| Allen wrote: |
|
When we set Fix text = 1, according to the syntax, this should prevent users from modifying the text field during an edit, but it looks like it is blocking access at both time of edit and creation, meaning you can never add anything to it. Is that the intended functionality?
|
Thanks for reporting that bug. I realized that this was not working at all since a long time. I fixed it in SVN revision 2245. |
> Like many educational institutions we get "educational certificates" that are chain certificates..
>
> With apache the full certificate chain is working as expected..
>
> For elog I copied the appropriate files to server.crt and server.key
>
> Netscape 3 is happy with that setup, Internet Explorer and Opera are mentioning the open certificate chain.
>
> When I tried to copy the file known as SSLCACertificateFile in Apache to chain.crt elogd does not longer work
and
>
> openssl s_client -showcerts -connect <myserver>:<elogd_port>
>
> only shows:
>
> CONNECTED(00000003)
> 25523:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:562:
To be honest I'm not an expert on SSL. I just use following code inside ELOG to initialize the SSL connection:
SSL_CTX *init_ssl(void)
{
char str[256];
SSL_METHOD *meth;
SSL_CTX *ctx;
SSL_library_init();
SSL_load_error_strings();
meth = SSLv23_method();
ctx = SSL_CTX_new(meth);
strlcpy(str, resource_dir, sizeof(str));
strlcat(str, "ssl/server.crt", sizeof(str));
if (!file_exist(str)) {
eprintf("Cerificate file \"%s\" not found, aborting\n", str);
return NULL;
}
if (SSL_CTX_use_certificate_file(ctx, str, SSL_FILETYPE_PEM) < 0)
return NULL;
strlcpy(str, resource_dir, sizeof(str));
strlcat(str, "ssl/server.key", sizeof(str));
if (!file_exist(str)) {
eprintf("Key file \"%s\" not found, aborting\n", str);
return NULL;
}
if (SSL_CTX_use_PrivateKey_file(ctx, str, SSL_FILETYPE_PEM) < 0)
return NULL;
if (SSL_CTX_check_private_key(ctx) < 0)
return NULL;
strlcpy(str, resource_dir, sizeof(str));
strlcat(str, "ssl/chain.crt", sizeof(str));
if (file_exist(str))
SSL_CTX_use_certificate_chain_file(ctx, str);
return ctx;
}
Maybe I need something different for chain certificates, but I don't know. I just copied these calls from the
example which comes with the libssl library which I'm using. Maybe somebody has an idea how this could be
improved. Actually looking at the code I see that the 'chain.crt' file is used. If you send me your files
privately I could try them and see if I get a specific error code from the SSL library. |
| Johannes Liegl wrote: |
|
Dear Sirs,
searching for keywords regular expression becomes very long. Are there any other type easy multiple keyword search supported. For example a keyword search like keyword1 & keyword2 results in different output than a keyword search like keyword2 & keyword1. A simple keyword search like "keyword1 & keyword2 and keyword2 &keyword1 should find all documents in a database containing both keywords resulting in the same output.
|
I had this request already several times. Indeed I myself am not very happy with regular expressions. If anybody knows of any other convenient search method, together with freely available C code, I'm more than happy to include this into elog. |