Tags:
, view all tags

Check Bugs:

  • BUG #12578: "Error message mentions certificate when it means proxy" FIXED
    • Tested with an expired proxy certificate and the following was returned:
      Error: Error during SSL handshake:Either proxy or user certificate are expired.
       
      None of the contacted servers for sa3test were capable
      of returning a valid AC for the user.
  • BUG #18371: "voms-proxy-init giving unclear message: GGUS-Ticket-ID: #10466"FIXED
    • tested by issuing a voms-proxy-init with no file under $HOME/.glite/vomses and the message cannot find file is returned only if the '--debug' option is enabled
  • BUG #19217: "voms-proxy-init fails to report bad permissions: GGUS-ID 8871"
  • BUG #33326: "VOMS: voms-proxy-fake multi-VO support" FIXED
    • tested with the following file:
       cat vo_fake_test
      [sa3test]
      -vomslife = 10
      -hostcert = hostcert.pem
      -hostkey = hostkey.pem
      [vomstest]
      -vomslife = 7
      -hostcert = hostcert.pem
      -hostkey = hostkey.pem
    • it correctly generates the proxy:
      voms-proxy-info -all
      subject   : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it/CN=proxy
      issuer    : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      identity  : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      type      : proxy
      strength  : 1024 bits
      path      : /tmp/x509up_u0
      timeleft  : 11:59:54
      === VO sa3test extension information ===
      VO        : sa3test
      subject   : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      issuer    : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      timeleft  : 9:59:54
      uri       :
      === VO vomstest extension information ===
      VO        : vomstest
      subject   : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      issuer    : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      timeleft  : 6:59:54
      uri       :
  • BUG #34705: "Clarify the user of option --hours in the documentation Softwareversion: glite 3.1, voms-proxy-init 1.7.22" FIXED
  • BUG #35346: "voms-proxy-init hangs on receiving data from VOMS server" HOPEFULLY FIXED
  • BUG #35535: "voms-proxy-init 1.8.3 gives confusing warning" FIXED
  • BUG #39642: "Man page for voms-proxy-init contains EDG bugzilla." FIXED
    • Checked with 'man voms-proxy-init | grep -i edg'
  • BUG #42919: "Cannot find file or dir: /afs/cern.ch/user/a/anduaga/.glite/vomses"
  • BUG #43942: "voms-proxy-info error for non standard location of CA files" FIXED
    • tested by doing the following:
      • create a proxy by using 'voms-proxy-init'
      • move the '/etc/grid-security/certificates' dir under $HOME/
      • do not define the env variable X509_CERT_DIR
      • try a 'voms-proxy-info', it should return the following
         voms-proxy-info -all
        unable to access trusted certificates in:x509_cert_dir=/etc/grid-security/certificates
        Function: proxy_init_cred

  • BUG #45146: "voms options (-quiet, -bits, -valid) and man page don't match." FIXED
    • Except for the '-quiet' option that is still there (see comment in the bug), the other options work, see the following:
 voms-proxy-info -exists -valid 23:00 ;echo $?
1
voms-proxy-info -exists -valid 1:00 ;echo $?
0
 voms-proxy-info -exists -bits 32 ;echo $?
0
voms-proxy-info -exists -bits 1050 ;echo $?
  • BUG #45318: "gLite CE submission with RFC proxy chain failed"
  • BUG #46132: "[VOMS] bad warnings and errors from voms-proxy-init" FIXED
    • tested using VO 'sa3test' by doing the following:
      • remove voms certificate from the '/etc/grid-security/vomsdir/' and remove the .lsc file from /etc/grid-security/vomsdir/sa3test/
      • issue a 'voms-proxy-init -voms sa3test', the following is returned:
        Error: verify failed.
        Cannot verify AC signature!
      • issue a 'voms-proxy-info' it should return anything <> 0, such as for ex.
        echo $? 127

  • BUG #46382: "There is a vulnerability issue concerning VOMS" FIXED
    • tested by:
       openssl x509 -text -noout -in /tmp/x509up_u0 | grep "Signature Algorithm"
              Signature Algorithm: sha1WithRSAEncryption
          Signature Algorithm: sha1WithRSAEncryption
  • BUG #49614: "[voms-proxy-info] Voms proxy info -acexists flag broken?" FIXED
    • tested by doing the following:
      • create a proxy for the VO 'sa3test
      • check the following:
        voms-proxy-info -acexists sa3test; echo $?;
        0
        voms-proxy-info -acexists dummy; echo $?;
        1
  • BUG #52394: "VOMS 1.9.x clients fail to compile when configured with --with-globus-flavor option" HOPEFULLY FIXED
  • BUG #52661: "Proxy generated by voms-proxy-init share the same serial number" FIXED
    • create two proxies for the same user
    • compare the serial numbers using the option '-serial' to the 'voms-proxy-info' command, such as:
      voms-proxy-info -serial
      03D95CC3B5504696A1EB8EFF5995B334
  • BUG #53450: "voms-proxy-init 1.8.8 fails silently on bad vomses file" FIXED

-- ElisabettaMolinari - 21 Oct 2009

Edit | Attach | PDF | History: r18 | r12 < r11 < r10 < r9 | Backlinks | Raw View | More topic actions...
Topic revision: r10 - 2009-11-16 - ElisabettaMolinari
 
  • Edit
  • Attach
This site is powered by the TWiki collaboration platformCopyright © 2008-2022 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback