Hello, the following URL

https://foo.bar/elog/Shift+Reports/?new_user_name=a2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.com&new_full_name=a2seferewd%40fanneat.com&new_user_email=a2seferewd%40fanneat.com&newpwd=asdf&newpwd2=asdf&cmd=Save

causes elog 3.1.4 to crash. I attach full GDB trace

(gdb) set height 0
(gdb) set print elements 0
(gdb) set print frame-arguments all
(gdb) thread apply all backtrace

Thread 1 (Thread 0x7fc6d1624840 (LWP 1126)):
#0  0x00007fc6d06c6387 in raise () from /lib64/libc.so.6
#1  0x00007fc6d06c7a78 in abort () from /lib64/libc.so.6
#2  0x00007fc6d0708f67 in __libc_message () from /lib64/libc.so.6
#3  0x00007fc6d07a87a7 in __fortify_fail () from /lib64/libc.so.6
#4  0x00007fc6d07a6922 in __chk_fail () from /lib64/libc.so.6
#5  0x00007fc6d07a5e2b in _IO_str_chk_overflow () from /lib64/libc.so.6
#6  0x00007fc6d070d031 in __GI__IO_default_xsputn () from /lib64/libc.so.6
#7  0x00007fc6d06dd033 in vfprintf () from /lib64/libc.so.6
#8  0x00007fc6d07a5eb8 in __vsprintf_chk () from /lib64/libc.so.6
#9  0x00007fc6d07a5e0d in __sprintf_chk () from /lib64/libc.so.6
#10 0x0000000000423b5b in sprintf (__fmt=<optimized out>, __s=<optimized out>) at /usr/include/bits/stdio2.h:33
#11 get_user_line (lbs=<optimized out>, lbs@entry=0x2833748, 
    user=user@entry=0x7fffc84d0780 "a2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.combasar", password=password@entry=0x0, full_name=full_name@entry=0x0, email=email@entry=0x0, email_notify=email_notify@entry=0x0, 
    last_logout=last_logout@entry=0x0, inactive=inactive@entry=0x0) at src/elogd.c:25739
#12 0x0000000000433d0a in save_user_config (lbs=lbs@entry=0x2833748, 
    user=0x7704fc <_value+1500> "a2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.com", new_user=new_user@entry=1) at src/elogd.c:13343
#13 0x0000000000456068 in do_self_register (lbs=0x2833748, command=0x7fffc84d2650 "Save") at src/elogd.c:26768
#14 0x000000000045c1f7 in interprete (lbook=lbook@entry=0x7fffc84f92f0 "Shift Reports", path=path@entry=0x7fffc84d4430 "") at src/elogd.c:27594
#15 0x000000000045ecc6 in decode_get (logbook=logbook@entry=0x7fffc84f92f0 "Shift Reports", string=<optimized out>) at src/elogd.c:28393
#16 0x0000000000460970 in process_http_request (request=<optimized out>, 
    request@entry=0x284bee8 "GET /Shift+Reports/?new_user_name=a2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.com&new_full_name=a2seferewd%40fanneat.com&new_user_email=a2seferewd%40fanneat.com&newpwd=asdf&newpwd2=asdf&cmd=Save", i_conn=i_conn@entry=1) at src/elogd.c:29201
#17 0x00000000004623d2 in server_loop () at src/elogd.c:30212
#18 0x0000000000404209 in main (argc=8, argv=0x7fffc84fb6c8) at src/elogd.c:3123

I added a user name validation in the current version.

Stefan

Dear All,

Just want to come back to this issue I faced.

In the config file, I call an html form to format input. The way I call the html file inside my config file is described below.

My point is, even if I am already logged in, each time I try to submit an html form, it sais I am not logged in ...

please refer to the corresponding form to see the screenshots.

Many thanks

Hayg

------->

that is strange since I logged in ... 

It seems like when I go in the shift check topic in the elog, it does not get my login id ... is there something coming from the HTML file that should be set in order to get the login from elog ?

see in the attached image : I am logged in but I still need to feed the Author item. And even If I fill it, 

And then if I Click on new to write a new filling form, author is not filled as you could see on the second image "Author ?"  ...

so I don' see from where appears the problem

When you log in manually to a logbook, a session ID is created and stored in a cookie "sid". On your shift check list you need some code to copy this session ID into your current form. In the code form 2010, I used "unm" and "upwd", but this was removed since it's not safe. So now you need somethign like:

<input type="hidden" name="sid" id="sid">

and

document.getElementById('sid').value = get_cookie('sid');

in your init code.

I haven't tried that in the past 12 years so no guarantee that it should work.

Stefan

I think this is a bug report. 
However, I am not sure whether the problem is in the new version of Apple's WebKit (15.4) or in the ELOG itself.

When we edit an ELOG record with Safari (as of version 15.4, new WebKit features added) the number of "newline" symbols (actually LF, 0xA) are doubled.

So, for instance, if I edit the following page (1 LF symbol between "aaa" and "bbb"):
```
aaa
bbb
```

then after a "Submit" (without actually any changes) the record becomes (2 LF symbols):

```
aaa

bbb
```

then after a "Submit" (without actually any changes) the record becomes (4 LF symbols in between):
```
aaa



bbb
```

NOTE: The LF symbol at the end (after the "bbb" line) does NOT get duplicated (it gets truncated, I believe).


Our current ELOG version is "ELOG V3.1.4-4936b76".
Could you please have a look? 

I have just setup a new ELOG server on another machine. I took the latest source code from here: http://elog.psi.ch/elog/download/tar/elog-latest.tar.gz. Compiled it and ran. 
Still the same problem with Safari.

see https://elog.psi.ch/elogs/Forum/69594

I added a reply to my previous post about this issue (a few months ago) to point to the solution, but ELOG moved it to the top of the forum. 
And I cannot delete this now, because I change my user name from "Andrey" to "Andrey Pashnin" :)

"Only user Andrey can delete this entry"

Hi,

I use some CSS for each elog to resize column correcly and it seems that current ELOG version 3.14 available from EPEL for EL7 has a problem (maybe others also).

The browser console displays an error when loading ELOG logbook page (french locale ):

La feuille de style https:/xxxxx.xxx.xx/elog/MCO/1130_171749_REUNION_20221130_Q01.jpgelog-mco.css n’a pas été chargée car son type MIME, « text/html », n’est pas « text/css ».

It seems ELOG server send the css link with enclosure path (https:/xxxxx.xxx.xx/elog/MCO/1130_171749_REUNION_20221130_Q01.jpg) + css file (elog-mco.css) ?!?

I tryed to rebuild the last source from git under EL7 but it fails with LDAP libs (C++ regression already reported in elog:forum/69478). :-(

Thanks for help.

Laurent

Update : i tryed with last git, w/o ldap support and it seems the problem is solved with CCS URL on same machine (just replace the elogd binary from EPEL by new one just build w/o LDAP support and fallback on File to login for testing).

So my problem is the error during build with LDAP auth (since using C++) :-(

...

+ cd elog-3-14
+ make USE_SSL=1 USE_LDAP=1 USE_KRB5=1 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml'
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -c -o mxml.o mxml/mxml.cxx
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -w -c -o crypt.o src/crypt.cxx
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -c -o strlcpy.o mxml/strlcpy.cxx
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -o elog src/elog.cxx mxml.o crypt.o strlcpy.o -lssl -lkrb5 -lldap -llber
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -w -c -o auth.o src/auth.cxx
src/auth.cxx: In function 'int auth_verify_password_ldap(LOGBOOK*, const char*, const char*, char*, int)':
src/auth.cxx:283:60: error: 'ldap_simple_bind_s' was not declared in this scope
    bind = ldap_simple_bind_s(ldap_ld, ldap_bindDN, password);
                                                            ^
src/auth.cxx:290:26: error: 'ldap_unbind' was not declared in this scope
       ldap_unbind(ldap_ld);
                          ^
src/auth.cxx:295:23: error: 'ldap_unbind' was not declared in this scope
    ldap_unbind(ldap_ld);
                       ^
src/auth.cxx: In function 'int ldap_adduser_file(LOGBOOK*, const char*, const char*, char*, int)':
src/auth.cxx:323:60: error: 'ldap_simple_bind_s' was not declared in this scope
    bind = ldap_simple_bind_s(ldap_ld, ldap_bindDN, password);
                                                            ^
src/auth.cxx:330:26: error: 'ldap_unbind' was not declared in this scope
       ldap_unbind(ldap_ld);
                          ^
src/auth.cxx:358:26: error: 'ldap_unbind' was not declared in this scope
       ldap_unbind(ldap_ld);
                          ^
src/auth.cxx:369:62: error: 'ldap_get_values' was not declared in this scope
          if((values = ldap_get_values(ldap_ld,entry,attribute)) != NULL ) {
                                                              ^
src/auth.cxx:378:35: error: 'ldap_value_free' was not declared in this scope
             ldap_value_free(values);
                                   ^
src/auth.cxx:386:23: error: 'ldap_unbind' was not declared in this scope
    ldap_unbind(ldap_ld);
                       ^
src/auth.cxx: In function 'int auth_verify_password(LOGBOOK*, const char*, const char*, char*, int)':
src/auth.cxx:593:73: error: invalid conversion from 'const char*' to 'char*' [-fpermissive]
          if (get_user_line(lbs, user, NULL, NULL, NULL, NULL, NULL, NULL) == 2) {
                                                                         ^
In file included from src/auth.cxx:30:0:
src/elogd.h:282:5: error:   initializing argument 2 of 'int get_user_line(LOGBOOK*, char*, char*, char*, char*, BOOL*, time_t*, int*)' [-fpermissive]
 int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
     ^
make: *** [auth.o] Error 1
error: Bad exit status from /home/il/jeanrigaudl/rpmbuild/tmp/rpm-tmp.cKJL45 (%build)

Updated :

1. from google (https://www.openldap.org/lists/openldap-technical/201104/msg00030.html), it seems it's necessary to add before "#include ldap.h" in src/auth.cxx

#define LDAP_DEPRECATED 1

2. A cast must be added to src/auth.cxx:593 as already done somewhere with C++ commit :

         if (get_user_line(lbs, (char *) user, NULL, NULL, NULL, NULL, NULL, NULL) == 2) {
 

-> elogd builds now with ldap :-) .

I installed elogd binary and i could login and the css url problem is gone.

Thanks to update auth.cxx (2 mods) and buildrpm (2 mods) in git (sorry, no pull request).

NB : PAM can not be activated under EL7 with same type of error. I disabled the feature as i do not use it.

+ cd elog-3-14
+ make USE_SSL=1 USE_PAM=1 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml'
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_PAM -c -o mxml.o mxml/mxml.cxx
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_PAM -w -c -o crypt.o src/crypt.cxx
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_PAM -c -o strlcpy.o mxml/strlcpy.cxx
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_PAM -o elog src/elog.cxx mxml.o crypt.o strlcpy.o -lssl -lpam -llber
c++ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_PAM -w -c -o auth.o src/auth.cxx
src/auth.cxx: In function 'int elog_conv(int, const pam_message**, pam_response**, void*)':
src/auth.cxx:452:59: error: invalid conversion from 'void*' to 'pam_response*' [-fpermissive]
    if((*resp = calloc(num_msg, sizeof(struct pam_response))) == NULL)
                                                           ^
src/auth.cxx:457:33: error: invalid conversion from 'void*' to 'const char*' [-fpermissive]
    if(!(resptok = strdup(my_data))) {
                                 ^
In file included from src/elogd.h:46:0,
                 from src/auth.cxx:30:
/usr/include/string.h:172:14: error:   initializing argument 1 of 'char* strdup(const char*)' [-fpermissive]
 extern char *strdup (const char *__s)
              ^
make: *** [auth.o] Error 1
error: Bad exit status from /home/il/jeanrigaudl/rpmbuild/tmp/rpm-tmp.V2LE4L (%build)
 

> elogd binary from EPEL

thank you for bringing this up to our attention. we recently went through this with debian and ubuntu. the elog package was severely out of date and 
did not include the security patches that went it right before covid started in the Winter of 2020.

the elogd package in EPEL7 is insecure and should not be used. (I see it is removed from EPEL8, EPEL9 and current Fedora).

I will have to contact EPEL maintainers to have it removed from EPEL7 (or at least to have it marked as "insecure, do not use").

https://dl.fedoraproject.org/pub/epel/7/SRPMS/Packages/e/elog-3.1.4-1.20190113git283534d97d5a.el7.src.rpm

https://packages.fedoraproject.org/pkgs/elog/elog/
https://packages.fedoraproject.org/pkgs/elog/elog/fedora-35.html
https://packages.fedoraproject.org/pkgs/elog/elog/epel-7.html

note in the changelog "Update to post-release snapshot of 3.1.4. - Fix several security issues."

K.O.

> > elogd binary from EPEL
> 
> thank you for bringing this up to our attention. we recently went through this with debian and ubuntu. the elog package was severely out of date and 
> did not include the security patches that went it right before covid started in the Winter of 2020.
> 
> the elogd package in EPEL7 is insecure and should not be used. (I see it is removed from EPEL8, EPEL9 and current Fedora).
> 
> I will have to contact EPEL maintainers to have it removed from EPEL7 (or at least to have it marked as "insecure, do not use").
> 
> https://dl.fedoraproject.org/pub/epel/7/SRPMS/Packages/e/elog-3.1.4-1.20190113git283534d97d5a.el7.src.rpm
> 
> https://packages.fedoraproject.org/pkgs/elog/elog/
> https://packages.fedoraproject.org/pkgs/elog/elog/fedora-35.html
> https://packages.fedoraproject.org/pkgs/elog/elog/epel-7.html
> 
> note in the changelog "Update to post-release snapshot of 3.1.4. - Fix several security issues."
> 
> K.O.


Good day, elog has never been retired in EPEL 7. It is still there
https://src.fedoraproject.org/rpms/elog/tree/epel7

I am pretty sure because I am a Fedora/RHEL package maintainer and a retired package should contain in its Git branch only a file named "dead.package"

Hi Stefan,

It seems buildrpm should be updated to take care of cpp files. Plz replace "cp <blahblah>.c ..." by "cp <blahblah>.cxx ..." .

Also, uncomment the hostname test witch activates all authentification options by default. It should be done by adding options as follow : buildrpm ver rel -ldap -ker ...

By default, i can not build elog with LDAP.

After that mods, rpms are builded under EL7 (w/o LDAP support which is not useful for me).

Bye

Laurent

We use our instance of ELOG as a operations log so that newest events are sorted at the top.

Sometimes we are also up front informed about planned maintenance, and i would be nice to could "pin" them at the top - before the sorting, so that operatores could have them in mind when starting a new shift. Have anyone found a way to solve this?

Kind Regards Finn

The way to do this is to ensure that the date of the entry is in the future.  As a hard -core linux (ab)user of elog, I create an entry, then dive into the yymmdda.log files, and edit it so that the date at the top of the entry is, for example, Sat, 31 Dec 2022 23:59:59.  Then, that entry will remain at the top of the listings until the New Year.  I do this very thing for the very same reason, i.e. to keep one entry at the top of the listings until after a certain date.

It may be that if you have "date of entry" field and sort by that, you could set the date of entry in the future.  I've not tried that.

The same effect could be done by adjusting the computer/server's date to the future, make the entry and then reset back to the present, but that may well be unpopular and impractical.  On a single computer, I have done this, although I then changed to editing the yymmdda.log file directly.

Dear All,

we are trying to post from an HTML form, as included in our config file :

[ShiftCheck]
Comment = Shift Check List (exemple a modifier)
Attributes = Author, D, M, Y, Shift, LasE, LasIris, Q, E, Li, TL, RI
Quick filter = Shift, Author
Options Shift = Morning, Evening, Night

Enable attachments = 0
Show text = 1
Custom new form = /www/Web/htdocs/elog/sites/THOMX/shiftcheck.html
Custom edit form =  /www/Web/htdocs/elog/sites/THOMX/shiftcheck.html
Custom display form =  /www/Web/htdocs/elog/sites/THOMX/shiftcheck.html

we are facing the following problem when trying to submit :

--> Error: Command "Submit" not allowed

is there something missing in our config file ?

Many thanks in advance

Probably people have to log in to the logbook before opening the form. I guess the "submit not allowed" comes from the fact that they access the logbook as a guest.

Stefan

Dear Stefan,

that is strange since I logged in ... 

It seems like when I go in the shift check topic in the elog, it does not get my login id ... is there something coming from the HTML file that should be set in order to get the login from elog ?

see in the attached image : I am logged in but I still need to feed the Author item. And even If I fill it, 

And then if I Click on new to write a new filling form, author is not filled as you could see on the second image "Author ?"  ...

so I don' see from where appears the problem

Is it possible to have within elog (defined in password file?) a user group so that only those members of a group have certain elements visible?