There was some sloppiness in the original patch--__USE_XOPEN wasn't defined, but worked when elog wasn't compiled alone. Now the appropriate ifndef/define statements are in elog.c
I have attached a possible patch--basically pirated from elogd.c Because strlcpy needed for the crypt cares about size, do_crypt needed the size, which had not been a concern for base64_encode in elog.c As a result, base64_encode changed slightly as well. I think the implementation places a limit of 32 characters on passwords, which seemed to already be the limit in elogd.c The elog.c limit appeared to be 80 characters. I tested both SSL and SSL+CRYPT for commandline elog entries with both a logbook specific write password as well as username/password combo in a password file.
AJC
I am in the process of setting up a new ELOG logbook. I checked out rev2280 from svn.savannah.psi.ch. I knew I wanted to encrypt passwords, so when I compiled, I used flags
USE_SSL=1
and
USE_CRYPT=1
I am running Red Hat enterprise linux 3, glibc-devel-2.3.2-95.50, openssl-devel-0.9.7a-33.25
Everything seemed to be working fine--I was able to set up logbooks using both a password file as well as write passwords and make entries to the logs. Then I tried to use the command line 'elog' to make an entry which failed to both logbooks.
/opt/elog/pro/elogd -c /opt/elog/pro/dansce_fancy.cfg -l Demo1 -w <mypassword>
Would change the password in dansce_fancy.cfg and I could make entries through the web interface, but
elog -h acouture -s -p 8081 -w <mypassword> -l Demo1 -a Author="Aaron Couture" -a Type=Routine -m Sampleinfo.txt -x -n 1
failed with
Error: Invalid user name or password
I got the same behaviour when I used a logbook with a user/password pair defined in a password file.
When I looked at the output from running elogd with the -v flag, I could see that everything was being received on the server side, but that the password did not agree with the write password in dansce_fancy.cfg
I then recompiled elog with
USE_SSL=1
USE_CRYPT=
And then the elog command line entries worked, both with write passwords and a password file (after recreating the password file and the write password). Looking at the elog.c source code, it appears that it does not know to use crypt rather then base64_encode when USE_CRYPT is true. elogd.c defined different behaviour if USE_CRYPT is defined.
Thanks,
Aaron Couture
|