Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 791 of 796  Not logged in ELOG logo
 Find |  Login |  Help 
New entries since:Thu Jan 1 01:00:00 1970
 Full | Summary | Threaded | Collapse | Expand  Show all entries    6364 Entries 
Goto page Previous  1, 2, 3 ... 790, 791, 792 ... 794, 795, 796   Next  
    icon2.gif   Re: Problem with CRYPT+SSL and elog command line entries, posted by Aaron Couture on Thu Jan 7 21:22:09 2010 elogc.patch

I Aaron Couture wrote:

I have attached a possible patch--basically pirated from elogd.c  Because strlcpy needed for the crypt cares about size, do_crypt needed the size, which had not been a concern for base64_encode in elog.c   As a result, base64_encode changed slightly as well.  I think the implementation places a limit of 32 characters on passwords, which seemed to already be the limit in elogd.c  The elog.c limit appeared to be 80 characters.  I tested both SSL and SSL+CRYPT for commandline elog entries with both a logbook specific write password as well as username/password combo in a password file.

 

AJC

 

 

I am in the process of setting up a new ELOG logbook.  I checked out rev2280 from svn.savannah.psi.ch.  I knew I wanted to encrypt passwords, so when I compiled, I used flags

 

USE_SSL=1

and

USE_CRYPT=1

 

I am running Red Hat enterprise linux 3, glibc-devel-2.3.2-95.50, openssl-devel-0.9.7a-33.25

Everything seemed to be working fine--I was able to set up logbooks using both a password file as well as write passwords and make entries to the logs.  Then I tried to use the command line 'elog' to make an entry which failed to both logbooks.

 

/opt/elog/pro/elogd -c /opt/elog/pro/dansce_fancy.cfg -l Demo1 -w <mypassword>

Would change the password in dansce_fancy.cfg and I could make entries through the web interface, but

 

elog -h acouture -s -p 8081 -w <mypassword> -l Demo1 -a Author="Aaron Couture" -a Type=Routine  -m Sampleinfo.txt -x -n 1

failed with

Error: Invalid user name or password

I got the same behaviour when I used a logbook with a user/password pair defined in a password file.

 

When I looked at the output from running elogd with the -v flag, I could see that everything was being received on the server side, but that the password did not agree with the write password in dansce_fancy.cfg

I then recompiled elog with

USE_SSL=1

USE_CRYPT=

And then the elog command line entries worked, both with write passwords and a password file (after recreating the password file and the write password).  Looking at the elog.c source code, it appears that it does not know to use crypt rather then base64_encode when USE_CRYPT is true.  elogd.c defined different behaviour if USE_CRYPT is defined.

 

Thanks,

 

Aaron Couture

 

 

 

    icon2.gif   Re: Problem with CRYPT+SSL and elog command line entries, posted by Aaron Couture on Fri Jan 8 18:26:56 2010 elogc.patch

Aaron Couture wrote:

I Aaron Couture wrote:

There was some sloppiness in the original patch--__USE_XOPEN wasn't defined, but worked when elog wasn't compiled alone.  Now the appropriate ifndef/define statements are in elog.c

 

I have attached a possible patch--basically pirated from elogd.c  Because strlcpy needed for the crypt cares about size, do_crypt needed the size, which had not been a concern for base64_encode in elog.c   As a result, base64_encode changed slightly as well.  I think the implementation places a limit of 32 characters on passwords, which seemed to already be the limit in elogd.c  The elog.c limit appeared to be 80 characters.  I tested both SSL and SSL+CRYPT for commandline elog entries with both a logbook specific write password as well as username/password combo in a password file.

 

AJC

 

 

I am in the process of setting up a new ELOG logbook.  I checked out rev2280 from svn.savannah.psi.ch.  I knew I wanted to encrypt passwords, so when I compiled, I used flags

 

USE_SSL=1

and

USE_CRYPT=1

 

I am running Red Hat enterprise linux 3, glibc-devel-2.3.2-95.50, openssl-devel-0.9.7a-33.25

Everything seemed to be working fine--I was able to set up logbooks using both a password file as well as write passwords and make entries to the logs.  Then I tried to use the command line 'elog' to make an entry which failed to both logbooks.

 

/opt/elog/pro/elogd -c /opt/elog/pro/dansce_fancy.cfg -l Demo1 -w <mypassword>

Would change the password in dansce_fancy.cfg and I could make entries through the web interface, but

 

elog -h acouture -s -p 8081 -w <mypassword> -l Demo1 -a Author="Aaron Couture" -a Type=Routine  -m Sampleinfo.txt -x -n 1

failed with

Error: Invalid user name or password

I got the same behaviour when I used a logbook with a user/password pair defined in a password file.

 

When I looked at the output from running elogd with the -v flag, I could see that everything was being received on the server side, but that the password did not agree with the write password in dansce_fancy.cfg

I then recompiled elog with

USE_SSL=1

USE_CRYPT=

And then the elog command line entries worked, both with write passwords and a password file (after recreating the password file and the write password).  Looking at the elog.c source code, it appears that it does not know to use crypt rather then base64_encode when USE_CRYPT is true.  elogd.c defined different behaviour if USE_CRYPT is defined.

 

Thanks,

 

Aaron Couture

 

 

 

 

icon6.gif   Security (passwords over web browser), posted by Aamir Khan on Tue Feb 25 22:18:57 2003  
Stefan - Just to say that this is an excellent piece of work well done.

I have just started an internal company Elog server, couple of 
clarifications :

1) is there a way around seeing the password in text when self regestering, 
if I turn this option off when the user changes his password will this 
password still be seen?

2) I have changed all the files to be owned on my RedHat Server by the 
user:group as elog:elog and set and moved the logbooks to another directory 
other than in /usr/local/elog namely /home/elog/logbooks, my concern is is 
I was to upgrade to a newer version would it be a simple install over the 
top? any caveats?

thanks again an absolute dream program.

kind regards Aamir
icon5.gif   elogd.cfg, posted by Aamir Khan on Tue Feb 25 22:35:44 2003  
Stefan and friends,

without breaching your own security, could it be possible to see what the 
elogd.cfg file looks like, also if others would like to post theirs, this 
would be great in building exmaples etc, obviosly an security related or 
mail server entries hashed out.

I am a tad new at this stuff, but eventually would try my hand at getting 
hold of the source code and compiling on AIX and then intergrating into 
shell and error reporting. - OK .. a bit in the furture anyway, if someone 
has already done this please post.

kind regards Aamir
icon5.gif   Compile on AIX 5L, posted by Aamir Khan on Tue Mar 11 18:40:39 2003  
Dear Friends,

Anyone managed to compile elog on AIX 5.2 or 5.1 ... is there a binary 
anywhere?

new to "C"

kind regards Aamir
icon5.gif   Compilation failure on Mac OSX 10.9, posted by A.G. Schubert on Tue Nov 5 23:21:52 2013 

When compiling elog on OSX 10.9 (Mavericks), I get the error below.

Elog will compile without error if I add -D_FORTIFY_SOURCE=0 to CFLAGS in Makefile, but I'm not sure whether this is a good idea.

 

$ make

cc -O3 -funroll-loops -fomit-frame-pointer -W -Wall  -I../mxml  -DHAVE_SSL -w -c -o crypt.o src/crypt.c

cc -O3 -funroll-loops -fomit-frame-pointer -W -Wall  -I../mxml  -DHAVE_SSL -o elog src/elog.c crypt.o -lssl

src/elog.c:125:8: error: expected parameter declarator

size_t strlcpy(char *dst, const char *src, size_t size)

       ^

/usr/include/secure/_string.h:105:44: note: expanded from macro 'strlcpy'

  __builtin___strlcpy_chk (dest, src, len, __darwin_obsz (dest))

                                           ^

/usr/include/secure/_common.h:39:62: note: expanded from macro '__darwin_obsz'

#define __darwin_obsz(object) __builtin_object_size (object, _USE_FORTIFY_LEVEL > 1 ? 1 : 0)

                                                             ^

/usr/include/secure/_common.h:30:32: note: expanded from macro '_USE_FORTIFY_LEVEL'

#    define _USE_FORTIFY_LEVEL 2

                               ^

src/elog.c:125:8: error: expected ')'

/usr/include/secure/_string.h:105:44: note: expanded from macro 'strlcpy'

  __builtin___strlcpy_chk (dest, src, len, __darwin_obsz (dest))

                                           ^

/usr/include/secure/_common.h:39:62: note: expanded from macro '__darwin_obsz'

#define __darwin_obsz(object) __builtin_object_size (object, _USE_FORTIFY_LEVEL > 1 ? 1 : 0)

                                                             ^

/usr/include/secure/_common.h:30:32: note: expanded from macro '_USE_FORTIFY_LEVEL'

#    define _USE_FORTIFY_LEVEL 2

                               ^

src/elog.c:125:8: note: to match this '('

/usr/include/secure/_string.h:105:44: note: expanded from macro 'strlcpy'

  __builtin___strlcpy_chk (dest, src, len, __darwin_obsz (dest))

                                           ^

/usr/include/secure/_common.h:39:53: note: expanded from macro '__darwin_obsz'

#define __darwin_obsz(object) __builtin_object_size (object, _USE_FORTIFY_LEVEL > 1 ? 1 : 0)

 

                                                    ^

    icon2.gif   Re: Compilation failure on Mac OSX 10.9, posted by A.G. Schubert on Thu Nov 7 02:18:17 2013 

Stefan Ritt wrote:

A.G. Schubert wrote:

When compiling elog on OSX 10.9 (Mavericks), I get the error below.

Elog will compile without error if I add -D_FORTIFY_SOURCE=0 to CFLAGS in Makefile, but I'm not sure whether this is a good idea.

All over sudden gcc comes with its own version of "strlcpy", which I had defined "manually" since many years inside ELOG. Using -DFORTIFY_SOURCE=0 will not harm, so you can use it. The "real" solution is to take our ELOG's strlcpy/strlcat, which I did on the current SVN version.

Best regards,
Stefan 

Ok, I tried updating my SVN working copy, but I didn't get any updates past elog rev. 2494, mxml rev. 74.  I undid my changes to Makefile, tried to compile, but got the same errors.  

I then pulled down elog and mxml with git, and these are working for me with no errors.  Thanks!

    icon2.gif   Re: author field in reply, posted by A. Tuttle on Wed Apr 18 21:53:26 2012 
Look in https://midas.psi.ch/elog/config.html
--
Fun things to set are:
Preset on first reply <attribute> = <string>
and
Preset on reply <attribute> = <string>
Goto page Previous  1, 2, 3 ... 790, 791, 792 ... 794, 795, 796   Next  
ELOG V3.1.5-2eba886