Author Topic: Server Error Reports  (Read 777774 times)

0 Members and 5 Guests are viewing this topic.

Offline sokoloff

  • Super Contributor
  • ***
  • Posts: 1799
  • Country: us
Re: Server Error Reports
« Reply #300 on: August 27, 2020, 03:08:15 pm »
SSL cert expired a couple hours ago. (Time now is 11:08 AM EDT.)

 

Online BrianHG

  • Super Contributor
  • ***
  • Posts: 8126
  • Country: ca
Re: Server Error Reports
« Reply #301 on: August 27, 2020, 06:03:43 pm »
New firefox just gave me this:
Also something with the SSL security...
 

Offline IanB

  • Super Contributor
  • ***
  • Posts: 12402
  • Country: us
Re: Server Error Reports
« Reply #302 on: August 27, 2020, 06:06:44 pm »
Chrome this morning has also told me the SSL certificate is not valid.

We may have to wait for the working day in Australia to start before it will be fixed.
 

Offline PA0PBZ

  • Super Contributor
  • ***
  • Posts: 5222
  • Country: nl
Re: Server Error Reports
« Reply #303 on: August 27, 2020, 06:07:45 pm »
There are 2 servers with a load balancer, one has an expired certificate and the other is still valid till the end of October. Which server you get depends on the dice in the load balancer.
Keyboard error: Press F1 to continue.
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #304 on: August 28, 2020, 02:11:22 am »
There are 2 servers with a load balancer, one has an expired certificate and the other is still valid till the end of October. Which server you get depends on the dice in the load balancer.

You are correct, one of the server had faulted and was not renewing it's certificate. This has been corrected.
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 29482
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Server Error Reports
« Reply #305 on: August 28, 2020, 02:17:18 am »
one of the server had faulted and was not renewing it's certificate. This has been corrected.
Yet Chrome is still displaying a Not Secure flag.  :-//
Same result with a manual refresh or F5 refresh.
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 

Online xrunner

  • Super Contributor
  • ***
  • Posts: 7720
  • Country: us
  • hp>Agilent>Keysight>???
Re: Server Error Reports
« Reply #306 on: August 28, 2020, 02:22:33 am »
All good here now!  :-+
I told my friends I could teach them to be funny, but they all just laughed at me.
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #307 on: August 28, 2020, 02:24:08 am »
one of the server had faulted and was not renewing it's certificate. This has been corrected.
Yet Chrome is still displaying a Not Secure flag.  :-//
Same result with a manual refresh or F5 refresh.

Your end sorry mate, I just double-checked that both servers are using valid certificates now.

Edit: Note, not-secure is different to an invalid certificate. You may be trying to access resources over `http`, make sure you're hitting the site over `https` and nobody has embedded any non https content on the page you're on.
« Last Edit: August 28, 2020, 02:27:31 am by gnif »
 
The following users thanked this post: tautech

Online tautech

  • Super Contributor
  • ***
  • Posts: 29482
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Server Error Reports
« Reply #308 on: August 28, 2020, 02:43:44 am »
one of the server had faulted and was not renewing it's certificate. This has been corrected.
Yet Chrome is still displaying a Not Secure flag.  :-//
Same result with a manual refresh or F5 refresh.

Your end sorry mate, I just double-checked that both servers are using valid certificates now.

Edit: Note, not-secure is different to an invalid certificate. You may be trying to access resources over `http`, make sure you're hitting the site over `https` and nobody has embedded any non https content on the page you're on.
Yep all good, thanks. Definitely faster browsing and loading pages now.  :-+
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 

Offline IanB

  • Super Contributor
  • ***
  • Posts: 12402
  • Country: us
Re: Server Error Reports
« Reply #309 on: August 28, 2020, 02:49:54 am »
Your end sorry mate, I just double-checked that both servers are using valid certificates now.

Edit: Note, not-secure is different to an invalid certificate. You may be trying to access resources over `http`, make sure you're hitting the site over `https` and nobody has embedded any non https content on the page you're on.

With Chrome, if you insist on a "not secure" connection after an invalid certificate message, Chrome will remember that setting for several hours before trying again. You have to force Chrome back to an https connection manually if you don't want to wait. The best way to do that seems to be to close the current tab and then open a new one.
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 29482
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Server Error Reports
« Reply #310 on: August 28, 2020, 02:53:30 am »
The best way to do that seems to be to close the current tab and then open a new one.
Close an EEVblog tab  :o ......Never !   :-DD
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 
The following users thanked this post: mnementh

Online Monkeh

  • Super Contributor
  • ***
  • Posts: 8068
  • Country: gb
Re: Server Error Reports
« Reply #311 on: September 01, 2020, 03:41:55 am »
Absolutely beseiged by 502s today, is one or more of the servers suffering from a stroke, or just a lack of timely whipping?
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #312 on: September 01, 2020, 03:45:14 am »
Investigating, I was alerted to this about an hour ago, seems something is causing high I/O load.
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 29482
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Server Error Reports
« Reply #313 on: September 01, 2020, 03:49:53 am »
Investigating, I was alerted to this about an hour ago, seems something is causing high I/O load.
P76 of this thread:
https://www.eevblog.com/forum/testgear/siglent-sds2000x-plus-coming/
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #314 on: September 01, 2020, 03:50:58 am »
Yup, it's that thread... thanks for that, looking for the dud file.
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 29482
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Server Error Reports
« Reply #315 on: September 01, 2020, 03:53:19 am »
Yup, it's that thread... thanks for that, looking for the dud file.
Was working fine late PM yesterday NZ time and I think another file was added overnight to an existing post that caused the issues.
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #316 on: September 01, 2020, 04:01:45 am »
Yup,

Issue fixed, another windows bitmap uploaded with a png extension. SMF goes nuts trying to load it and just hangs consuming tons of RAM.
 
The following users thanked this post: tautech

Online Monkeh

  • Super Contributor
  • ***
  • Posts: 8068
  • Country: gb
Re: Server Error Reports
« Reply #317 on: September 01, 2020, 04:05:27 am »
Who's posting nonsense like that?
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #318 on: September 01, 2020, 04:09:11 am »
I replied to them in the thread
 

Online Monkeh

  • Super Contributor
  • ***
  • Posts: 8068
  • Country: gb
Re: Server Error Reports
« Reply #319 on: September 01, 2020, 04:12:26 am »
Thanks for the fix. Good old SMF, chainsaws round the edges.
 

Offline Whales

  • Super Contributor
  • ***
  • Posts: 2052
  • Country: au
    • Halestrom
Re: Server Error Reports
« Reply #320 on: September 01, 2020, 04:13:43 am »
Gnif: that's a notable denial of service vuln.  Unhappy or banned users could come back and wreck all sorts of havoc. 

Is the problem in core SMF or an addon?  https://github.com/SimpleMachines/SMF2.1/issues

Offline IanB

  • Super Contributor
  • ***
  • Posts: 12402
  • Country: us
Re: Server Error Reports
« Reply #321 on: September 01, 2020, 05:59:16 am »
Issue fixed, another windows bitmap uploaded with a png extension. SMF goes nuts trying to load it and just hangs consuming tons of RAM.

Ouch. Programs like SMF should not blindly trust file extensions, they should look inside the file to determine (or verify) the actual type of content.
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #322 on: September 01, 2020, 06:00:04 am »
Oh it certainly is, but it's not something that can be fixed easily.

SMF is dumb and just allows you to upload any file, and when it's an image attempts to create a thumbnail at render time (not at upload time), not only does this mean that multiple concurrent page loads will try to generate the thumbnail at once, if there are multiple images on the page, it will do them all at once (which can be slow) and cause a timeout, preventing the database from being updated with the information about the thumbnails.

The core workflow is very broken and fixing it will require overhauling how things work here. Such a "fix" would make SMF incompatible for future updates/upgrades.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 7242
  • Country: pl
Re: Server Error Reports
« Reply #323 on: September 01, 2020, 06:04:44 am »
At least the previewer should be fixed not to choke on malformed PNGs.
Is it exploitable for RCE too? ::)
 

Offline gnifTopic starter

  • Administrator
  • *****
  • Posts: 1707
  • Country: au
  • Views and opinions are my own
    • AMD
Re: Server Error Reports
« Reply #324 on: September 01, 2020, 06:11:24 am »
I did add some idiot checks for this some time back but upgrades to SMF and/or modules have undone it. I will schedule some time to investigate and re-instate what I can.

I am not sure if it's a RCE issue, IIRC it's the thumbnail preview feature which I think is an "addon" (if you can call SMF addons 'addons', more like diffs/patches)
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf