Follow-up Comment #10, bug #98039 (project xrootd):
Hi Andy,
No ... it's not my environment as things work with older versions :) The
commit I mentioned earlier is where things start go wrong. I'm not saying the
commit itself is wrong ... there might be other issues with CA packages on my
machines (my laptop, desktops of both Alja and me, all Fedora 16, I use
nordugrid certs as they have F16 yum repo) and the server (xrootd-3.2,
Centos5, certs from osg) -- but I'd guess server and client should know how
to decide among themselves which version of hash is to be used.
Remember, there is a change in hashing algorithm in ssl-1 ... so I suspect
things go wrong here. If you look at the diff of the above commit, this is
exactly what was being changed, using the "old" or the "new" hash in
XrdCryptosslX509Req.cc
AFAICT this change has NOT been merged into 3.2 branch so it isn't strange
that nobody complained :)
Matevz
_______________________________________________________
Reply to this item at:
<http://savannah.cern.ch/bugs/?98039>
_______________________________________________
Message sent via/by LCG Savannah
http://savannah.cern.ch/
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
|