| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
69696
|
Mon Sep 18 14:38:30 2023 |
 | Stefan Ritt | stefan.ritt@psi.ch | Bug report | Other | latest | Re: update elog downloads page | Thanks for the reminder, I updated the download instructions. |
|
69697
|
Tue Sep 19 10:58:14 2023 |
| Heinz Junkes | junkes@fhi-berlin.mpg.de | Bug report | Linux | elogd 3.1.4 | Re: elog server crashed due to cookies send by client | The server is crached because the author field was accidentally filled with a long string due to an automated (remote) script:
“
Author: The ion getter pump has successfully recovered and appears to be operating steadily once more. Consequently, I proceeded with sputtering to obtain an XPS survey scan of the Au sample. Initially, the stability of the X-ray function was compromised, leading to multiple interruptions. Subsequently, an unexplained issue arose regarding the collection of counts on the channeltron detector. Additionally, the emission current exhibited fluctuations. Fortunately, it seems that we have addressed and resolved the previous issues. In the image below, two XPS survey spectra are presented. The spectrum highlighted with a red line corresponds to the AlKa source, which was selected using the AlKa button. Conversely, the spectrum with a black line represents the MgKa source. In both cases, the energy configuration was set to 1486.7 eV. It's worth noting that the 1050 eV peak in both spectra corresponds to the Au4f state, with an energy displacement of 961.7 eV due to X-ray ghost lines caused by O contamination (84+961.7). It has come to my attention that the Mg source appears to have oxidized, a phenomenon we've observed before. Moreover, it's important to highlight that the difference between the peaks in the low binding energy region is approximately 100 eV, not the expected 233 eV (considering the energy difference between magnesium and aluminum). This observation holds true for both cases where the same energy setting was used. Additionally, the energy of the Au4f peakSotirios Tsatso
“
Instead of just "Sotirios Tsatso".
So it had nothing to do with the cookies etc.. But when the item created in this way was called up, the system crashed:
[248459.853246] elogd_misc[8407]: segfault at 561725164a4e ip 00007f8210c02854 sp 00007ffdcb92b338 error 4 in libc-2.31.so[7f8210a99000+178000]
[248459.853251] Code: 7f 07 c5 fe 7f 4f 20 c5 fe 7f 54 17 e0 c5 fe 7f 5c 17 c0 c5 f8 77 c3 48 39 f7 0f 87 ab 00 00 00 0f 84 e5 fe ff ff c5 fe 6f 26 <c5> fe 6f 6c 16 e0 c5 fe 6f 74 16 c0 c5 fe 6f 7c 16 a0 c5 7e 6f 44
| Heinz Junkes wrote: |
|
Our elog instance (elogd 3.1.4 built Jan 13 2021, 20:44:20 revision ce2a48e9) has been running for years without any problems.
We have a new user who consistently crashes the elog:
GET /Omicron-STM-XPS/?rsort=Record%20date HTTP/1.1
Host: elog.fhi-berlin.mpg.de:4821
Cache-Control: max-age=0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-gpc: 1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Referer: https://elog.fhi-berlin.mpg.de/elog/isc/Omicron-STM-XPS/
Accept-Encoding: gzip, deflate, br
Accept-Language: el-GR,el;q=0.9,en;q=0.8
Cookie: ufnm=Sotirios Tsatsos; urem=1; elmode=full; elattach=1; sid=CD2B04E2C3F02EA4; googtrans=/en/en; amp_6e403e=aWS6RQd5UjGctj5Ym_cDzA.c2Fsdm9fc290b2thaXRlbkB5YWhvby5jb20=..1hajnscc0.1hajnscc0.0.ac.ac
X-Forwarded-For: 141.14.151.26
X-Forwarded-Host: elog.fhi-berlin.mpg.de
X-Forwarded-Server: elog.fhi-berlin.mpg.de
Connection: Keep-Alive
Received unknown cookie "googtrans"
Received unknown cookie "amp_6e403e"
*** buffer overflow detected ***: terminated
Abort (core dumped)
|
|
|
69721
|
Fri Jan 19 15:49:13 2024 |
 | Frank Heyroth | heyroth(at)cmat.uni-halle.de | Bug report | Linux | 3.1.4 | user change under webserver authentication not recognized | Hi all,
I am using the Apache webserver authentication and redirection over http (not https). I have configured it 1:1 as described in the Adminguide. In the elog.cfg I set Authentication = Webserver.
All works fine; the webserver requests an authentication and elog recognizes me correctly.
However, when I close and reopen the browser and log in as a different user, elog does not change the user (tested with Firefox and Edge).
I can only change the user if I use a different browser or restart the elogd (reload is not enough).
The X-Forwarded-User header is set to the correct username - I have checked it with a CustomLog in Apache.
Best regards,
Frank |
|
69725
|
Wed Jan 24 14:50:21 2024 |
| Frank Heyroth | heyroth (at) cmat.uni-halle.de | Bug report | Linux | 3.1.5-1 | Re: user change under webserver authentication not recognized | I found the reason of the bug:
In line 27441 of elogd.cxx the http_user is overwritten by the user saved in the sid_ array as a sideeffect of the sid_check function:
sid_check(getparam("sid"), http_user)
It can solved by changing elogd.cxx @ line 27441
27441c27441,27446
< if (!sid_check(getparam("sid"), http_user)) { /* if we don't have a sid yet, set it */
---
> i=sid_check(getparam("sid"), thumb_name);
> if (i && strcmp(http_user,thumb_name)!=0) { /* user changed */
> sid_remove(getparam("sid"));
> i=FALSE;
> }
> if (!i) { /* if we don't have a sid yet, set it */
Remark: I have used the variables i & thumb_name of the function in a local context. |
|
69726
|
Tue Jan 30 13:10:38 2024 |
| Alexey Khudyakov | khudyakov@sepulcarium.org | Bug report | Linux | ELOG V3.1.5 | Re: http status 200 returned for "file not found" | > "file not found" should return http code 404. elogd returns code 200 together
> with a page containing text "404 not found". This pollutes the browser cache
> with wrong content (in this case, we are trying to load a css file, and the browser
> is trying to use text "404 not found" as if it were a css. bad. file not found
> should return http code 404. K.O.
Yes. That's quite a problem when interacting with ELOG programmatically. Only way to
find whether response succeeded or failed with 404 is to parse response body
When file is not found send_file_direct calls show_html_header which in turn calls
show_http_header which sets HTTP code 200 unconditionally. It's reasonably easy to
patch around. |
|
69741
|
Fri Feb 23 14:59:29 2024 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | ELOG V3.1.5 | Re: http status 200 returned for "file not found" | > > "file not found" should return http code 404. elogd returns code 200 together
> > with a page containing text "404 not found". This pollutes the browser cache
> > with wrong content (in this case, we are trying to load a css file, and the browser
> > is trying to use text "404 not found" as if it were a css. bad. file not found
> > should return http code 404. K.O.
>
> Yes. That's quite a problem when interacting with ELOG programmatically. Only way to
> find whether response succeeded or failed with 404 is to parse response body
>
> When file is not found send_file_direct calls show_html_header which in turn calls
> show_http_header which sets HTTP code 200 unconditionally. It's reasonably easy to
> patch around.
I fixed the code to properly return "404 Not Found" in case a non-existing file is requested.
Stefan |
|
69742
|
Fri Feb 23 15:13:46 2024 |
| Stefan Ritt | Thstefan.ritt@psi.ch | Bug report | Linux | 3.1.5-1 | Re: user change under webserver authentication not recognized | Thanks for the fix, I committed it. Please give it a quicky try sinc I cannot test it here (don't use webserver authentication...)
Stefan
| Frank Heyroth wrote: |
|
I found the reason of the bug:
In line 27441 of elogd.cxx the http_user is overwritten by the user saved in the sid_ array as a sideeffect of the sid_check function:
sid_check(getparam("sid"), http_user)
It can solved by changing elogd.cxx @ line 27441
27441c27441,27446
< if (!sid_check(getparam("sid"), http_user)) { /* if we don't have a sid yet, set it */
---
> i=sid_check(getparam("sid"), thumb_name);
> if (i && strcmp(http_user,thumb_name)!=0) { /* user changed */
> sid_remove(getparam("sid"));
> i=FALSE;
> }
> if (!i) { /* if we don't have a sid yet, set it */
Remark: I have used the variables i & thumb_name of the function in a local context.
|
|
|
69752
|
Thu Mar 7 08:55:49 2024 |
| Andreas Warburton | andreas.warburton@mcgill.ca | Bug report | Mac OSX | 3.1.5-23df00d9 | Runaway bogus attachment counts in Summary view attachment column | On a new MacBook Pro (Silicon M3), I installed version 3.1.5 build 23df00d9. The application appears to work normally, except that, after a short while, the indicated attachment count (paperclips in the attachment column of the Summary view) starts to increment fairly rapidly with each time that I visit the page. Attachment counts appear even for records that don't have any attachments. When I access records individually, either those with or without real attachments, everything looks OK. Any insights as to what might be causing this, and how to correct?
Installation went smoothly using the (now longstanding) MacOS installation instructions, with one small exception: When doing the "sudo launchctl load ..." step, there is occasionally an I/O error of some kind. (Sorry, I don't have an exact transcript of the error at the moment, but it appears to refer to line 5 of a script.)
Many thanks,
Andreas W. |
|