Bug#410498: marked as done (ntop: after recent upgrade can't login: SSL expired certificate?)

Sun, 03 Apr 2016 18:34:44 -0700 

Your message dated Mon, 04 Apr 2016 01:32:15 +0000
with message-id <[email protected]>
and subject line Bug#819849: Removed package(s) from unstable
has caused the Debian Bug report #410498,
regarding ntop: after recent upgrade can't login: SSL expired certificate?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
410498: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410498
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: ntop
Version: 3:3.2-8
Severity: grave
Justification: renders package unusable


Since I suspect that the cause is in SSL error mentioned below, and
since shipped certificate is the one used on all the systems and no
directions are given that it has to be replaced for ntop to
function properly, I raised severity to grave.

Recently I've upgraded the box running etch. I could succesfully login
before but not now nothing appears on the browser screen whenever I go
to the same "ntop-url". Log entries in /var/log/daemon.log (and after
running ntop with --ssl-watched --trace-level 10) say

Feb 11 02:05:49 ravana ntop[24374]:  [MSGID0587829] [t1115703648 ssl:42] 
**ERROR** SSL(ssl_init_connection)ERROR [Thread 24374]: error:14094415:SSL 
routines:SSL3_READ_BYTES:sslv3 alert certificate expired at s3_pkt.c(1057) SSL 
alert number 45
Feb 11 02:05:49 ravana ntop[24374]:  [MSGID8807438] [t1115703648 http:3135] 
SECURITY: Loading items table
Feb 11 02:05:49 ravana ntop[24374]:  [MSGID8737313] [t1115703648 leaks:169] 
**WARNING** free of NULL pointer @ http.c:3588
Feb 11 02:05:49 ravana ntop[24374]:  [MSGID8962748] [t1115703648 http:1038] 
**WARNING** ECONNRESET during sending of page to web client
Feb 11 02:05:49 ravana ntop[24374]:  [MSGID8895214] [t1115703648 http:1050] 
Failed text was 24 bytes, 'HTTP/1.0 404 Not Found  '
.......

upgrades which were done:
2007-02-01 08:47:47 upgrade ntop 3:3.2-5 3:3.2-8
I believe it was working fine after this ntop upgrade but started to
fail after upgrade of libssl (and the rest of the system ;-))
2007-02-09 16:22:12 upgrade libssl0.9.8 0.9.8c-3 0.9.8c-4
2007-02-09 16:38:22 upgrade openssl 0.9.8c-3 0.9.8c-4

Also I can't login on another (ia64 arch) box running ntop which I
upgraded at the same time. But on it the problem is a bit different:
first it reports "SSL Error" if I run it in links, and then asks for
login, but it seems that my valid password doesn't authenticate and
error messages are:
Feb 11 01:31:28 itanix ntop[32422]:   **ERROR** SSL(ssl_init_connection)ERROR 
[Thread 32422]: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request 
at s23_srvr.c(379) 
Feb 11 01:31:28 itanix ntop[32422]:   **ERROR** SSL(read)ERROR [Thread 32422]: 
error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request at 
s23_srvr.c(379) 
Feb 11 01:31:28 itanix ntop[32422]:   **ERROR** errno 1038 during sending of 
page to web client
Feb 11 01:31:34 itanix ntop[32422]:   **ERROR** SSL(ssl_init_connection)ERROR 
[Thread 32422]: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert 
certificate expired at s3_pkt.c(1057) SSL alert number 45

ii  libssl0.9.8    0.9.8c-4       SSL shared libraries
ii  ntop           3.2-8      

I was thinking about filing a bugreport against libssl0.9.8 since may be
it had changed the way to signal expired certificates... but the problem
is seems to be in expired ntop's certificate so it seems to be ntop's
problem.

Thank you in advance

-- System Information:
Debian Release: 4.0
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-amd64-generic
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages ntop depends on:
ii  adduser                   3.102          Add and remove users and groups
ii  debconf [debconf-2.0]     1.5.11         Debian configuration management sy
ii  libc6                     2.3.6.ds1-8    GNU C Library: Shared libraries
ii  libfreetype6              2.2.1-5        FreeType 2 font engine, shared lib
ii  libgd2-xpm                2.0.33-5.2     GD Graphics Library version 2
ii  libgdbm3                  1.8.3-3        GNU dbm database routines (runtime
ii  libjpeg62                 6b-13          The Independent JPEG Group's JPEG 
ii  libpcap0.7                0.7.2-7        System interface for user-level pa
ii  libpng12-0                1.2.15~beta5-1 PNG library - runtime
ii  libssl0.9.8               0.9.8c-4       SSL shared libraries
ii  zlib1g                    1:1.2.3-13     compression library - runtime

ntop recommends no packages.

-- debconf information excluded

--- End Message ---
--- Begin Message --- 
Version: 3:5.0.1+dfsg1-3+rm

Dear submitter,

as the package ntop has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/819849

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)

--- End Message ---

Reply via email to