-fpm-opensondage.sock:", host: "my.domain, referrer: "https://my.domain/umfrage/create_date_poll.php"
@Aleks
Sorry, same here:
Update to 1.1.19~ynh2 successfull, but white-page-problem still persists.
SMTP Error: Could not authenticate. with opensondage user and credentials.
I also tried yunohost tools regen-conf opensondage, which replies with:
Info: The operation 'Regenerate system configurations 'opensondage'' could not be completed. Please share the full log of this operation using the command 'yunohost log share 20240219-205142-regen_conf-opensondage' to get help
Error: Could not regenerate the configuration for category(s):
So, the (short) “full” log is:
https://paste.yunohost.org/raw/alufijeyed
After that I tried to install a second instance of opensondage to compare the config-file, but the second instance dies even earlier, after “create poll”:
2024/02/19 22:04:59 [error] 3255489#3255489: *718085 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/var/lib/php/sessions/sess_077ec4ea005b1871943e8ca5ecf2d65d129042e2cb60f11360009a43661781499770963af936be7ced01731a25ab9de79483, O_RDWR) failed: Permission denied (13) in /var/www/opensondage__2/app/inc/init.php on line 28PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /var/lib/php/sessions) in /var/www/opensondage__2/app/inc/init.php on line 28" while reading response header from upstream, client: 2.200.204.140, server: my-server.org, request: "POST /poll2/create_poll.php?type=date HTTP/2.0", upstream: "fastcgi://unix:/var/run/php/php8.0-fpm-opensondage__2.sock:", host: "my-server.org", referrer: "https://my-server.org/poll2/create_poll.php?type=date"
2024/02/19 22:04:59 [error] 3255489#3255489: *718085 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/var/lib/php/sessions/sess_077ec4ea005b1871943e8ca5ecf2d65d129042e2cb60f11360009a43661781499770963af936be7ced01731a25ab9de79483, O_RDWR) failed: Permission denied (13) in /var/www/opensondage__2/app/inc/init.php on line 28PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /var/lib/php/sessions) in /var/www/opensondage__2/app/inc/init.php on line 28PHP message: PHP Warning: Undefined array key "form" in /var/www/opensondage__2/create_date_poll.php on line 43PHP message: PHP Fatal error: Uncaught Error: Attempt to assign property "format" on bool in /var/www/opensondage__2/create_date_poll.php:47
Stack trace:
#0 {main}
thrown in /var/www/opensondage__2/create_date_poll.php on line 47" while reading response header from upstream, client: 2.200.204.140, server: my-server.org, request: "GET /poll2/create_date_poll.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php/php8.0-fpm-opensondage__2.sock:", host: "my-server.org", referrer: "https://my-server.org/poll2/create_poll.php?type=date"
So finally I uninstalled the second instance of opensondage again.
Next try:
I thought that somehow the mail password of user opensondage might be corrupted.
So I found that passwords of dovecot virtual users are stored in /etc/dovecot/app-senders-passwd, and I did a doveadm pw to generate a new CRYPT hash.
Then I edited /etc/dovecot/app-senders-passwd (I replaced opensondages {CRYPT}$6$... by the generated {CRYPT}$2y$... hash), …
… but obviously this fails, too.
I thought that somehow the mail password of user opensondage might be corrupted.
For me, it was necessary to change the domain of the E-Mail address to the same one the opensondage web interface runs on, the username before the @ must be opensondage.
So change
const ADRESSEMAILADMIN = 'admin@yuno.example.org';
to
const ADRESSEMAILADMIN = 'opensondage@opensondage.example.org';
(with the real addresses of course)
I hope that helps.
@Aleks @snmogl
Sorry, I just updated to Verion 1.1.19~ynh3, but the nginx error.log still says SMTP Error: Could not authenticate.
The configfile rebuild successfully (with smtp username => ‘opensondage’ and the given password)
I don’t run opensondage on a subdomain, but on a path under the main domain: https://example.org/opensondage/
The ADRESSEMAILADMIN is not opensondage, but the user, I entered at install time and he is member in the groups admins and opensondage.main and many more.
I’m a bit confused, because the Comment line above ADRESSEMAILADMIN says this would be the Database administrator email:
const APP_URL = 'example.org';
// Application name
const NOMAPPLICATION = 'OpenSondage';
// Database administrator email
const ADRESSEMAILADMIN = 'my_user@example.org';
I also tried two variations:
a) I changed the const ADRESSEMAILADMIN = 'opensondage@example.org';
b) I added the domainname to the 'username' => 'opensondage@example.org', // SMTP username
Both cases, same answer: SMTP Error: Could not authenticate.