TeamPass
TeamPass copied to clipboard
nilsteampassnet
Personal Saltkey is not correct
Steps to reproduce
- Upgrade from TeamPass 2.1.27.36 to 3.0.0.17
- Login as user
- try access personal passwords
Expected behaviour
Actual behaviour
saltkey ist not accepted "This personal Saltkey is not correct!"
Server configuration
Operating system: Ubuntu 20.04 Web server: Apache 2.4.41 Database: MySQL 8.0.28 PHP version: 7.4.3 Teampass version: 3.0.0.17
Updated from an older Teampass or fresh install: Upgrade from 2.1.27.36 to 3.0.0.17
Client configuration
Browser: Firefox 98.0.2 Operating system: Ubuntu 20.04
Logs
Web server error log
nothing Insert your webserver log here only access log
Log from the web-browser developer console (CTRL + SHIFT + i)
Object { error: true, message: "This personal Saltkey is not correct!" }
New created private passwords are stored and accessable.
@Nachtlichtermeer If you have this message then the provided string for personal items called previously "personal salt key" is not correct.
For understanding purpose, here is how this phase works. During upgrade from v2 to v3, personal items are not "updated", no changes are performed in the object in DB. This step is finalized while user is logging into TPv3 and providing his PSK. When the user provides his PSK, the code uses a specific function provided by the encryption library (Defuse) that check if this string is the correct PSK, if answer is false then the message you see is shown. Here the code is exactly the same as in V2. So unfortunately, the provided PSK is not the correct one used to encrypt the user's personal items in v2.
I performed a lot of upgrade V2 to V3 for users and this occurs several time but in the meanwhile it was working for other users in the same team. In some case, I had to relaunched V2 and we observed that even in V2 the PSK was wrong. As a conclusion each time the user in fact did simply forget his PSK.
Thanks for reply
The PSK works with V2 without any problems. I've tested the upgrade with 2 users and both have this problem. I'll test it a third time and write again later that day.
The problem is the following code:
mysql teampass -e "update teampass_users set auth_type='ldap' where login not in ('admin','OTV','API');"
I use this to map the existing users to LDAP-Auth because V2-LDAP-Users are local users after upgrade to V3
If i try it without that code, i stuck at
Encrypting keys [0 - 100] ...
After 30 minutes they aren't finished with 18 private keys; and nothing happend: no load, no SQL-queries, ...
I have to use commit 5bf2933b4feb5beb0e05c1d113ff4c6b7d80144d because of https://github.com/nilsteampassnet/TeamPass/issues/3147
stucking at
Encrypting keys [0 - 100] ...
even is shown when i enter a wrong password
found something in error-log of apache:
[Tue May 03 10:46:52.626418 2022] [php7:error] [pid 859] [client 172.19.0.2:34284] PHP Fatal error: Uncaught Error: Call to a member function unlockKey() on string in /var/www/foo/htdocs/teampass/sources/main.functions.php:284\nStack trace:\n#0 /var/www/foo/htdocs/teampass/sources/main.queries.php(2356): defuse_validate_personal_key()\n#1 /var/www/foo/htdocs/teampass/sources/main.queries.php(423): migrateTo3_DoUserPersonalItemsEncryption()\n#2 /var/www/foo/htdocs/teampass/sources/main.queries.php(74): mainQuery()\n#3 {main}\n thrown in /var/www/foo/htdocs/teampass/sources/main.functions.php on line 284, referer: https://foo/index.php?page=items
Found commit:
3.0.0.17
Fix for #3149
i've tried it, but i cannot login
error.log shows: [Thu May 05 11:15:59.183533 2022] [php7:error] [pid 844] [client 172.19.0.2:43002] PHP Parse error: syntax error, unexpected ')', expecting variable (T_VARIABLE) in /var/www/foo/htdocs/teampass/sources/identify.php on line 827, referer: https://foo/
fixed it with: /var/www/foo/htdocs/teampass/sources/identify.php
$userInfoLogin,
$userInfoLastConnection,
$username,
- $SETTINGS,
+ $SETTINGS
) : array
{
$rows = DB::query(
After Login i can't see any password
error.log: [Thu May 05 11:26:58.508849 2022] [php7:error] [pid 840] [client 172.19.0.2:43044] PHP Parse error: syntax error, unexpected '|', expecting variable (T_VARIABLE) in /var/www/foo/htdocs/teampass/sources/main.queries.php on line 196, referer: https://foo/index.php?page=items [Thu May 05 11:26:58.533146 2022] [php7:error] [pid 841] [client 172.19.0.2:43054] PHP Parse error: syntax error, unexpected ')', expecting variable (T_VARIABLE) in /var/www/foo/htdocs/teampass/sources/tree.php on line 224, referer: https://foo/index.php?page=items
fixed second file:
array $session_groupes_visibles,
array $listFoldersLimitedKeys,
- array $listRestrictedFoldersForItemsKeys,
+ array $listRestrictedFoldersForItemsKeys
): bool
{
error in main.queries.php persists and looks like PHP8, but now i can see passwords
summary:
after fixing sources/identify.php and sources/tree.php i'm stucking again at Encrypting keys [0 - 100] ... even is shown when i enter a wrong password
==> ../../logs/error.log <== [Thu May 05 11:57:29.013112 2022] [php7:error] [pid 37085] [client 172.19.0.2:43182] PHP Parse error: syntax error, unexpected '|', expecting variable (T_VARIABLE) in /var/www/foo/htdocs/teampass/sources/main.queries.php on line 196, referer: https://foo/index.php?page=items
==> ../../logs/access.log <== 172.19.0.2 - ok [05/May/2022:11:57:29 +0200] "POST /sources/main.queries.php HTTP/1.1" 500 - "https://foo/index.php?page=items" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:99.0) Gecko/20100101 Firefox/99.0"
@Nachtlichtermeer Don't understand how those errors ddidn't bumped out on my tests and also usage. Perhaps php8 ... Your last issue is related to specific function type parameters not accepted in php7. Commented this out to ensure compliance with PHP7.
sorry for waiting
tested with latest commit e44054e6d0e03d100d955ee4ba85322db823b6bc, but:
==> /var/www/foo/logs/error.log <== [Thu May 19 08:07:49.853034 2022] [php7:error] [pid 850] [client 172.19.0.2:47962] PHP Fatal error: Uncaught Error: Call to a member function unlockKey() on string in /var/www/foo/htdocs/teampass/sources/main.functions.php:284
Stack trace:
#0 /var/www/foo/htdocs/teampass/sources/main.queries.php(2393): defuse_validate_personal_key()
#1 /var/www/foo/htdocs/teampass/sources/main.queries.php(408): migrateTo3_DoUserPersonalItemsEncryption()
#2 /var/www/foo/htdocs/teampass/sources/main.queries.php(150): keyHandler()
#3 /var/www/foo/htdocs/teampass/sources/main.queries.php(74): mainQuery()
#4 {main}
thrown in /var/www/foo/htdocs/teampass/sources/main.functions.php on line 284, referer: https://foo/index.php?page=items
this happens when i enter my personal salt key
There is no problem with new created passwords.
I saw that i have to use mcrypt. Problem still persists.
I've tested it with PHP8.1 but had other problems with mysql. So i've testet PHP8.0, but have the same problem ("PHP Fatal error: Uncaught Error: Call to a member function unlockKey()")
i'll migrate all private passwords manually to close this issue for me
@Nachtlichtermeer I have the same problem
==> /var/www/foo/logs/error.log <== [Thu May 19 08:07:49.853034 2022] [php7:error] [pid 850] [client 172.19.0.2:47962] PHP Fatal error: Uncaught Error: Call to a member function unlockKey() on string in /var/www/foo/htdocs/teampass/sources/main.functions.php:284
Stack trace:
#0 /var/www/foo/htdocs/teampass/sources/main.queries.php(2393): defuse_validate_personal_key()
#1 /var/www/foo/htdocs/teampass/sources/main.queries.php(408): migrateTo3_DoUserPersonalItemsEncryption()
#2 /var/www/foo/htdocs/teampass/sources/main.queries.php(150): keyHandler()
#3 /var/www/foo/htdocs/teampass/sources/main.queries.php(74): mainQuery()
#4 {main}
thrown in /var/www/foo/htdocs/teampass/sources/main.functions.php on line 284, referer: https://foo/index.php?page=items
how did you manually migrated the passwords?
br
Bad news: No hack; i told all users they have to copy and paste all entries. For this temporarily we had 2 teampass