[TiKu]

Quote:

Originally Posted by ndahiya

how did you fix it? my host recently moved to easyapache 4. still using php 7.0, but breaks vbsso linkage - some issue with the cookies (not sure what the problem is, but under the old cpanel setup, it was fine - no other changes). appreciate any color as this is a critical piece of our side, and the developer is not active.

ndahiya

Sorry for my late reply. I did not have time earlier.
Well, switching from mcrypt to OpenSSL is quite easy. I edited the file vendor/com.extremeidea.vbsso/vbsso-connect-shared/sharedapi.php (these edits are required in each connected platform):
In sharedapi_encrypt:

Code:

        //return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND))));
        $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('AES-128-CBC'));
        return base64_encode($iv . openssl_encrypt($data, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv));

In sharedapi_decrypt:

Code:

        //return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($data), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND)));
        $raw = base64_decode($data);
        $iv_length = openssl_cipher_iv_length('AES-128-CBC');
        $iv = substr($raw, 0, $iv_length);
        return openssl_decrypt(substr($raw, $iv_length), 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv);

In vBSSO for vBulletin I've also edited edited the function vbsso_helper_verify_platform_verification in includes/functions_helper.php:

Code:

    return $json && is_array($json)
        && in_array($json[SHAREDAPI_EVENT_FIELD_PRODUCT], array_keys(sharedapi_get_platforms()))
        && isset($json[SHAREDAPI_EVENT_FIELD_DATA][SHAREDAPI_EVENT_FIELD_VERIFY])
        && $json[SHAREDAPI_EVENT_FIELD_DATA][SHAREDAPI_EVENT_FIELD_VERIFY];

But I think this is part of another change I made (display detailed errors in admincp in case of a connection error between connected platforms).

For supporting Mediawiki 1.30 and newer, the plugin needs to be converted. These are too many edits to list them here. I'm not sure how the devs of vBSSO feel about having their commercial product being edited and uploaded by others. On the other hand this product seems abandoned. So @vBSSO: just drop me a friendly message if you want me to remove the file.