 |
 |
The current way we generate the X.509 one-line subject for gridmap inputs is broken: https://github.com/xrootd/xrootd/blob/master/src/XrdCrypto/XrdCryptosslAux.cc#L767 It takes the new-style defaults for DN generation (where RDNs are ", "-separated) and simply replaces ", " with "/" to generate the old-style. This fails to work for DNs that contain a ", ". For example, here's a DN in the gridmap: ``` /DC=org/DC=incommon/C=US/ST=California/L=La Jolla/O=University of California, San Diego/CN=stashcache.t2.ucsd.edu ``` (Notice the ", " in "University of California, San Diego") To actually use this DN in a gridmap, one must do: ``` /DC=org/DC=incommon/C=US/ST=California/L=La Jolla/O=University of California/San Diego/CN=stashcache.t2.ucsd.edu ``` I think we'll need to implement our own "real" DN generation by iterating through the `X509_NAME` structure instead of just string munging. -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1681 You are receiving this because you are subscribed to this thread. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1