Hi, 

in commit 1812e7c, specifying CFLAGS to make command in elog.spec, renders all other settings in Makefile void. That is, if I want to include any of KRB5, LDAP, PAM support, and change makefile accordingly, then when producing rpm they are not taken into account. Anyway, CFLAGS in Makefile are already set to the same defaults, so why it is redefined in spec file?

best

Janusz

Hi,

You rights, CFLAGS should not be in specfile to take care of distrib env.

Btw, I sent in the past an update for build process of Stefan delivery to generate src.rpm file copatible to tarball version. I think Stefan did not have time yet to test and to check.

With the enclosed SPEC file, you can build ELOG with options at rpmbulld command w/o modifying sources. For exemple,

rpm -i elog-.....src.rpm

rpmbuild -bb --with ssl --with pam --with ldap --with krb5 ~/rpmbuild/SPECS/elog.spec

I enclosed also the SRPMS i used for my projects. Be careful, It's maybe not uptodate of last GIT version or PSI releases... but you can test it on your RPM distrib. It should be nice to hare your feedback.

Bye,

Laurent

Our setup uses "Authentication=Webserver" + no automatic user registration. Thus, logbook admins should add a user by clicking "Config"  and then "New user". However, no matter what they fill in in the "new user " dialog, as soon as they hit "Save" an error pops up saying that their username (the admin one, not the new one) already exists. I found the following code:

int save_user_config(LOGBOOK * lbs, char *user, BOOL new_user)
{
   char file_name[256], str[256], *pl, user_enc[256], new_pwd[80], new_pwd2[80], smtp_host[256],
       email_addr[256], mail_from[256], mail_from_name[256], subject[256], mail_text[2000], str2[256],
       admin_user[80], url[256], error[2000], sid[32];
   int i, self_register, code, first_user;
   PMXML_NODE node, subnode, npwd; 

   /* if we outsourced the authentication, use external username */
   getcfg(lbs->name, "Authentication", str, sizeof(str));
   if (stristr(str, "Webserver")) {
      /* do not allow HTML in user name */
      strencode2(user_enc, http_user, sizeof(user_enc));
   } else {
      strencode2(user_enc, user, sizeof(user_enc));
   }
 

which seems to be the culprit:  the admin user is logged using his/her Webserver (http_user) credentials and this overrides anything that he/she might fill in.  If I remove the "Authentication" check then I can create a new user without problems.  So, how to fix this? should the "Authentication=Webserver" check be extended with a self/auto registration check?

Dear all,

I had some difficulty to upload large files (>20MB) with SSL connection. I think it is also related to https://elog.psi.ch/elogs/Forum/68636

During debuging, I found that, when uploading large files, ssl connection is dropped since 'SSL_read' function returns -1.

But it doesn't alway mean broken connection. It may be "SSL_ERROR_WANT_READ".

I changed the "server_loop" function in the source code to "continue" when it is SSL_ERROR_WANT_READ. And it fixed the problem.

Here is my code.

## elogd.c "server_loop" function L30031

                        if (FD_ISSET(_sock, &readfds)) {
#ifdef HAVE_SSL
                          if (_ssl_flag){
                            i = SSL_read(_ssl_con, net_buffer + len, net_buffer_size - len);
                            if(i<=0){
                              int ssl_error=SSL_get_error(_ssl_con,i);    ## check ssl error code
                              if(ssl_error==SSL_ERROR_WANT_READ||ssl_error==SSL_ERROR_WANT_WRITE) continue;    ## if ssl wants more, continue
                            }
                          }
                          else
#endif
                            i = recv(_sock, net_buffer + len, net_buffer_size - len, 0);
 

I am ignorant about networking. Some experts on ssl connection would know a better way to deal with this problem.

Best,

HyonSan Seo

Dear Stefan,

Thank you for your comment. I successfuly compiled the latest elog from source code, and now elogd could work with SSL.

In fact, I reported the case of installation with rpm file. Maybe, the latest elog rpm doesn't support SSL, I guess.
The installtion with rpm file is easier to build the common environment, so I hope the next rpm will support the SSL.

best regards,
Hisataka YOSHIDA

Hi. 

I am an IT guy of the AMS collaboration at CERN. We have been using your wonderful elog software for about 10 years now. Thanks! It served us so well that I guess we never got in touch with you. 

Recently we have upgraded it (probably for the first time in years) up to the version ELOG V3.1.4-4936b76.

Since then, we have a particular problem. And finally, I managed to reproduce it.

So, when I edit a record and click the "Submit" button it goes back to the summary view (as usual, as before) but it does not really save the entry. And it shows that the record is still being edited. I can actually click "back" in the browser and not to lose the modifications (otherwise, if I try to edit and steal the lock, it's lost). 

I will try to figure out where the problem is coming from. The most verbose mode of the elog server I've found is just GET-POST lines, not helpful. Is there a debug mode? 

Also, we ran httpd configured with the elogd as a virtual host (proxy).

Any help is very appreciated. 

Cheers, 

Andrey