From ebc5afab977b496f7372b89b51631ade94fc7be8 Mon Sep 17 00:00:00 2001 From: Andrew McNab Date: Wed, 1 Jul 2009 15:33:41 +0000 Subject: [PATCH] Tidy up --- org.gridsite.core/CHANGES | 2 ++ org.gridsite.core/src/grst_x509.c | 19 +++++-------------- org.gridsite.core/src/mod_gridsite.c | 2 ++ 3 files changed, 9 insertions(+), 14 deletions(-) diff --git a/org.gridsite.core/CHANGES b/org.gridsite.core/CHANGES index d26daec..e30d0ad 100644 --- a/org.gridsite.core/CHANGES +++ b/org.gridsite.core/CHANGES @@ -1,3 +1,5 @@ +* Wed Jul 01 2009 Andrew McNab +- Tidy up debugging messages * Tue Jun 30 2009 Andrew McNab - ==== GridSite version 1.7.2 ==== * Tue Jun 30 2009 Andrew McNab diff --git a/org.gridsite.core/src/grst_x509.c b/org.gridsite.core/src/grst_x509.c index 6af1130..cd5f725 100644 --- a/org.gridsite.core/src/grst_x509.c +++ b/org.gridsite.core/src/grst_x509.c @@ -322,7 +322,7 @@ static int GRSTx509VerifyVomsSig(time_t *time1_time, time_t *time2_time, taglist[isig].length - 1, cert) == GRST_RET_OK) { - GRSTerrorLog(GRST_LOG_DEBUG, " VOMS cert signature match"); + GRSTerrorLog(GRST_LOG_DEBUG, "Matched VOMS cert file %s", vomsdirent2->d_name); X509_free(cert); closedir(vomsDIR2); closedir(vomsDIR); @@ -353,6 +353,7 @@ static int GRSTx509VerifyVomsSig(time_t *time1_time, time_t *time2_time, taglist[isig].length - 1, cert) == GRST_RET_OK) { + GRSTerrorLog(GRST_LOG_DEBUG, "Matched VOMS cert file %s", vomsdirent->d_name); X509_free(cert); closedir(vomsDIR); return GRST_RET_OK ; /* verified */ @@ -403,14 +404,6 @@ static int GRSTx509VerifyVomsSigCert(time_t *time1_time, time_t *time2_time, q = &asn1string[taglist[ivomscert].start + 12]; -{ -int i; -for (i=0; i < taglist[ivomscert].length - 8; ++i) - fprintf(stderr, "%4d %.03d %.02x %c\n", i, q[i], q[i], (q[i] > ' ') ? q[i] : '.'); - -fprintf(stderr, "voname=%s\n", voname); -} - vomscert = d2i_X509(NULL, (const unsigned char **) &q, taglist[ivomscert].length - 8); @@ -513,7 +506,8 @@ fprintf(stderr, "voname=%s\n", voname); asprintf(&lscpath, "%s/%s", vodir, vodirent->d_name); stat(lscpath, &statbuf); - GRSTerrorLog(GRST_LOG_DEBUG, "Examine LSC file %s", lscpath); + GRSTerrorLog(GRST_LOG_DEBUG, "Check LSC file %s for %s,%s", + lscpath, acvomsdn, vomscert_cadn); if ((fp = fopen(lscpath, "r")) != NULL) { @@ -523,9 +517,6 @@ fprintf(stderr, "voname=%s\n", voname); if ((fgets(lsc_vomsdn, vomsdn_len + 2, fp) != NULL) && (fgets(lsc_cadn, cadn_len + 2, fp) != NULL)) { - -fprintf(stderr, "accadn=%s lsc_cadn=%s acvomsdn=%s lsc_vomsdn=%s\n", -vomscert_cadn, lsc_cadn, acvomsdn, lsc_vomsdn); if ((p = index(lsc_cadn, '\n')) != NULL) *p = '\0'; if ((p = index(lsc_vomsdn, '\n')) != NULL) *p = '\0'; @@ -552,7 +543,7 @@ vomscert_cadn, lsc_cadn, acvomsdn, lsc_vomsdn); if (!lsc_found) chain_errors |= GRST_CERT_BAD_SIG; - return chain_errors; + return chain_errors ? GRST_RET_FAILED : GRST_RET_OK; } /// Get the VOMS attributes in the given extension diff --git a/org.gridsite.core/src/mod_gridsite.c b/org.gridsite.core/src/mod_gridsite.c index 6379bb9..cec8e56 100644 --- a/org.gridsite.core/src/mod_gridsite.c +++ b/org.gridsite.core/src/mod_gridsite.c @@ -2442,6 +2442,8 @@ void GRST_save_ssl_creds(conn_rec *conn, GRSTx509Chain *grst_chain) for (grst_cert = grst_chain->firstcert; grst_cert != NULL; grst_cert = grst_cert->next) { + if (grst_cert->errors) continue; + if (grst_cert->type == GRST_CERT_TYPE_VOMS) { /* want to record the delegation level -- 1.8.2.3