indeed, I'll try to move to ELOG V3.1.4-80633ba

> My try on this server ->> see the subject

> indeed, I'll try to move to ELOG V3.1.4-80633ba
> 
> > My try on this server ->> see the subject

I've tried with elog-3.1.4-2 and git version, and I still have the same problem. 
If I compile with make debug, it works.

Is there anything I can do to help debug the problem?

thanks for your help

S

compiling git master w/o debug, but running in gdb


gdb ~/elog/elogd
(gdb) run -f /var/run/elog.pid -c /etc/elog.conf -d /var/lib/elog/logbooks -s /usr/share/elog -v 3 -x
... [opening elogbook demo with an entry with lorem ipsum as sujbject] 

*** buffer overflow detected ***: /root/elog/elogd terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7ffff781b7e5]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7ffff78bd15c]
/lib/x86_64-linux-gnu/libc.so.6(+0x117160)[0x7ffff78bb160]
/lib/x86_64-linux-gnu/libc.so.6(+0x1166c9)[0x7ffff78ba6c9]
/lib/x86_64-linux-gnu/libc.so.6(_IO_default_xsputn+0x80)[0x7ffff781f6b0]
/lib/x86_64-linux-gnu/libc.so.6(_IO_vfprintf+0x139b)[0x7ffff77f250b]
/lib/x86_64-linux-gnu/libc.so.6(__vsprintf_chk+0x84)[0x7ffff78ba754]
/lib/x86_64-linux-gnu/libc.so.6(__sprintf_chk+0x7d)[0x7ffff78ba6ad]
/root/elog/elogd[0x44c86a]
/root/elog/elogd[0x4799e0]
/root/elog/elogd[0x496018]
/root/elog/elogd[0x4962a6]
/root/elog/elogd[0x49864e]
/root/elog/elogd[0x49b1f8]
/root/elog/elogd[0x4038c7]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7ffff77c4830]
/root/elog/elogd[0x404509]
======= Memory map: ========
00400000-004d5000 r-xp 00000000 ca:01 273573                             /root/elog/elogd
006d4000-006d5000 r--p 000d4000 ca:01 273573                             /root/elog/elogd
006d5000-0076c000 rw-p 000d5000 ca:01 273573                             /root/elog/elogd
0076c000-018e7000 rw-p 00000000 00:00 0                                  [heap]
7ffff5783000-7ffff5799000 r-xp 00000000 ca:01 651589                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5799000-7ffff5998000 ---p 00016000 ca:01 651589                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5998000-7ffff5999000 rw-p 00015000 ca:01 651589                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5999000-7ffff5c56000 rw-p 00000000 00:00 0 
7ffff5cda000-7ffff66c7000 r--s 00000000 ca:03 1305745                    /var/lib/sss/mc/initgroups
7ffff66c7000-7ffff66df000 r-xp 00000000 ca:01 652670                     /lib/x86_64-linux-gnu/libpthread-2.23.so
7ffff66df000-7ffff68de000 ---p 00018000 ca:01 652670                     /lib/x86_64-linux-gnu/libpthread-2.23.so
7ffff68de000-7ffff68df000 r--p 00017000 ca:01 652670                     /lib/x86_64-linux-gnu/libpthread-2.23.so
7ffff68df000-7ffff68e0000 rw-p 00018000 ca:01 652670                     /lib/x86_64-linux-gnu/libpthread-2.23.so
7ffff68e0000-7ffff68e4000 rw-p 00000000 00:00 0 
7ffff68e4000-7ffff68ec000 r-xp 00000000 ca:01 651532                     /lib/x86_64-linux-gnu/libnss_sss.so.2
7ffff68ec000-7ffff6aeb000 ---p 00008000 ca:01 651532                     /lib/x86_64-linux-gnu/libnss_sss.so.2
7ffff6aeb000-7ffff6aec000 r--p 00007000 ca:01 651532                     /lib/x86_64-linux-gnu/libnss_sss.so.2
7ffff6aec000-7ffff6aed000 rw-p 00008000 ca:01 651532                     /lib/x86_64-linux-gnu/libnss_sss.so.2
7ffff6aed000-7ffff6af8000 r-xp 00000000 ca:01 652680                     /lib/x86_64-linux-gnu/libnss_files-2.23.so
7ffff6af8000-7ffff6cf7000 ---p 0000b000 ca:01 652680                     /lib/x86_64-linux-gnu/libnss_files-2.23.so
7ffff6cf7000-7ffff6cf8000 r--p 0000a000 ca:01 652680                     /lib/x86_64-linux-gnu/libnss_files-2.23.so
7ffff6cf8000-7ffff6cf9000 rw-p 0000b000 ca:01 652680                     /lib/x86_64-linux-gnu/libnss_files-2.23.so
7ffff6cf9000-7ffff6cff000 rw-p 00000000 00:00 0 
7ffff6cff000-7ffff715b000 r--p 00000000 ca:01 134295                     /usr/lib/locale/locale-archive
7ffff715b000-7ffff715e000 r-xp 00000000 ca:01 652668                     /lib/x86_64-linux-gnu/libdl-2.23.so
7ffff715e000-7ffff735d000 ---p 00003000 ca:01 652668                     /lib/x86_64-linux-gnu/libdl-2.23.so
7ffff735d000-7ffff735e000 r--p 00002000 ca:01 652668                     /lib/x86_64-linux-gnu/libdl-2.23.so
7ffff735e000-7ffff735f000 rw-p 00003000 ca:01 652668                     /lib/x86_64-linux-gnu/libdl-2.23.so
7ffff735f000-7ffff757a000 r-xp 00000000 ca:01 651557                     /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7ffff757a000-7ffff7779000 ---p 0021b000 ca:01 651557                     /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7ffff7779000-7ffff7795000 r--p 0021a000 ca:01 651557                     /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7ffff7795000-7ffff77a1000 rw-p 00236000 ca:01 651557                     /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7ffff77a1000-7ffff77a4000 rw-p 00000000 00:00 0 
7ffff77a4000-7ffff7964000 r-xp 00000000 ca:01 652683                     /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7964000-7ffff7b64000 ---p 001c0000 ca:01 652683                     /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7b64000-7ffff7b68000 r--p 001c0000 ca:01 652683                     /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7b68000-7ffff7b6a000 rw-p 001c4000 ca:01 652683                     /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7b6a000-7ffff7b6e000 rw-p 00000000 00:00 0 
7ffff7b6e000-7ffff7bcc000 r-xp 00000000 ca:01 651645                     /lib/x86_64-linux-gnu/libssl.so.1.0.0
7ffff7bcc000-7ffff7dcc000 ---p 0005e000 ca:01 651645                     /lib/x86_64-linux-gnu/libssl.so.1.0.0
7ffff7dcc000-7ffff7dd0000 r--p 0005e000 ca:01 651645                     /lib/x86_64-linux-gnu/libssl.so.1.0.0
7ffff7dd0000-7ffff7dd7000 rw-p 00062000 ca:01 651645                     /lib/x86_64-linux-gnu/libssl.so.1.0.0
7ffff7dd7000-7ffff7dfd000 r-xp 00000000 ca:01 652669                     /lib/x86_64-linux-gnu/ld-2.23.so
7ffff7fd9000-7ffff7fde000 rw-p 00000000 00:00 0 
7ffff7ff7000-7ffff7ff8000 rw-p 00000000 00:00 0 
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0                          [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0                          [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00025000 ca:01 652669                     /lib/x86_64-linux-gnu/ld-2.23.so
7ffff7ffd000-7ffff7ffe000 rw-p 00026000 ca:01 652669                     /lib/x86_64-linux-gnu/ld-2.23.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0 
7fffffe68000-7ffffffff000 rw-p 00000000 00:00 0                          [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

Program received signal SIGABRT, Aborted.
0x00007ffff77d9428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
54	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.

(gdb) where
#0  0x00007ffff77d9428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007ffff77db02a in __GI_abort () at abort.c:89
#2  0x00007ffff781b7ea in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7ffff793349f "*** %s ***: %s terminated\n") at 
../sysdeps/posix/libc_fatal.c:175
#3  0x00007ffff78bd15c in __GI___fortify_fail (msg=<optimized out>, msg@entry=0x7ffff7933430 "buffer overflow detected") at fortify_fail.c:37
#4  0x00007ffff78bb160 in __GI___chk_fail () at chk_fail.c:28
#5  0x00007ffff78ba6c9 in _IO_str_chk_overflow (fp=<optimized out>, c=<optimized out>) at vsprintf_chk.c:31
#6  0x00007ffff781f6b0 in __GI__IO_default_xsputn (f=0x7ffffff36d90, data=<optimized out>, n=1499) at genops.c:455
#7  0x00007ffff77f250b in _IO_vfprintf_internal (s=s@entry=0x7ffffff36d90, format=<optimized out>, format@entry=0x4b66bf "Style %s %s", 
ap=ap@entry=0x7ffffff36ec8) at vfprintf.c:1632
#8  0x00007ffff78ba754 in ___vsprintf_chk (
    s=0x7ffffff376a0 "Style Subject Lorem ipsum dolor sit amet, ut solum conceptam dissentiet per, affert argumentum te pro. Dicta tractatos 
intellegebat an ius. Mei munere soleat voluptatum cu, at vidit scriptorem consect"..., flags=1, slen=1500, format=0x4b66bf "Style %s %s", 
args=args@entry=0x7ffffff36ec8) at vsprintf_chk.c:82
#9  0x00007ffff78ba6ad in ___sprintf_chk (s=<optimized out>, flags=<optimized out>, slen=<optimized out>, format=<optimized out>) at sprintf_chk.c:31
#10 0x000000000044c86a in display_line ()
#11 0x00000000004799e0 in show_elog_list ()
#12 0x0000000000496018 in interprete ()
#13 0x00000000004962a6 in decode_get ()
#14 0x000000000049864e in process_http_request ()
#15 0x000000000049b1f8 in server_loop ()
#16 0x00000000004038c7 in main ()

I found two potential memory leaks which I fixed in the git version, so you can try again.

Another possibility, which is actually preferred, is to limit the size of the subject filed to a reasonable number. You can do that with following option

Format subject = 0, attribname, attribvalue, 80, 200

This shows the subject line with a width of 80 characters, but does only allow 200 characters to be entered there.

Best,
Stefan

> I found two potential memory leaks which I fixed in the git version, so you can try again.

Just tested, and it works! Many thanks for very quick patch!

> 
> Another possibility, which is actually preferred, is to limit the size of the subject filed to a reasonable number. You can do that with following 
option
> 
> Format subject = 0, attribname, attribvalue, 80, 200

Yes, that is a good suggestion, I'll implemented it.

Many thanks again!

Best,
  Stefano

> 
> This shows the subject line with a width of 80 characters, but does only allow 200 characters to be entered there.
> 
> Best,
> Stefan

Dear experts,
   I have a logbook which has authentication as follow

Authentication = LDAP, File
Password file = PASSWD.file
LDAP server = ldaps://it-ldap-XXX.XXX.XX:1636
LDAP userbase = ou=people,ou=RGY,o=XXX,c=XX
LDAP login attribute = uid
LDAP register = 0
Self register = 0
Allow password change = 0

Some of the my user (but not all) have issue in accessing this protected elogbook.
The ldap password is correct (we checked).
What I see in the log is as follow:

22-Feb-2021 11:25:51 [XXX.YYY.ZZZ.QQ] {Beam Run} LOGIN user "USERNAME" (attempt)
22-Feb-2021 11:25:59 [XXX.YYY.ZZZ.QQ] {Beam Run} LOGIN user "USERNAME" (attempt)

The user USERNAME is present in PASSWD.file.

For other user, for which the login works, I do see an (attempt) and then (success)

we tried the standard stuff: clear cache/cookies and with different browser. We also tried to remove the user from PASSWD.file and 
create it again, but nothing has worked.

Any suggestion how I can debug this problem?

Thanks in advance,
  Stefano

Dear Stefano,

the support for the LDAP is limited. As stated in the documentation "on an as-is basis".
We use the AD of our university, but I had to re-write a part of the elog auth.c to match the LDAP-tags, so this could also be a issue.

As for your question.
If some of the logins a working fine, then the other ones could have issues with the DN string, maybe...

Your 2 lines of the logfile output show 2 (attempt) directly after each other.
There should be some lines regarding LDAP in between.
I get the (attempt) and directly (success) case only for FILE authentication.

If you have left out these lines on purpose, ignore the following suggestion.
Is it possible that you have previously used FILE authentication for the users, who could login via LDAP successfully?
If yes, delete a user in passwd.file, which could successfully login via LDAP and let them login again.
This should prove, that there is no artifact from previous FILE authentication.

An other idea may be, check if the users have non-standard characters in their name, mail or password.
e.g. I had problems with german umlauts and your mail ends in it, so there could be some other special charaters.

I hope, I could help.
Best wishes,
Sebastian


> Dear experts,
>    I have a logbook which has authentication as follow
> 
> Authentication = LDAP, File
> Password file = PASSWD.file
> LDAP server = ldaps://it-ldap-XXX.XXX.XX:1636
> LDAP userbase = ou=people,ou=RGY,o=XXX,c=XX
> LDAP login attribute = uid
> LDAP register = 0
> Self register = 0
> Allow password change = 0
> 
> Some of the my user (but not all) have issue in accessing this protected elogbook.
> The ldap password is correct (we checked).
> What I see in the log is as follow:
> 
> 22-Feb-2021 11:25:51 [XXX.YYY.ZZZ.QQ] {Beam Run} LOGIN user "USERNAME" (attempt)
> 22-Feb-2021 11:25:59 [XXX.YYY.ZZZ.QQ] {Beam Run} LOGIN user "USERNAME" (attempt)
> 
> The user USERNAME is present in PASSWD.file.
> 
> For other user, for which the login works, I do see an (attempt) and then (success)
> 
> we tried the standard stuff: clear cache/cookies and with different browser. We also tried to remove the user from PASSWD.file and 
> create it again, but nothing has worked.
> 
> Any suggestion how I can debug this problem?
> 
> Thanks in advance,
>   Stefano

Hi,

It seems that ELOG does not support LDAPS but only simple LDAP connection.


Regards

Hi,

we use the LDAPS connection in our setup and it works without issues.
You have to specify "LDAP server = ldaps://server.tld:port" and normally it uses a different port (636) than insecure LDAP (389).

Best wishes,
Sebastian