zms[5287]: ERR [Unable to authenticate user]

[unclerichy]

The server config hasn't changed for months:

Redhat 9.0
Apache 1.3.29
PHP 4.3.4

On the client side:

Windows 2000 SP4
IE 6.0.2800

I've also tried logging in via Windows 2000 Server+SP3, IE 5. No joy. Still delving though...

[unclerichy]

Getting a bit further...

zm_funcs.php:userLogin()

I've add some print statements to see what it's up to...

Code: Select all

if ( $db_user = mysql_fetch_assoc( $result ) )
{
print "DB_USER OK";
        $_SESSION['user'] = $user = $db_user;
        $_SESSION['password_hash'] = $user['Password'];
}
else
{
print "DB_USER failed";
        unset( $user );
}
if ( $cookies ) session_write_close();

The results of which are:

Code: Select all

DB_USER failed

Hmmm.

EDIT: I've swapped mysql_fetch_assoc for mysql_fetch_array( MYSQL_ASSOC) and that fails too. Trying MYSQL_NUM instead works...

Here's my zm.Users table:

Code: Select all

+------------+----------------------------+------+-----+---------+----------------+
| Field      | Type                       | Null | Key | Default | Extra          |
+------------+----------------------------+------+-----+---------+----------------+
| Id         | int(10) unsigned           |      | PRI | NULL    | auto_increment |
| Username   | varchar(32)                |      | UNI |         |                |
| Password   | varchar(64)                |      |     |         |                |
| Language   | varchar(8)                 |      |     |         |                |
| Enabled    | tinyint(3) unsigned        |      |     | 1       |                |
| Stream     | enum('None','View')        |      |     | None    |                |
| Events     | enum('None','View','Edit') |      |     | None    |                |
| Monitors   | enum('None','View','Edit') |      |     | None    |                |
| System     | enum('None','View','Edit') |      |     | None    |                |
| MonitorIds | tinytext                   |      |     |         |                |
+------------+----------------------------+------+-----+---------+----------------+

Your turn

[unclerichy]

On the off-chance that my tables were corrupt, I shut down the server, ran myisamchk and restarted the server.

Would you believe it, mysql_fetch_assoc() is working.

However, $_SESSION['user'] seems to be vanishing between then and zm_html_view_postlogin.php, resulting in being thrown back to the login screen.

EDIT: Hmmm. I've just installed an evaluation version of the Zend debugger and all of a sudden I can log on

[tek]

I can login if i turn off authentication but still have no video, in /var/log/messages i have this.

Jan 23 00:15:21 superbox zms[10899]: ERR [Unable to authenticate user]
Jan 23 00:15:31 superbox zmu[10901]: ERR [Shared memory not initialised by capture daemon]
Jan 23 00:15:36 superbox zms[10905]: ERR [Unable to authenticate user]
Jan 23 00:15:42 superbox zmu[10907]: ERR [Shared memory not initialised by capture daemon]

so testing memory address i get this which matches ZM_SHM_KEY in the config, 0x7a6d2003
[root@superbox bin]# ipcs -m

------ Shared Memory Segments --------
key shmid owner perms bytes nattch status
0x0052e2c1 0 postgres 600 1466368 3
0x7a6d2003 32769 apache 700 9216508 0



This is with the latest version 1.20.0 of zoneminder

Im running this on Mandrake 9.2 with
Server Version: Apache-AdvancedExtranetServer/2.0.47 (Mandrake
Linux/6.12.92mdk) mod_perl/1.99_09 Perl/v5.8.1 mod_ssl/2.0.47
OpenSSL/0.9.7b PHP/4.3.2

mysql Ver 12.21 Distrib 4.0.15, for mandrake-linux-gnu (i586)

[loop]

Same here - cannot login if auth is on. I've upgradede from 1.19.5 which worked fine with this apache and php. My machine is SUSE 9.1 with latest online update.

DN

[zoneminder]

We seem to have two different problems going on here in the same thread somehow.

The logging in problem I'm most confused about because that area is the same as in previous versions, so I don't know what's going on there.

The stream authentication issue I need some more detail from anyone who's suffering from it. Previous posts on this thread tell you what to do, add a little debug to zm_user.cpp and include what the img strings looks like from a feed page.

Phil

[tek]

If i turn on authentication i can not log in. with it off this is what i get in /var/log/messages which is the same with it turned on.

Jan 23 04:16:44 superbox zmu[30098]: ERR [Shared memory not initialised by capture daemon]
Jan 23 04:16:44 superbox zms[30099]: ERR [Unable to authenticate user]
Jan 23 04:16:57 superbox zmu[30105]: ERR [Shared memory not initialised by capture daemon]
Jan 23 04:17:00 superbox CROND[30110]: (root) CMD ( /usr/share/msec/promisc_check.sh)
Jan 23 04:17:09 superbox zmu[30119]: ERR [Shared memory not initialised by capture daemon]
Jan 23 04:17:20 superbox zmu[30123]: ERR [Shared memory not initialised by capture daemon]

I added a log specific to just zoneminder earlier but havent gotten anything of use out of it yet either but here is what i do get.
[root@superbox zm]# tail -f /var/log/zoneminder/zmwatch.log
Watchdog starting at 05/01/22 17:05:00
Watchdog pausing for 30 seconds
Watchdog starting at 05/01/22 17:09:52
Watchdog pausing for 30 seconds
Watchdog starting at 05/01/22 17:10:02
Watchdog pausing for 30 seconds

If i check the URL of the image that is not showing up here is what i am getting.

https://192.168.0.100/cgi-bin/zms?mode= ... format=asf

[zoneminder]

Hmm. None of those messages are related to being able to log in or not. The 'authenticate' user one is one we are trying to track down but that only applies to streaming whether you are logged in or not. The other error from zmu normally suggests that the capture daemon hasn't started, usually because a monitor is not set to do anything or that ZM hasn't been started. What is in your zmdc.log?

Phil

[rdmelin]

Having made the changes to zm_user.cpp and rebuilt and installed, my img source line looks like this:

Code: Select all

<img src="/cgi-bin/nph-zms?mode=jpeg&monitor=1&scale=100&maxfps=15" border="0" width="320" height="240">

This is with ZM_AUTH_METHOD set to hashed and the ZM_AUTH_SECRET field filled in.

Ross

[zoneminder]

That is ultra strange. Can you have a look in zm_funcs.php and find the getStreamSrc function. Perhaps you could stick a little debug in there and establish what path it's taking through the function.

I assume you have ZM_AUTH_OPT on by the way, I know there is definitely a problem when it's off but I'd rather wait until I fix this one before putting out an update.

Phil

[oskin]

That who receives an error "Unable to authenticate user": try to make logout (click to username in ZM-console) and again make login...

[oskin]

I have found two reasons of occurrence of this mistake:
1. The name of the user contains uppercase letters.
2. Wrong converting md5sum in auth_md5 (zm_user.cpp.)

There will be still a mistake "Error, insufficient privileges for requested action" - the reason in discrepancy of quantity of fields in SQL-expression (zmLoadUser(), zmLoadAuthUser()) and in function User::User (MYSQL_ROW *dbrow).

All these mistakes can be corrected an applied patch:

Code: Select all

--- zm-1.20.0/web/zm_actions.php.orig   2005-01-24 00:01:37.183683863 +0300
+++ zm-1.20.0/web/zm_actions.php        2005-01-24 00:01:53.935886796 +0300
@@ -23,7 +23,7 @@
        //phpinfo( INFO_VARIABLES );
        if ( $action == "login" && $username && $password )
        {
-               userLogin( $username, $password );
+               userLogin( strtolower( $username ), $password );
        }
        elseif ( $action == "logout" )
        {
--- zm-1.20.0/src/zm_user.cpp.orig      2005-01-23 22:56:32.981747061 +0300
+++ zm-1.20.0/src/zm_user.cpp   2005-01-23 23:47:33.140934710 +0300
@@ -106,7 +106,7 @@
 User *zmLoadUser( const char *username, const char *password )
 {
        char sql[BUFSIZ] = "";
-       snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password );
+       snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password );

        if ( mysql_query( &dbconn, sql ) )
        {
@@ -151,7 +151,7 @@
        }

        char sql[BUFSIZ] = "";
-       snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" );
+       snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" );

        if ( mysql_query( &dbconn, sql ) )
        {
@@ -202,7 +202,7 @@

                        MD5( (unsigned char *)auth_key, strlen(auth_key), md5sum );
                        auth_md5[0] = '\0';
-                       for ( int j = 0; j < strlen((const char *)md5sum); j++ )
+                       for ( int j = 0; j < MD5_DIGEST_LENGTH; j++ )
                        {
                                sprintf( auth_md5+strlen(auth_md5), "%02x", md5sum[j] );
                        }

[zoneminder]

You're right about the SQL strings, though I could have sworn I did exactly that a few days ago.

I don't know why you think the username needs to be lowercase though, maybe you can explain.

Cheers

Phil

[tek]

Hmm. None of those messages are related to being able to log in or not. The 'authenticate' user one is one we are trying to track down but that only applies to streaming whether you are logged in or not. The other error from zmu normally suggests that the capture daemon hasn't started, usually because a monitor is not set to do anything or that ZM hasn't been started.l

I have setup one monitor which is setup to record as follows
3. Axis Record 192.168.0.208
yet i have nothing and as i bang around on this more i am finding out the daemon is not starting, it crashes when trying.
perhaps i should move this to a new thread? sorry, new to this program. what i do have as far as logging is this.

What is in your zmdc.log?

file does not exist, looks like it did not get created, i did create a directory for logging in /var/log/zoneminder but only have two files in there

here is the output of the one that has new stuff being written in it.

[root@superbox init.d]# tail -f /var/log/zoneminder/zmpkg.log
Can't open log file: Permission denied at /usr/local/bin/zmdc.pl line 167.
Can't connect: No such file or directory at /usr/local/bin/zmdc.pl line 159.
Executing: su apache --shell=/bin/sh --command='/usr/local/bin/zmdc.pl start zmwatch.pl'
Can't open log file: Permission denied at /usr/local/bin/zmdc.pl line 167.
Can't connect: No such file or directory at /usr/local/bin/zmdc.pl line 159.
Executing: su apache --shell=/bin/sh --command='/usr/local/bin/zmdc.pl start zmupdate.pl -c'
Can't open log file: Permission denied at /usr/local/bin/zmdc.pl line 167.
Can't connect: No such file or directory at /usr/local/bin/zmdc.pl line 159.
Command: status
Executing: su apache --shell=/bin/sh --command='/usr/local/bin/zmdc.pl check'


basically it looks like the logfile never got created which i thought might be preventing the daemon from starting up. So now i have created the logfile. Now it is not complaining about no such file or directory but still will not start. I will have to come back to this after a service call. I will also start a new thread as this appears to not be the same issue. sorry, my bad.

[oskin]

Oops.. in it I appeared is not right - check was affected with the extraneous factor. The patch for zm_actions.php is not necessary.
A final patch:

Code: Select all

--- zm-1.20.0/src/zm_user.cpp.orig      2005-01-23 22:56:32.981747061 +0300
+++ zm-1.20.0/src/zm_user.cpp   2005-01-23 23:47:33.140934710 +0300
@@ -106,7 +106,7 @@
 User *zmLoadUser( const char *username, const char *password )
 {
        char sql[BUFSIZ] = "";
-       snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password );
+       snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password );

        if ( mysql_query( &dbconn, sql ) )
        {
@@ -151,7 +151,7 @@
        }

        char sql[BUFSIZ] = "";
-       snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" );
+       snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" );

        if ( mysql_query( &dbconn, sql ) )
        {
@@ -202,7 +202,7 @@

                        MD5( (unsigned char *)auth_key, strlen(auth_key), md5sum );
                        auth_md5[0] = '\0';
-                       for ( int j = 0; j < strlen((const char *)md5sum); j++ )
+                       for ( int j = 0; j < MD5_DIGEST_LENGTH; j++ )
                        {
                                sprintf( auth_md5+strlen(auth_md5), "%02x", md5sum[j] );
                        }