Page MenuHomePhabricator
Create Task
Maniphest T104142

MediaWiki unable to send confirmation mail
Closed, ResolvedPublic
Actions

Description

On a wiki of mine, I require users to enter an address and to confirm it before being able to contribute.

Since the MediaWiki 1.25 upgrade (and upgrade from PHP 5.3.29 to 5.6.9), users are getting the following error on the page that is supposed to welcome them after the user signup form:

Welcome, Test!
Testwiki kon uw bevestigingscode niet verzenden. Controleer uw e-mailadres op ongeldige tekens.
Het e-mailprogramma meldde: Er is een onbekende fout opgetreden in de mail()-functie van PHP
Uw account is aangemaakt. Indien gewenst kunt u uw voorkeuren voor Testwiki aanpassen.

(An unknown error occurred in the php mail() functie)

The same happens when trying to use Special:ChangeEmail.

Debug log on Create account

[antispoof] PASS new account 'Test' [v2:TE5T]
MWCryptRand::realGenerate: Generating cryptographic random bytes for User::setToken/MWCryptRand::generateHex/MWCryptRand::realGenerateHex/MWCryptRand::generate/MWCryptRand::realGenerate
MWCryptRand::realGenerate: mcrypt_create_iv generated 16 bytes of randomness.
MWCryptRand::realGenerate: 0 bytes of randomness leftover in the buffer.
DatabaseBase::query: Writes done: INSERT IGNORE INTO `mw_user` (user_id,user_name,user_password,user_newpassword,user_newpass_time,user_email,user_email_authenticated,user_real_name,user_token,user_registration,user_editcount,user_touched) VALUES (NULL,'X')
User: loading options for user 4434 from database.
MWCryptRand::realGenerate: Generating cryptographic random bytes for User::setToken/MWCryptRand::generateHex/MWCryptRand::realGenerateHex/MWCryptRand::generate/MWCryptRand::realGenerate
MWCryptRand::realGenerate: mcrypt_create_iv generated 16 bytes of randomness.
MWCryptRand::realGenerate: 0 bytes of randomness leftover in the buffer.
MWCryptRand::realGenerate: Generating cryptographic random bytes for User::setInternalPassword/PasswordFactory::newFromPlaintext/Pbkdf2Password::crypt/MWCryptRand::generate/MWCryptRand::realGenerate
MWCryptRand::realGenerate: mcrypt_create_iv generated 16 bytes of randomness.
MWCryptRand::realGenerate: 0 bytes of randomness leftover in the buffer.
MWCryptRand::realGenerate: Generating cryptographic random bytes for User::setToken/MWCryptRand::generateHex/MWCryptRand::realGenerateHex/MWCryptRand::generate/MWCryptRand::realGenerate
MWCryptRand::realGenerate: mcrypt_create_iv generated 16 bytes of randomness.
MWCryptRand::realGenerate: 0 bytes of randomness leftover in the buffer.
MWCryptRand::realGenerate: Generating cryptographic random bytes for User::confirmationToken/MWCryptRand::generateHex/MWCryptRand::realGenerateHex/MWCryptRand::generate/MWCryptRand::realGenerate
MWCryptRand::realGenerate: mcrypt_create_iv generated 16 bytes of randomness.
MWCryptRand::realGenerate: 0 bytes of randomness leftover in the buffer.
[exception] [00f90cc3] /mw/index.php?title=Speciaal:Aanmelden&action=submitlogin&type=signup&returnto=Hoofdpagina   MWException from line 3658 of mw/includes/User.php: CAS update failed on user_touched for user ID '4434'.
#0 mw/includes/User.php(4165): User->saveSettings()
#1 mw/includes/specials/SpecialUserlogin.php(409): User->sendConfirmationMail()
#2 mw/includes/specials/SpecialUserlogin.php(314): LoginForm->addNewAccount()
#3 mw/includes/specialpage/SpecialPage.php(384): LoginForm->execute(NULL)
#4 mw/includes/specialpage/SpecialPageFactory.php(582): SpecialPage->run(NULL)
#5 mw/includes/MediaWiki.php(267): SpecialPageFactory::executePath(Object(Title), Object(RequestContext))
#6 mw/includes/MediaWiki.php(566): MediaWiki->performRequest()
#7 mw/includes/MediaWiki.php(414): MediaWiki->main()
#8 mw/index.php(41): MediaWiki->run()
#9 {main}
UserMailer::send: sending mail to Test <krinklemail@gmail.com>
Sending mail via internal mail() function
Unknown error sending mail
[exception] [f4ee0e42] /mw/index.php?title=Speciaal:Aanmelden&action=submitlogin&type=signup&returnto=Hoofdpagina   MWException from line 3658 of mw/includes/User.php: CAS update failed on user_touched for user ID '4434'.
#0 mw/includes/specials/SpecialUserlogin.php(418): User->saveSettings()
#1 mw/includes/specials/SpecialUserlogin.php(314): LoginForm->addNewAccount()
#2 mw/includes/specialpage/SpecialPage.php(384): LoginForm->execute(NULL)
#3 mw/includes/specialpage/SpecialPageFactory.php(582): SpecialPage->run(NULL)
#4 mw/includes/MediaWiki.php(267): SpecialPageFactory::executePath(Object(Title), Object(RequestContext))
#5 mw/includes/MediaWiki.php(566): MediaWiki->performRequest()
#6 mw/includes/MediaWiki.php(414): MediaWiki->main()
#7 mw/index.php(41): MediaWiki->run()
#8 {main}
[cookie] setcookie: "test_mw_UserID", "4434", "1451069295", "/", "", "", "1"
[cookie] setcookie: "test_mw_UserName", "Test", "1451069295", "/", "", "", "1"
[cookie] setcookie: "test_mw_Token", "", "1435430895", "/", "", "", "1"
User: cache miss for user 4434
User: loading options for user 4434 from database.
[MessageCache] MessageCache::load: Loading en... got from local cache
MWCryptRand::realGenerate: Generating cryptographic random bytes for User::getEditTokenAtTimestamp/MWCryptRand::generateHex/MWCryptRand::realGenerateHex/MWCryptRand::generate/MWCryptRand::realGenerate
MWCryptRand::realGenerate: mcrypt_create_iv generated 16 bytes of randomness.
MWCryptRand::realGenerate: 0 bytes of randomness leftover in the buffer.
OutputPage::sendCacheControl: private caching;  **

Debug log on Change e-mail:

MWCryptRand::realGenerate: Generating cryptographic random bytes for User::confirmationToken/MWCryptRand::generateHex/MWCryptRand::realGenerateHex/MWCryptRand::generate/MWCryptRand::realGenerate
MWCryptRand::realGenerate: mcrypt_create_iv generated 16 bytes of randomness.
MWCryptRand::realGenerate: 0 bytes of randomness leftover in the buffer.
DatabaseBase::query: Writes done: UPDATE `mw_user` SET user_name = 'X'
UserMailer::send: sending mail to Test <krinklemail@gmail.com>
Sending mail via internal mail() function
Unknown error sending mail

Details

SubjectRepoBranchLines +/-
Support empty string for wgEmergencyContact/wgPasswordSendermediawiki/coreREL1_25+5 -3
Support empty string for wgEmergencyContact/wgPasswordSendermediawiki/coremaster+5 -3
Customize query in gerrit

Related Objects

Event Timeline

Krinkle created this task.Jun 28 2015, 6:13 PM
Krinkle raised the priority of this task from to Unbreak Now!.
Krinkle updated the task description. (Show Details)
Krinkle added projects: MW-1.25-release, Regression, MediaWiki-User-login-and-signup.
Krinkle subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 28 2015, 6:13 PM
Krinkle updated the task description. (Show Details)Jun 28 2015, 6:54 PM
Krinkle set Security to None.
Umherirrender closed this task as a duplicate of T102927: Email confirmation broken (user_token is NULL in database).Jun 28 2015, 7:10 PM
Krinkle reopened this task as Open.Jun 29 2015, 9:08 AM

The "CAS update failed on user_touched" was in my log dump but is unrelated to the fact that mail() is called with invalid parameters. I can reproduce this on Special:ChangeEmail, where (as shown above) it does not result in a "CAS update failed on user_touched" error in the logs.

I've added a var_dump to dump all the parameters passed to mail() before it returns false:

UserMailer::send: sending mail to Test <test@example.org>
Sending mail via internal mail() function

Parameters to mail(): array (
  0 => 
  MailAddress::__set_state(array(
     'address' => 'test@example.org',
     'name' => 'Test',
     'realName' => '',
  )),

  1 => 'Bevestiging e-mailadres voor Testwiki',

  2 => 'Iemand, waarschijnlijk u, met het IP-adres [..]

[..]/Special:ConfirmEmail/7a8d456470c2b9f2e03c4ee842fa9568

Als u uzelf *niet* hebt aangemeld, volg dan de volgende koppeling om de bevestiging van uw e-mailadres te annuleren:

[..]/Special:InvalidateEmail/7a8d456470c2b9f2e03c4ee842fa9568

De bevestigingscode vervalt op 6 jul 2015 09:01.',

  3 => 'From: 
Return-Path: 
Date: Mon, 29 Jun 2015 11:01:18 +0200
Message-ID: <deb[..]536@[..]>
X-Mailer: MediaWiki mailer
MIME-Version: 1.0
Content-type: text/plain; charset=UTF-8
Content-transfer-encoding: 8bit',

  4 => ' -f ',
)

Unknown error sending mail

The empty From: header and -f parameter look like a likely culprit.

Krinkle added a comment.Jun 29 2015, 9:25 AM

Apparently, an older version of the web installer generated the following in LocalSettings.php

$wgEnableEmail = true;
$wgEnableUserEmail = true; # UPO

$wgEmergencyContact = '';
$wgPasswordSender = '';

Looking at the file history on this server, this happened in February 2013 with between MediaWiki 1.20.1 and MediaWiki 1.22.7. It's also possible that the DirectAdmin Installatron upgrader caused this defect.

Actionables:

  • Since mail() has no error codes exposed, improve checking of values beforehand so that simple things like empty values being passed are caught and presented in a more debuggable manner in the log.
  • Update Setup.php default-value handling to also cover empty string for these values. Or at least log it.
Krinkle added a project: MediaWiki-Tarball-Backports.Jul 1 2015, 12:30 AM
Aklapper added a comment.Jul 27 2015, 8:47 AM
In T104142#1409085, @Krinkle wrote:
  • Since mail() has no error codes exposed, improve checking of values beforehand so that simple things like empty values being passed are caught and presented in a more debuggable manner in the log.
  • Update Setup.php default-value handling to also cover empty string for these values. Or at least log it.

@Krinkle: Who could/should work on this? And is this still "Unbreak now" priority (no updates for four weeks)?

Krinkle added a comment.Jul 27 2015, 5:58 PM
In T104142#1484153, @Aklapper wrote:
In T104142#1409085, @Krinkle wrote:
  • Since mail() has no error codes exposed, improve checking of values beforehand so that simple things like empty values being passed are caught and presented in a more debuggable manner in the log.
  • Update Setup.php default-value handling to also cover empty string for these values. Or at least log it.

@Krinkle: Who could/should work on this? And is this still "Unbreak now" priority (no updates for four weeks)?

I'm just reporting this issue as a user. But I imagine it's the job of whomever is in charge of MediaWiki releases to triage, prioritise, and assign this task accordingly.

Aklapper added a subscriber: greg.Aug 18 2015, 11:47 AM
In T104142#1485574, @Krinkle wrote:

I'm just reporting this issue as a user. But I imagine it's the job of whomever is in charge of MediaWiki releases to triage, prioritise, and assign this task accordingly.

@greg: Is this / should this task be on the to-do list of anybody?

greg added a subscriber: demon.Aug 18 2015, 3:57 PM

It's in the correct projects for people to work on it. Help identifying who should work on these parts of the MW codebase appreciated.

gerritbot subscribed.Aug 31 2015, 3:34 PM

Change 235021 had a related patch set uploaded (by Krinkle):
Support empty string for wgEmergencyContact/wgPasswordSender

https://gerrit.wikimedia.org/r/235021

gerritbot added a project: Patch-For-Review.Aug 31 2015, 3:34 PM
Krinkle claimed this task.Aug 31 2015, 3:35 PM
Ciencia_Al_Poder subscribed.Aug 31 2015, 3:39 PM
gerritbot added a comment.Sep 3 2015, 4:17 AM

Change 235021 merged by jenkins-bot:
Support empty string for wgEmergencyContact/wgPasswordSender

https://gerrit.wikimedia.org/r/235021

Krinkle mentioned this in rMW583fdd54ad14: Support empty string for wgEmergencyContact/wgPasswordSender.Sep 3 2015, 4:17 AM
Forrestbot added projects: WMF-deploy-2015-09-08_(1.26wmf22), MW-1.26-release.Sep 3 2015, 5:00 AM
gerritbot added a comment.Sep 4 2015, 12:20 AM

Change 235944 had a related patch set uploaded (by Krinkle):
Support empty string for wgEmergencyContact/wgPasswordSender

https://gerrit.wikimedia.org/r/235944

Krinkle closed this task as Resolved.Sep 4 2015, 12:20 AM
Krinkle removed a project: WMF-deploy-2015-09-08_(1.26wmf22).
gerritbot added a comment.Sep 4 2015, 12:30 AM

Change 235944 merged by jenkins-bot:
Support empty string for wgEmergencyContact/wgPasswordSender

https://gerrit.wikimedia.org/r/235944

Krinkle mentioned this in rMW14a9383ccf60: Support empty string for wgEmergencyContact/wgPasswordSender.Sep 4 2015, 12:30 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL