Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 724 of 801  Not logged in ELOG logo
ID Date Icon Authordown Author Email Category OS ELOG Version Subject
  68997   Mon Aug 12 13:11:54 2019 Reply Antonio Bulgheroniantonio.bulgheroni@gmail.comQuestionWindows3.1.4Re: Unable to add entries with command line elog.exe with SSL

Any news for my problem? 

Your help is very much appreaciated! 

thanks :)

 

Antonio Bulgheroni wrote:

Dear all, 

we have a running elog installation using SSL (with the self-signed certificate). Generally we use the web interface, but we have been asked if it was possible to automatically insert elog entries via command line. 

elog.exe should be the answer and so I gave it a try.

I was trying the following command line: 

elog.exe. -h server-ip-address -p 8080 -l demo -s -v -u username password -a "Mass=0" This is a test entry

Of course server-ip-address and username / password were proper fields. 

When I was doing this from the server itself, I got the following message:

Successfully connected to host server-ip-address, port 8080
Possibly invalid certificate, continue on your own risk!

and then the entry was inserted, but when I was typing the same from any other PC I got the error message:

Successfully connected to host server-ip-address, port 8080
elogd server does not run SSL protocol

The entry is of course not added and also the server (that is running in very verbose mode) reported a

SSL_accept failed

How can I fix it?  

Thanks for helping,

Antonio

 

  68999   Wed Aug 14 18:36:17 2019 Reply Antonio Bulgheroniantonio.bulgheroni@gmail.comQuestionWindows3.1.4Re: Unable to add entries with command line elog.exe with SSL

Dear Andreas,

thanks for your message.

Here are the answers to your questions.

  • Tomorrow I will try to restart the server on port 443, at least temporary, to see if it makes any difference
  • We don't have a real certificate, but just the self-signed certificate that comes with the standard distribution of elog. Of course, I have to accept an exception when connecting from the browser. When I try to add an entry to via the command line from the server itself, I get the message Possibly invalid certificate, continue on your own risk! but it works. 
  • I hope so. This is the elog.exe that comes with the standard distribution, so I have to presume so. It is the same version that is installed on the server, where it works.

Thanks again and more tomorrow...

 

Andreas Luedeke wrote:

I am using SSL with ELOG and it works fine with the "elog" executable. I am no expert on SSL, but I can provide my two cent what you could try, maybe it helps:

  • SSL desires to run on the port 443 - I have no idea if you can force it to run on an arbitrary port, it might be possible. But does it make sense?
  • Certificates are checked against the provider of the certificate. I guess this works fine from your web browser? Or did you just add a security exception?
  • Has the installed "elog.exe" been compiled with SSL support on?
Antonio Bulgheroni wrote:

Any news for my problem? 

Your help is very much appreaciated! 

thanks :)

 

Antonio Bulgheroni wrote:

Dear all, 

we have a running elog installation using SSL (with the self-signed certificate). Generally we use the web interface, but we have been asked if it was possible to automatically insert elog entries via command line. 

elog.exe should be the answer and so I gave it a try.

I was trying the following command line: 

elog.exe. -h server-ip-address -p 8080 -l demo -s -v -u username password -a "Mass=0" This is a test entry

Of course server-ip-address and username / password were proper fields. 

When I was doing this from the server itself, I got the following message:

Successfully connected to host server-ip-address, port 8080
Possibly invalid certificate, continue on your own risk!

and then the entry was inserted, but when I was typing the same from any other PC I got the error message:

Successfully connected to host server-ip-address, port 8080
elogd server does not run SSL protocol

The entry is of course not added and also the server (that is running in very verbose mode) reported a

SSL_accept failed

How can I fix it?  

Thanks for helping,

Antonio

 

 

 

  Draft   Thu Aug 15 09:45:37 2019 Reply Antonio Bulgheroniantonio.bulgheroni@gmail.comQuestionWindows3.1.4Re: Unable to add entries with command line elog.exe with SSL

As promised, here is the results of the additional debugging. 

 

Changing to port 443 doesn't help. I keep having exactly the same behaviour, it is to say: 

  • from the server itself I get 

 

Antonio Bulgheroni wrote:

Dear Andreas,

thanks for your message.

Here are the answers to your questions.

  • Tomorrow I will try to restart the server on port 443, at least temporary, to see if it makes any difference
  • We don't have a real certificate, but just the self-signed certificate that comes with the standard distribution of elog. Of course, I have to accept an exception when connecting from the browser. When I try to add an entry to via the command line from the server itself, I get the message Possibly invalid certificate, continue on your own risk! but it works. 
  • I hope so. This is the elog.exe that comes with the standard distribution, so I have to presume so. It is the same version that is installed on the server, where it works.

Thanks again and more tomorrow...

 

Andreas Luedeke wrote:

I am using SSL with ELOG and it works fine with the "elog" executable. I am no expert on SSL, but I can provide my two cent what you could try, maybe it helps:

  • SSL desires to run on the port 443 - I have no idea if you can force it to run on an arbitrary port, it might be possible. But does it make sense?
  • Certificates are checked against the provider of the certificate. I guess this works fine from your web browser? Or did you just add a security exception?
  • Has the installed "elog.exe" been compiled with SSL support on?
Antonio Bulgheroni wrote:

Any news for my problem? 

Your help is very much appreaciated! 

thanks :)

 

Antonio Bulgheroni wrote:

Dear all, 

we have a running elog installation using SSL (with the self-signed certificate). Generally we use the web interface, but we have been asked if it was possible to automatically insert elog entries via command line. 

elog.exe should be the answer and so I gave it a try.

I was trying the following command line: 

elog.exe. -h server-ip-address -p 8080 -l demo -s -v -u username password -a "Mass=0" This is a test entry

Of course server-ip-address and username / password were proper fields. 

When I was doing this from the server itself, I got the following message:

Successfully connected to host server-ip-address, port 8080
Possibly invalid certificate, continue on your own risk!

and then the entry was inserted, but when I was typing the same from any other PC I got the error message:

Successfully connected to host server-ip-address, port 8080
elogd server does not run SSL protocol

The entry is of course not added and also the server (that is running in very verbose mode) reported a

SSL_accept failed

How can I fix it?  

Thanks for helping,

Antonio

 

 

 

 

  69002   Thu Aug 15 19:00:12 2019 Reply Antonio Bulgheroniantonio.bulgheroni@gmail.comQuestionWindows3.1.4Re: Unable to add entries with command line elog.exe with SSL

So as promised, I add some more information. 

Unfortunately changing the port where the server is listening did not make any change. The situation is still the same. If I try directly from the server, I get a warning about the fake certificate and if I do it from elsewhere, I get the error that the server is not running SSL. 

I had a look at the source code of elog.c and found the point where the error is produced. in order to produce this message, the ssl_connect should be returning -1 and this is only possible in two cases: 

   if (SSL_connect(*ssl_con) <= 0)
      return -1;
   
   cert = SSL_get_peer_certificate(*ssl_con);
   if (cert == NULL)
      return -1;

So, in the first case, it means that the SSL connection failed completly. In the second case, the peer certificate is invalid. 

Is it possible to discriminate between the two, for example changing the return value? Unfortunately I don't have a windows computer with development tools. So it would be great if you could prepare an executable for me with this small change. 

Thanks in advance for your help,

cheers,

 

  69515   Wed Apr 20 14:19:08 2022 Question Antonio Bulgheroniantonio.bulgheroni@gmail.comRequestWindows3.1.4Dynamic substitution with date

Dear all, 

I would need your help with an incremental index with date information.

I want to have an incremental number made by the last two digits of the year, the two digits of the month and an incremental four digits number. 

Subst Number = %y%m####

The problem is that I don't want to have the incremental number reset to zero every new month, but rather only once a year. Is it something like this possible? 

Thanks for your help! 

toto

 

  69525   Thu May 5 11:14:20 2022 Question Antonio Bulgheroniantonio.bulgheroni@gmail.comQuestionWindows3.1.4elog root path

Dear all, 

I have a question for you. On my elog server I have plenty of images not included in any logbook entry, but that nevertheless I would the user to have access to that via the browser. In order words, I would like to have a link like this https://myelog/my_pics_folder/my_pic.png

I have realized that if I put my_pics_folder in the script folder, then it works as I wanted, but I strongly doubt this is the right position. If I put in the resources folder, it is not found and the elogd displays a message saying that my_pics_folder is not a valid logbook.

Do you have any suggestions for this problem? 

 

Thanks in advance and enjoy your day!

toto

  69571   Wed Oct 19 14:19:39 2022 Question Antonio Bulgheroniantonio.bulgheroni@gmail.comBug reportWindows3.1.4Duplicating attachments when editing an entry via command line elog.exe

Hi there! 

I have noticed this effect when editing entries with the command line elog.exe.

Let's say I submit a new entry via the command line and I'm also submitting an attachment file. If I check the elog entry via the browser I see my entry there with its attachment as expected. The attachment is also present on the server in the logbook folder with the date and time stamp in front of the original name. 

Now, let's say I would like to edit the same entry via the command line, if I don't pass the attachment, the edited entry won't show any attachment in the browser but on the server there is still the old attachment file available. 

A similar situation is when I edit an entry and I want the edited entry to have the same attachment file of the original one. In that case, the entry on the browser will show the attachment, but on the server I have two copies of the attachment file with the two timestamps (original submission and edited submission). Moreover the first copy is unreachable from any client because not linked to any entry anymore.

In general I would not care much, but I have an application that is regularly updating entries and I will soon have the server hard disk full of useless copies of unlinked attachment. 

I have seen that when deleting an entry, also all its attachments are removed. Would it be possible to have attachments removed when editing an entries? 

Thanks for your help! 

Cheers,

toto

 

  69573   Thu Oct 20 08:37:23 2022 Reply Antonio Bulgheroniantonio.bulgheroni@gmail.comQuestionWindows3.1.4Re: UNC Pfade

I'm running ELOG on a windows server 2016. Just installed the windows installer and worked out of the box. 

Have you checked the firewall?

Michael wrote:

So there is no way to save the file on the network?! :(

Can i install the elog on a windows server? i tried it yesterday, but i think i missed something, couse i only could open the elog on the server and not with a client pc.

Stefan Ritt wrote:

UNCs are not officially supported by elog, but your operating system might map them if you're lucky, just try. It is however not recommended to do so, since network drives can sometimes be slow during network congestion and the response of elog will then suffer.

Stefan

Michael wrote:

Hallo,

gibt es eine Möglichkeit das subdir auf ein Netzlaufwerk zu legen?

\\server\freigabe\...

Der Freigabepfad wird leider immer unter C:\... angelegt

Vielen Dank

 

 

 

ELOG V3.1.5-3fb85fa6