| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
1615
|
Fri Jan 20 02:53:40 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Comment | Linux | 2.6 | Re: Buffer Overflow? |
| Stefan Ritt wrote: |
| Chris Warner wrote: | Users can access root level directories by using a modified URL. I saw on some security web sites that this was a problem in previous versions. Was it not fixed in 2.6?
To recreate enter http://yourhost.yourdomain.com/../../../../etc/passwd
view your password file in the browser.
If this was previously reported, is there a fix?
Chris Warner |
Thanks for telling me, I didn't know. I was able to reproduce your problem under certain conditions, and I just released version 2.6.1 to fix it. However it has nothing to do with an old buffer overflow (see elog:941).
I would strongly advise everybody to upgrade as soon as possible. |
Thanks for the quick response! |
|
1660
|
Tue Feb 7 21:02:22 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | | email problems |
When I select to get email notification on new logbook entries I receive this error when entering a new record.
Error sending Email via "xxx.xxx.xxx.xx": Syntax error, parameters in command "MAIL FROM: christopher_warner@xxx.gov SIZE=1985" unrecognized or missing
The user that sent the message was a test account that I set up. I entered the email address in the box provided and I am not sure what may be causing the difficulty.
Any thoughts as to what may be causing this? |
|
1667
|
Wed Feb 8 18:38:30 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | | Re: email problems |
The email address id correct. I am using an Elog Binary. I don't have the source code .
Chris Warner
| Stefan Ritt wrote: |
| Chris Warner wrote: | Error sending Email via "xxx.xxx.xxx.xx": Syntax error, parameters in command "MAIL FROM: christopher_warner@xxx.gov SIZE=1985" unrecognized or missing
|
There are two possible reasons:
1) The email address "christopher_warner@xxx.gov" is invalid. Some SMTP server immediately complain about invalid email addresses and refuse to send any mail then. In that case just supply an existing email address or remove that test account.
2) The SMTP server does not like the "SIZE=xxx" option. This comes from a single line in elogd.c:
snprintf(str, strsize - 1, "MAIL FROM: %s SIZE=%d\r\n", from, strlen(text));
you could just go there and remove the " SIZE=%d", so that the line looks like:
snprintf(str, strsize - 1, "MAIL FROM: %s\r\n", from);
to see if that makes any difference. |
|
|
1682
|
Fri Feb 10 21:26:33 2006 |
| Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | | Re: email problems |
Do you have an ise when that will be?
| Stefan Ritt wrote: |
| Chris Warner wrote: | | The email address id correct. I am using an Elog Binary. I don't have the source code. |
Ok, so I removed the SIZE=xxx parameter, which is not strictly necessary anyhow I believe. So wait for the next release, and you can try. |
|
|
1780
|
Fri Mar 31 22:14:38 2006 |
| Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | 2.61 | Anonymous vs user posts |
| If I have a logbook that will let both registered users Anonymous users post. I would like the author attribute to default to the value in $long_name but if the post is Anonymous display a default text string "Anonymous". Is it possible to do this? |
|
1930
|
Fri Sep 8 18:42:05 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | 2.6 | Unsubscribe from logbooks |
| Is there a way for user to unsubscribe from a logbook? Can a user delete their own account? |
|
68372
|
Thu Aug 4 14:28:18 2016 |
 | Chris Smyth | chris.smyth@comcast.net | Question | Windows | ELOG V2.7.8-229 | SSL |
How do I enable SSL with port 443 in version ELOG V2.7.8-2294 and rename from localhost?
Server is running Windows 2008
We got http://servername:8080 to work and on the network just fine..
but everytime we try to change the port to 443 in global we cant get anything with https:// working
port = 443
ssl = 1
url = https://servername
how do you customize the elog.exe or elogd for windows enviorment to listen on port 443 with specific hostname. please give an example.
Thanks...
|
|
68373
|
Thu Aug 4 16:40:14 2016 |
| Chris Smyth | chris.smyth@comcast.net | Request | Windows | Latest | Re: Sample of actual elog Config with URL in SSL |
how do I compile elogd with USE_SSL=1?
| Andreas Luedeke wrote: |
|
You normally don't need to specify "URL = xxx" at all. It is only needed if you work with a Proxy that changes the normal ELOG URL. And yes, you'll need "Port = 433" and "SSL =1".
And elogd must be compiled with USE_SSL=1, maybe that's your problem?
In addition you should buy a valid SSL certificate. Otherwise every user needs to acknowledge an exception for your invalid SSL certificate.
Cheers, Andreas
| Dawang wrote: |
|
HI Guys,
Can you please give me an idea how will I write in the config. I want my elog will be accessed via internet. Though there's a tutorial / guideline, I need an actual config file for me to easily grasp how the URL = xxx should be write. Do my port should be Port = 433 and SSL=1?
Thanks,
Raymund
|
|
|