Your message dated Tue, 29 Jul 2014 15:27:18 -0700
with message-id <[email protected]>
and subject line zoneminder: hash authentication broken in update
has caused the Debian Bug report #666980,
regarding zoneminder: hash authentication broken in update
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
666980: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666980
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: zoneminder
Version: 1.25.0-1
Severity: normal
Dear Maintainer,
I upgraded from 1.24.2 recently, and streaming (live and
recorded) failed with errors in the log:
socket_sendto( /tmp/zms-562793s.sock ) failed: No such file or directory
I tracked this down to a socket that should
have been created by nph-zms, then ran this cgi
program under the shell with the arguments from
/var/log/apache/access.log. It didn't work,
and printed an error about authentication. I added
user=<username>&pass=<password> to the arguments, and the
nph-zms program streamed jpeg data.
I then reconfigured zoneminder to use "plain" instead of
"hashed" under AUTH_RELAY. That "fixed" the glitch, but
now the username and password information is included in
pages, and that seems dangerous to me.
I tried rebuilding from source, and noticed that the
configure script prints the following warnings; perhaps
they are part of the problem.
checking for gcrypt.h... yes
checking for gcry_check_version in -lgcrypt... no
configure: WARNING: libgcrypt.a is required for authenticated streaming - use
ZM_SSL_LIB option to select openssl instead
checking for MD5 in -lgnutls-openssl... no
configure: WARNING: gnutls-openssl.a is required for authenticated streaming -
use ZM_SSL_LIB option to select openssl instead
I was able to use this configuration option in the previous
version, as confirmed to me by apache access logs.
Thanks,
-neil
-- System Information:
Debian Release: wheezy/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.1.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages zoneminder depends on:
ii apache2 2.2.22-2
ii apache2-mpm-prefork [apache2] 2.2.22-2
ii ffmpeg 5:0.7.11-0.2
ii javascript-common 7
ii libapache2-mod-php5 5.4.0-3
ii libarchive-tar-perl <none>
ii libarchive-zip-perl 1.30-6
ii libavcodec53 4:0.8.1-1
ii libavdevice53 4:0.8.1-1
ii libavformat53 4:0.8.1-1
ii libavutil51 4:0.8.1-1
ii libbz2-1.0 1.0.6-1
ii libc6 2.13-27
ii libdate-manip-perl 6.31-1
ii libdevice-serialport-perl 1.04-2+b3
ii libgcc1 1:4.6.3-1
ii libgcrypt11 1.5.0-3
ii libgnutls-openssl27 2.12.18-1
ii libjpeg8 8d-1
ii libjs-mootools 1.4.5~debian1-1
ii libmime-lite-perl 3.028-1
ii libmime-tools-perl 5.502-1
ii libmysqlclient16 5.1.61-2
ii libpcre3 8.12-4
ii libphp-serialization-perl 0.34-1
ii libstdc++6 4.6.3-1
ii libswscale2 4:0.8.1-1
ii libsys-mmap-perl 0.16-1+b1
ii libwww-perl 5.836-1
ii mysql-client-5.1 [mysql-client] 5.1.61-2
ii mysql-server 5.1.61-2
ii mysql-server-5.1 [mysql-server] 5.1.61-2
ii perl 5.14.2-9
ii perl-modules [libmodule-load-perl] 5.14.2-9
ii php5 5.4.0-3
ii php5-mysql 5.4.0-3
ii rsyslog [system-log-daemon] 5.8.9-1
ii zip 3.0-4
ii zlib1g 1:1.2.6.dfsg-2
zoneminder recommends no packages.
zoneminder suggests no packages.
-- Configuration Files:
/etc/init.d/zoneminder changed:
prog=ZoneMinder
ZM_PATH_BIN="/usr/bin"
ZM_DBG_LEVEL_zmc="-12"
export ZM_DBG_LEVEL_zmc
command="$ZM_PATH_BIN/zmpkg.pl"
start() {
echo -n "Starting $prog: "
# not needed (ns): zmfix -a
$command start
RETVAL=$?
[ $RETVAL = 0 ] && echo success
[ $RETVAL != 0 ] && echo failure
echo
[ $RETVAL = 0 ] && touch /var/lock/zm
return $RETVAL
}
stop() {
echo -n "Stopping $prog: "
#
# Why is this status check being done?
# as $command stop returns 1 if zoneminder
# is stopped, which will result in
# this returning 1, which will stuff
# dpkg when it tries to stop zoneminder before
# uninstalling . . .
#
result=`$command status`
if [ ! "$result" = "running" ]; then
echo "Zoneminder already stopped"
echo
RETVAL=0
else
$command stop
RETVAL=$?
[ $RETVAL = 0 ] && echo success
[ $RETVAL != 0 ] && echo failure
echo
[ $RETVAL = 0 ] && rm -f /var/lock/zm
fi
}
status() {
result=`$command status`
if [ "$result" = "running" ]; then
echo "ZoneMinder is running"
RETVAL=0
else
echo "ZoneMinder is stopped"
RETVAL=1
fi
}
case "$1" in
'start')
start
;;
'stop')
stop
;;
'restart' | 'force-reload')
stop
start
;;
'status')
status
;;
*)
echo "Usage: $0 { start | stop | restart | status }"
RETVAL=1
;;
esac
exit $RETVAL
/etc/zm/apache.conf changed:
<VirtualHost _default_:443>
Alias /zm /usr/share/zoneminder
<Directory /usr/share/zoneminder>
php_flag register_globals off
Options Indexes FollowSymLinks
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
</Directory>
</VirtualHost>
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 1.26.5-1
This was fixed upstream in 1.26.5, if not ealier.
live well,
vagrant
pgpBilnB4jVQ5.pgp
Description: PGP signature
--- End Message ---
