Something is not right with the elog account activation, I get the email
for "Registration request for ELOG logbook "haicu"", but when I follow the given URL,
I get "Invalid activation code". Account activation requests go to two people,
so maybe the other one already activate this user, in which case I expect a message "user already active".
When I check the elog config, I see that the user indeed is already active. And if I rerun
this URL I still get "Invalid activation code", and this time I definitely expect "user already active".

https://daq00.triumf.ca/elog-haicu/haicu/?cmd=Activate&new_user_name=fujiwara&code=-1904103410&unm=Olchansk

K.O.

Hi Stefan,

I've seen that ELOG is build now with gcc-c++ now, so i tried to check rpmbuild script with all options. It seems that ldap api is different with c++ (quick search : https://www.openldap.org/lists/openldap-software/200706/msg00177.html) and elogd can not been build anymore with ldap support. :-(

# make
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -DHAVE_PAM -c -o mxml.o mxml/mxml.cxx
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -DHAVE_PAM -w -c -o crypt.o src/crypt.cxx
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -DHAVE_PAM -c -o strlcpy.o mxml/strlcpy.cxx
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -DHAVE_PAM -o elog src/elog.cxx mxml.o crypt.o strlcpy.o -lssl -lkrb5 -lldap -llber -lpam -llber
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -DHAVE_KRB5 -DHAVE_LDAP -DHAVE_PAM -w -c -o auth.o src/auth.cxx
src/auth.cxx: In function ‘int auth_verify_password_ldap(LOGBOOK*, const char*, const char*, char*, int)’:
src/auth.cxx:283:60: erreur: ‘ldap_simple_bind_s’ was not declared in this scope
    bind = ldap_simple_bind_s(ldap_ld, ldap_bindDN, password);
                                                            ^
src/auth.cxx:290:26: erreur: ‘ldap_unbind’ was not declared in this scope
       ldap_unbind(ldap_ld);
                          ^
src/auth.cxx:295:23: erreur: ‘ldap_unbind’ was not declared in this scope
    ldap_unbind(ldap_ld);
                       ^
src/auth.cxx: In function ‘int ldap_adduser_file(LOGBOOK*, const char*, const char*, char*, int)’:
src/auth.cxx:323:60: erreur: ‘ldap_simple_bind_s’ was not declared in this scope
    bind = ldap_simple_bind_s(ldap_ld, ldap_bindDN, password);
                                                            ^
src/auth.cxx:330:26: erreur: ‘ldap_unbind’ was not declared in this scope
       ldap_unbind(ldap_ld);
                          ^
src/auth.cxx:358:26: erreur: ‘ldap_unbind’ was not declared in this scope
       ldap_unbind(ldap_ld);
                          ^
src/auth.cxx:369:62: erreur: ‘ldap_get_values’ was not declared in this scope
          if((values = ldap_get_values(ldap_ld,entry,attribute)) != NULL ) {
                                                              ^
src/auth.cxx:378:35: erreur: ‘ldap_value_free’ was not declared in this scope
             ldap_value_free(values);
                                   ^
src/auth.cxx:386:23: erreur: ‘ldap_unbind’ was not declared in this scope
    ldap_unbind(ldap_ld);
                       ^
src/auth.cxx: In function ‘int elog_conv(int, const pam_message**, pam_response**, void*)’:
src/auth.cxx:451:59: erreur: invalid conversion from ‘void*’ to ‘pam_response*’ [-fpermissive]
    if((*resp = calloc(num_msg, sizeof(struct pam_response))) == NULL)
                                                           ^
src/auth.cxx:456:33: erreur: invalid conversion from ‘void*’ to ‘const char*’ [-fpermissive]
    if(!(resptok = strdup(my_data))) {
                                 ^
In file included from src/elogd.h:46:0,
                 from src/auth.cxx:30:
/usr/include/string.h:172:14: erreur:   initializing argument 1 of ‘char* strdup(const char*)’ [-fpermissive]
 extern char *strdup (const char *__s)
              ^
src/auth.cxx: In function ‘int auth_verify_password(LOGBOOK*, const char*, const char*, char*, int)’:
src/auth.cxx:593:73: erreur: invalid conversion from ‘const char*’ to ‘char*’ [-fpermissive]
          if (get_user_line(lbs, user, NULL, NULL, NULL, NULL, NULL, NULL) == 2) {
                                                                         ^
In file included from src/auth.cxx:30:0:
src/elogd.h:282:5: erreur:   initializing argument 2 of ‘int get_user_line(LOGBOOK*, char*, char*, char*, char*, BOOL*, time_t*, int*)’ [-fpermissive]
 int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
     ^
make: *** [auth.o] Erreur 1
 

Regards,

Laurent

> I fixed these as well, please have a look again. BTW, midas had a few of these as well.

confirmed. elog commit d828aa58305ee8ce2ae882c0ff3c34cfa66650e5

K.O.

I fixed these as well, please have a look again. BTW, midas had a few of these as well.

Stefan

> Well, I bit the bullet and fixed all of these warnings. Took me like two days of work, but now should be fine.
> You might want to test it again.

Done. Only 2 sprintf() overruns remain, see below.

> I only have gcc 9.2.0, there it compiles now without warning.

Ubuntu LTS 20.04 is GCC 9.3.0. (And incoming Debian-11 based Ubuntu LTS 22.04 likely to be GCC 10.something).

If you do not have access, I can create an account for you on daq00.triumf.ca.

daq00:elog$ make
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -c -o mxml.o 
mxml/mxml.cxx
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -w -c -o crypt.o 
src/crypt.cxx
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -c -o strlcpy.o 
mxml/strlcpy.cxx
type git &> /dev/null; if [ $? -eq 1 ]; then REV="unknown" ;else REV=`git log -n 1 --pretty=format:"%ad - %h"`; fi; echo \#define 
GIT_REVISION \"$REV\" > src/git-revision.h
git is /usr/bin/git
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -o elog 
src/elog.cxx mxml.o crypt.o strlcpy.o -lssl
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -w -c -o auth.o 
src/auth.cxx
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -o elogd 
src/elogd.cxx auth.o mxml.o crypt.o strlcpy.o -lssl
src/elogd.cxx: In function ‘void show_elog_list(LOGBOOK*, int, int, int, BOOL, char*)’:
src/elogd.cxx:21676:42: warning: ‘%s’ directive writing up to 149999 bytes into a region of size 1588 [-Wformat-overflow=]
21676 |                sprintf(str, "Time format %s", attr_list[i]);
      |                                          ^~
In file included from /usr/include/stdio.h:867,
                 from src/elogd.h:42,
                 from src/elogd.cxx:38:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:36:34: note: ‘__builtin___sprintf_chk’ output between 13 and 150012 bytes into a destination 
of size 1600
   36 |   return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
      |          ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   37 |       __bos (__s), __fmt, __va_arg_pack ());
      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/elogd.cxx:21660:42: warning: ‘%s’ directive writing up to 149999 bytes into a region of size 1588 [-Wformat-overflow=]
21660 |                sprintf(str, "Date format %s", attr_list[i]);
      |                                          ^~
In file included from /usr/include/stdio.h:867,
                 from src/elogd.h:42,
                 from src/elogd.cxx:38:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:36:34: note: ‘__builtin___sprintf_chk’ output between 13 and 150012 bytes into a destination 
of size 1600
   36 |   return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
      |          ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   37 |       __bos (__s), __fmt, __va_arg_pack ());
      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
c++ -O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Wno-unused-result -Imxml -DHAVE_SSL -o elconv 
src/elconv.cxx -lssl



daq00:elog$ gcc -v
gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04) 

Well, I bit the bullet and fixed all of these warnings. Took me like two days of work, but now should be fine. You might want to test it again. I only have gcc 9.2.0, there it compiles now without warning.

Stefan

Recently I have had problems with ELOG not accepting the certificates (in this case from https://letsencrypt.org/) probably due to the old version of the SSL library of the binary distribution for Windows.
I have tried to follow the instructions to set up ELOG to work with Apache but they are probably old.
I have a simple solution for the Apache installation of XAMPP, the example is for two separate logbooks using each its own ELOG service on the same server:

1. I have set up the two ELOG to run as http://my.server.example.com:8080/ and as http://my.server.example.com:8081/

2. in c:\xampp\apache\conf\httpd.conf I have enabled the following (I am not sure if all the modules are really needed but this works for me):

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule headers_module modules/mod_headers.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule xml2enc_module modules/mod_xml2enc.so

3. still in c:\xampp\apache\conf\httpd.conf, at the very end of the file I added the following:

ProxyRequests off

Redirect permanent /app1 https://my.server.example.com/app1/
ProxyPass /app1/ http://my.server.example.com:8080/
ProxyHTMLURLMap http://my.server.example.com:8080 /app1

Redirect permanent /app2 https://my.server.example.com/app2/
ProxyPass /app2/ http://my.server.example.com:8081/
ProxyHTMLURLMap http://my.server.example.com:8081 /app2

This way I can now connect to the two ELOG using https://my.server.example.com/app1/ and https://my.server.example.com/app2/ without troubles and no additional setting to either the configuration files of ELOG nor any need for virtual hosts, ...

I hope this might be of use.

Thanks for your patch, I committed it.

Stefan