| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
1606
|
Wed Jan 18 13:31:32 2006 |
 | Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.0 | Re: Problems with ELOG and Internet Explorer |
Have you tried another browser, like Firefox? Do you have the same problems with Firefox? Can you try the following:
Start elogd manually with the "-v" flag, like
elogd -c <your config path> -v -p 8080 and watch the output carefully. When you submit an entry, elogd does redirection. You will see that in the HTTP header you have an entry like
...
Location: https://...
... This location is taken from the URL statement of your config file. If it's wrong (like if you mixed http:// and https://), your browser will try to load the page from a non-existion location. |
|
1608
|
Thu Jan 19 10:31:05 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | 2.6 | Re: Buffer Overflow? |
| Chris Warner wrote: | Users can access root level directories by using a modified URL. I saw on some security web sites that this was a problem in previous versions. Was it not fixed in 2.6?
To recreate enter http://yourhost.yourdomain.com/../../../../etc/passwd
view your password file in the browser.
If this was previously reported, is there a fix?
Chris Warner |
Thanks for telling me, I didn't know. I was able to reproduce your problem under certain conditions, and I just released version 2.6.1 to fix it. However it has nothing to do with an old buffer overflow (see elog:941).
I would strongly advise everybody to upgrade as soon as possible. |
|
1610
|
Thu Jan 19 15:23:02 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | | 2.6.1 | Re: Access to global configuration in v2.6.1 |
> I just installed v.2.6.1 coming from the previous 2.6.0 (on Win2000)
> When I access the "configuration" function from a logbook, in the cfg page I only see two buttons in the header
> (save or cancel); in the previous version I saw more buttons there ("global config", "create new logbook" and so
> on), so here I'm unable to access global configuration or logbook management (except for current logbook options).
I tried to reproduce your problem, but could not. In my windows installation it looks fine. You only see the
(save and cancel) buttons only if you go to "Change [global]", otherwise you see the "Change [global]", "Delete
this logbook" etc. buttons. Have you tried with the default elogd.cfg which comes from the distribution? |
|
1612
|
Thu Jan 19 17:05:22 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | | 2.6.x | Re: settings for "show only new entries" |
| Ulrich Trüssel wrote: | how ca i set the date for the "show only new entries" button? maybe i missed somethin on the elog.cfg description?
thank's for hint!  |
That button works as follows: When you are active browsing entries, your activity is recorded (only the time) in the password file. Now when you are inactive for more than one hour, you are considered "logged out", and your last activity is taken as a filter for new entries. That means you see new entries since your last activity in the logbook. If you want to see the last day/week/month etc. you can define a quick filter on the date instead. |
|
1614
|
Thu Jan 19 20:53:01 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | | 2.6.0 | Re: In version 2.6 the themes do not work right on Windows. |
| Mark Coudriet wrote: | But I just updated to your new version 2.6.1 & everything is fine now. Thanks for your help!  |
Japp. I switched back to relative links for CSS again, seems to give less trouble.  |
|
1616
|
Sat Jan 21 14:02:57 2006 |
| Giorgio Croci Candiani | g.crocic@libero.it | Bug report | | 2.6.1 | Re: Access to global configuration in v2.6.1 |
> I tried to reproduce your problem, but could not. In my windows installation it looks fine. You only see the
> (save and cancel) buttons only if you go to "Change [global]", otherwise you see the "Change [global]", "Delete
> this logbook" etc. buttons. Have you tried with the default elogd.cfg which comes from the distribution?
Yes, I tried that. Maybe I'll have some other try on other PCs and investigate further, I'll surely let you know. Thanks
for the prompt response and compliments for your very good work! ELog is really a great piece of software. |
|
1618
|
Mon Jan 23 10:57:45 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | 2.6.1 | Re: redirect errors via apache2 |
> Since elog 2.6.0 we cannot redirect our elog via apache2.
>
> in apache2.conf we have (had for a long time):
> Redirect permanent /elog http://elog.oursite.com/elog/
> ProxyPass /elog/ http://elog.oursite.com:8080/
>
> When visiting the url, this results in:
> The proxy server received an invalid response from an upstream server.
> The proxy server could not handle the request GET /elog/myelog/.
>
> After testing we found that ELOG V2.6.0-beta2 works just fine.
> 2.6.0 stable crashes after visiting a redirected url.
>
> Running on debian sarge
Have you tried 2.6.1. I released it just recently, so I don't know when it will be available for Debian. Have you
checked that your "URL = xxx" statement in the config file is correct? I see above "myelog", while the proxy
passes requests to "elog". |
|
1619
|
Mon Jan 23 11:18:48 2006 |
| djek | djek@xs4all.nl | Bug report | Linux | 2.6.1 | Re: redirect errors via apache2 |
> > Since elog 2.6.0 we cannot redirect our elog via apache2.
> >
> > in apache2.conf we have (had for a long time):
> > Redirect permanent /elog http://elog.oursite.com/elog/
> > ProxyPass /elog/ http://elog.oursite.com:8080/
> >
> > When visiting the url, this results in:
> > The proxy server received an invalid response from an upstream server.
> > The proxy server could not handle the request GET /elog/myelog/.
> >
> > After testing we found that ELOG V2.6.0-beta2 works just fine.
> > 2.6.0 stable crashes after visiting a redirected url.
> >
> > Running on debian sarge
>
> Have you tried 2.6.1. I released it just recently, so I don't know when it will be available for Debian.
No it doesn't work with 2.6.1. I hoped it would be fixed, but I should have reported it sooner.
I compiled 2.6.1 myself.
The original version was a debian package, after that, we compile elog ourselves and copy elogd manually over the old
version. Just to stay up-to-date.
> Have you checked that your "URL = xxx" statement in the config file is correct? I see above "myelog", while the
proxy passes requests to "elog".
I changed our urls, just to be safe.
myelog is a 'sublogbook', like forum here. http://elog.oursite.com/elog/myelog
We are running V2.6.0-beta2 and it runs fine, without any alterations to our config files.
All previous versions runned fine too.
update:
After further testing on a different server, it seems to be an issue with the proxy and the proxy_http modules in sarge.
after loading and unloading proxy_http this is the error:
The proxy server received an invalid response from an upstream server. |