Tags:
, view all tags

Check Bugs:

  • BUG #12578: "Error message mentions certificate when it means proxy" FIXED
    • Tested with an expired proxy certificate and the following was returned:
      Error: Error during SSL handshake:Either proxy or user certificate are expired.
       
      None of the contacted servers for sa3test were capable
      of returning a valid AC for the user.
  • BUG #18371: "voms-proxy-init giving unclear message: GGUS-Ticket-ID: #10466"FIXED
    • tested by issuing a voms-proxy-init with no file under $HOME/.glite/vomses and the message cannot find file is returned only if the '--debug' option is enabled
  • BUG #19217: "voms-proxy-init fails to report bad permissions: GGUS-ID 8871" FIXED
  • BUG #33326: "VOMS: voms-proxy-fake multi-VO support" FIXED
    • tested with the following file:
       cat vo_fake_test
      [sa3test]
      -vomslife = 10
      -hostcert = hostcert.pem
      -hostkey = hostkey.pem
      [vomstest]
      -vomslife = 7
      -hostcert = hostcert.pem
      -hostkey = hostkey.pem
    • it correctly generates the proxy:
      voms-proxy-info -all
      subject   : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it/CN=proxy
      issuer    : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      identity  : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      type      : proxy
      strength  : 1024 bits
      path      : /tmp/x509up_u0
      timeleft  : 11:59:54
      === VO sa3test extension information ===
      VO        : sa3test
      subject   : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      issuer    : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      timeleft  : 9:59:54
      uri       :
      === VO vomstest extension information ===
      VO        : vomstest
      subject   : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      issuer    : /C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-10.cnaf.infn.it
      timeleft  : 6:59:54
      uri       :
  • BUG #34705: "Clarify the user of option --hours in the documentation Softwareversion: glite 3.1, voms-proxy-init 1.7.22" FIXED
  • BUG #35346: "voms-proxy-init hangs on receiving data from VOMS server" HOPEFULLY FIXED
  • BUG #35535: "voms-proxy-init 1.8.3 gives confusing warning" FIXED
  • BUG #39642: "Man page for voms-proxy-init contains EDG bugzilla." FIXED
    • Checked with 'man voms-proxy-init | grep -i edg'
  • BUG #42919: "Cannot find file or dir: /afs/cern.ch/user/a/anduaga/.glite/vomses" HOPEFULLY FIXED
  • BUG #43942: "voms-proxy-info error for non standard location of CA files" FIXED
    • tested by doing the following:
      • create a proxy by using 'voms-proxy-init'
      • move the '/etc/grid-security/certificates' dir under $HOME/
      • do not define the env variable X509_CERT_DIR
      • try a 'voms-proxy-info', it should return the following
         voms-proxy-info -all
        unable to access trusted certificates in:x509_cert_dir=/etc/grid-security/certificates
        Function: proxy_init_cred

  • BUG #45146: "voms options (-quiet, -bits, -valid) and man page don't match." FIXED
    • Except for the '-quiet' option that is still there (see comment in the bug), the other options work, see the following:
 voms-proxy-info -exists -valid 23:00 ;echo $?
1
voms-proxy-info -exists -valid 1:00 ;echo $?
0
 voms-proxy-info -exists -bits 32 ;echo $?
0
voms-proxy-info -exists -bits 1050 ;echo $?
  • BUG #45318: "gLite CE submission with RFC proxy chain failed" FIXED
    • tested by doing the following:
      • create a rfc proxy as in:
         voms-proxy-init -rfc -vomses .glite/vomses/sa3test-cert-10.cnaf.infn.it --voms sa3test
      • try a globus job run on a classic CE as in:
        globus-job-run t2-ce-01.mi.infn.it /bin/date
        Tue Nov 17 15:52:38 CET 2009
  • BUG #46132: "[VOMS] bad warnings and errors from voms-proxy-init" FIXED
    • tested using VO 'sa3test' by doing the following:
      • remove voms certificate from the '/etc/grid-security/vomsdir/' and remove the .lsc file from /etc/grid-security/vomsdir/sa3test/
      • issue a 'voms-proxy-init -voms sa3test', the following is returned:
        Error: verify failed.
        Cannot verify AC signature!
      • issue a 'voms-proxy-info' it should return anything <> 0, such as for ex.
        echo $? 127

  • BUG #46382: "There is a vulnerability issue concerning VOMS" FIXED
    • tested by:
       openssl x509 -text -noout -in /tmp/x509up_u0 | grep "Signature Algorithm"
              Signature Algorithm: sha1WithRSAEncryption
          Signature Algorithm: sha1WithRSAEncryption
  • BUG #49614: "[voms-proxy-info] Voms proxy info -acexists flag broken?" FIXED
    • tested by doing the following:
      • create a proxy for the VO 'sa3test
      • check the following:
        voms-proxy-info -acexists sa3test; echo $?;
        0
        voms-proxy-info -acexists dummy; echo $?;
        1
  • BUG #52394: "VOMS 1.9.x clients fail to compile when configured with --with-globus-flavor option" HOPEFULLY FIXED
  • BUG #52661: "Proxy generated by voms-proxy-init share the same serial number" FIXED
    • create two proxies for the same user
    • compare the serial numbers using the option '-serial' to the 'voms-proxy-info' command, such as:
      voms-proxy-info -serial
      03D95CC3B5504696A1EB8EFF5995B334
  • BUG #53450: "voms-proxy-init 1.8.8 fails silently on bad vomses file" FIXED

New Bugs:

  • BUG #53527: "org.glite.security.voms using wrong libdir setting after ETICS ${libdir} fix" FIXED
  • BUG #56687: "VOMS Java API: org.glite.voms.PKIStore doesn't referesh after fetch-crl update" FIXED in the source CODE
  • BUG #57473: "Email and emailAddress in LSC files not equivalent" FIXED
  • BUG #58515: "The VOMS Java APIs fail when email is present in the server certificate" FIXED
  • BUG #60394: "VOMS: memory leak in fs.c:fileoutputter()"
  • BUG #60908: "VOMS Java API: VOMSTrustManager.getAcceptedIssuers() is completely wrong!" FIXED in the source code
  • BUG #60912: "VOMS Java API: not possible to create a VOMSTrustManager without the /etc/grid-security/certificates directory" FIXED in the source CODE
  • BUG #63714: "Add support for Issuing Distribution Point CRL extension to the Java APIs" FIXED see GGUS ticket
  • BUG #63928: "_VOMS Java API: VOMSKeyManager_ constructor fails"FIXED in the source CODE

-- ElisabettaMolinari - 21 Oct 2009

Edit | Attach | PDF | History: r18 < r17 < r16 < r15 < r14 | Backlinks | Raw View | More topic actions...
Topic revision: r16 - 2010-03-17 - ElisabettaMolinari
 
  • Edit
  • Attach
This site is powered by the TWiki collaboration platformCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback