Package: ntop Version: 3:3.2-8 Severity: grave Justification: renders package unusable
Since I suspect that the cause is in SSL error mentioned below, and since shipped certificate is the one used on all the systems and no directions are given that it has to be replaced for ntop to function properly, I raised severity to grave. Recently I've upgraded the box running etch. I could succesfully login before but not now nothing appears on the browser screen whenever I go to the same "ntop-url". Log entries in /var/log/daemon.log (and after running ntop with --ssl-watched --trace-level 10) say Feb 11 02:05:49 ravana ntop[24374]: [MSGID0587829] [t1115703648 ssl:42] **ERROR** SSL(ssl_init_connection)ERROR [Thread 24374]: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate expired at s3_pkt.c(1057) SSL alert number 45 Feb 11 02:05:49 ravana ntop[24374]: [MSGID8807438] [t1115703648 http:3135] SECURITY: Loading items table Feb 11 02:05:49 ravana ntop[24374]: [MSGID8737313] [t1115703648 leaks:169] **WARNING** free of NULL pointer @ http.c:3588 Feb 11 02:05:49 ravana ntop[24374]: [MSGID8962748] [t1115703648 http:1038] **WARNING** ECONNRESET during sending of page to web client Feb 11 02:05:49 ravana ntop[24374]: [MSGID8895214] [t1115703648 http:1050] Failed text was 24 bytes, 'HTTP/1.0 404 Not Found ' ....... upgrades which were done: 2007-02-01 08:47:47 upgrade ntop 3:3.2-5 3:3.2-8 I believe it was working fine after this ntop upgrade but started to fail after upgrade of libssl (and the rest of the system ;-)) 2007-02-09 16:22:12 upgrade libssl0.9.8 0.9.8c-3 0.9.8c-4 2007-02-09 16:38:22 upgrade openssl 0.9.8c-3 0.9.8c-4 Also I can't login on another (ia64 arch) box running ntop which I upgraded at the same time. But on it the problem is a bit different: first it reports "SSL Error" if I run it in links, and then asks for login, but it seems that my valid password doesn't authenticate and error messages are: Feb 11 01:31:28 itanix ntop[32422]: **ERROR** SSL(ssl_init_connection)ERROR [Thread 32422]: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request at s23_srvr.c(379) Feb 11 01:31:28 itanix ntop[32422]: **ERROR** SSL(read)ERROR [Thread 32422]: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request at s23_srvr.c(379) Feb 11 01:31:28 itanix ntop[32422]: **ERROR** errno 1038 during sending of page to web client Feb 11 01:31:34 itanix ntop[32422]: **ERROR** SSL(ssl_init_connection)ERROR [Thread 32422]: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate expired at s3_pkt.c(1057) SSL alert number 45 ii libssl0.9.8 0.9.8c-4 SSL shared libraries ii ntop 3.2-8 I was thinking about filing a bugreport against libssl0.9.8 since may be it had changed the way to signal expired certificates... but the problem is seems to be in expired ntop's certificate so it seems to be ntop's problem. Thank you in advance -- System Information: Debian Release: 4.0 APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-amd64-generic Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages ntop depends on: ii adduser 3.102 Add and remove users and groups ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries ii libfreetype6 2.2.1-5 FreeType 2 font engine, shared lib ii libgd2-xpm 2.0.33-5.2 GD Graphics Library version 2 ii libgdbm3 1.8.3-3 GNU dbm database routines (runtime ii libjpeg62 6b-13 The Independent JPEG Group's JPEG ii libpcap0.7 0.7.2-7 System interface for user-level pa ii libpng12-0 1.2.15~beta5-1 PNG library - runtime ii libssl0.9.8 0.9.8c-4 SSL shared libraries ii zlib1g 1:1.2.3-13 compression library - runtime ntop recommends no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
