[CRITICAL] zms crashes with hashed authentication #88
Description
Reproducible: always
Observed on CentOS 6.4 and Ubuntu 12.04 server w/ puppet module
Steps to reproduce:
- Build & install zoneminder in the normal manner
- Create an empty database and add a monitor. Open the monitor and observe all is well.
- Enable OPT_USE_AUTH and verify AUTH_RELAY is set to "hashed"
- save and restart zoneminder
- Open a monitor and observe there is no longer a live stream. Observe log entries such as:
08/25/13 15:33:54.908546 zms[23317].INF-zm_signal.cpp/65 [Got signal 6 (Aborted), exiting and forcing backtrace]
NOTE: This issue occurs even though date.timezone in php.ini has a valid entry (if you happen to remember that previous issue).
Workaround:
For CentOS 6.4, setting ZM_SSL_LIB=gnutls at compile time resolves the issue. However, this workaround did not work on Ubuntu 12.04. Note that it has a newer version of gnutls than CentOS.
Further Discussion:
I have observed this issue as far back as svn3827. RPMs built on svn3639 with ZM_SSL_LIB=openssl worked fine. Until today, I had assumed it had something to do with the likely-outdated version of openssl on the CentOS platform, so I didn't initially report it.
Here is a sample of my http access log of the event that triggered the crash:
127.0.1.1:80 192.168.1.156 - - [25/Aug/2013:15:58:13 -0500] "GET /cgi-bin/nph-zms?mode=jpeg&monitor=1&scale=100&maxfps=15&buffer=1000&auth=30f76e63e2849871d683eab5e0d7f073&connkey=64310&rand=1377464293 HTTP/1.1" 200 0 "http://192.168.1.180/index.php?view=watch&mid=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0"
It is definitely generating a hash, but how to tell what is wrong with it?