Hi,
>since there was a recent naming transition xrootd4->xrootd I thought it was a good idea to recompile libxrdhttpvoms and refurbish the setup of littlexrdhttp, as t was old-ish (Sept)
Thanks! I've updated to all the new rpms, everything seems to be working as expected with the cephy bits.
> please post the startup phase of the server (with the -d switch).
I've attached the full log, it looks okay to me (again, I have nothing to compare this too):
Plugin loaded unversioned XrdHttpGetSecXtractor from secxtractorlib /usr/lib64/libXrdHttpVOMS-4.so
=====> http.secxtractor /usr/lib64/libXrdHttpVOMS-4.so
Connecting with a VOMS proxy now leads to something different happening, but it's still not extracting VOMS goodness:
---------------
141201 10:48:49 10716 XrdInet: Accepted connection from [log in to unmask]
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: received dlen: 16
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: received dump: 22 03 01 01 34 01 00 01 30 03 03 84 124 71 -111 00
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: This does not look like http at pos 0
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: This may look like https
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: Protocol matched. https: 1
141201 10:48:49 10716 sysXrdHttp: Reset
141201 10:48:49 10716 sysXrdHttp: XrdHttpReq request ended.
141201 10:48:49 10716 XrdProtocol: matched protocol XrdHttp
141201 10:48:49 10716 ?:7@gdss541 XrdPoll: FD 7 attached to poller 0; num=1
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: Process. lp:0x7fedb8002258 reqstate: 0
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: Setting host: [::ffff:130.246.179.6]
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: Entering SSL_accept...
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: SSL_accept returned :1
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: Extracting auth info.
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: SSL_get_peer_certificate returned :0x7fedb8014000
141201 10:48:49 10716 ?:7@gdss541 sysXrdHttp: Setting link name: /C=UK/O=eScience/OU=CLRC/L=RAL/CN=tom byrne/CN=proxy
140659745793792:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: CERTIFICATE
140659745793792:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: CERTIFICATE
141201 10:48:49 10716 /C=UK/O=eScience/OU=CLR@gdss541 sysXrdHttp: SSL_get_verify_result returned :0
---------------
With the relevant bit of the server response:
<span id="requestby">Request by /C=UK/O=eScience/OU=CLRC/L=RAL/CN=tom byrne/CN=proxy ( DN: /C=UK/O=eScience/OU=CLRC/L=RAL/CN=tom byrne/CN=proxy ) ( [::ffff:130.246.179.6] )</span>
---------------
I'm beginning to suspect maybe I've messed something up with my certificate setup, I've double checked that I can do the identical davix-get on your littlexrdhttp setup with the VOMS bit working.
From tomorrow I'm going to be in CERN for the ATLAS Computing Jamboree, so I may be even slower to respond, sorry!
Cheers
Tom
--
Scanned by iCritical.
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-L list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1
|