Skip to content

Logging ERROR and recommendations #216

Open
@EpeR1

Description

  1. When roundcube is set to do logging through SYSLOG, there is a problem with $rcmail->config->get('log_dir'); in twofactor_gauthenticator.php line: 544.
    So my roundcube instance gets "Oops... something went wrong!" fatal internal error message.
    Like in Incorrect 2FA code results in PHP Fatal Error #215 or in I don't actually know if this is an Issue, but looks a bit like a crash... #207 or as my comment.

  2. Roundcube has built-in logging functions, like:
    program/include/rcmail.php:
    public function log_login($user = null, $failed_login = false, $error_code = 0);
    https://github.com/roundcube/roundcubemail/blob/fa1f3bd852ea45f67c66fc1954dcd73ced80e25e/program/include/rcmail.php#L1493
    or program/lib/Roundcube/rcube.php:
    public static function write_log($name, $line);
    https://github.com/roundcube/roundcubemail/blob/fa1f3bd852ea45f67c66fc1954dcd73ced80e25e/program/lib/Roundcube/rcube.php#L1301
    Why don't we use them?

  3. Roundcube can generate log message at successful logins, so it would be nice if is this plugin could too, like:
    Successful 2FA completion for <user> (ID: <num>) from <ip> in session <session>
    Where: <user> = User name; <num> = User ID; <ip> = IP address; <session> = First part of the session id;
    Like the session log:
    Jan 28 06:09:13 srv02 roundcube: <6292c68e> Successful login for Djoe (ID: 151) from 10.10.10.10 in session 6292c68e0bd5d116
    or Only let roundcube to do the logging (successful or fail), only When the 2FA is also completed.

Environment:
Server: Debian 11.11, Linux kernel 5.10.226-1
Apache: 2.4.62
PHP: 7.4.33
Roundcube: 1.6.9
twofactor_gauthenticator: (latest) 057ee8e

Activity

EpeR1

EpeR1 commented on Jan 28, 2025

@EpeR1
Author

My error message is:

PHP Fatal error:  Uncaught Error: Call to a member function get() on null in /home/webmail/web/plugins/twofactor_gauthenticator/twofactor_gauthenticator.php:544
Stack trace:  
#0 /home/webmail/web/plugins/twofactor_gauthenticator/twofactor_gauthenticator.php(173): twofactor_gauthenticator->__logError()  
#1 [internal function]: twofactor_gauthenticator->check_2FAlogin(Array)
#2 /home/webmail/web/program/lib/Roundcube/rcube_plugin_api.php(520): call_user_func(Array, Array)
#3 /home/webmail/web/program/include/rcmail_output_html.php(2157): rcube_plugin_api->exec_hook('send_page', Array)
#4 /home/webmail/web/program/include/rcmail_output_html.php(706): rcmail_output_html->_write('<!DOCTYPE html>...')
#5 /home/webmail/web/program/include/rcmail_output_html.php(845): rcmail_output_html->write('<!DOCTYPE html>...')
#6 /home/webmail/web/program/include/rcmail_output_html.php(654): rcmail_output_html->parse('mail', false)
#7 /home/webmail/web/program/include/rcmail.php(296): rcmail_o in /home/webmail/web/plugins/twofactor_gauthenticator/twofactor_gauthenticator.php on line 544
EpeR1

EpeR1 commented on Jan 28, 2025

@EpeR1
Author

Meanwhile I realized, the the problem in the question 1) is only, the $rcmail = rcmail::get_instance(); call is missing from the __logError function.

But, this don't solve the "logging through syslog not only in file" problem.

added a commit that references this issue on Feb 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      Logging ERROR and recommendations · Issue #216 · alexandregz/twofactor_gauthenticator