[Bug 592442] Re: fopen fails on some SSL urls
Scott Beardsley
sc0ttbeardsley at gmail.com
Mon Jun 14 20:26:14 BST 2010
This is strange... on lucid it doesn't even attempt to check for the CA
file. Using the script you provided on a Karmic machine I get the
following:
now cas.ucdavis.edu...
open("/etc/host.conf", O_RDONLY) = 3
open("/etc/resolv.conf", O_RDONLY) = 3
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib/libnss_mdns4_minimal.so.2", O_RDONLY) = 3
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib/tls/i686/cmov/libnss_dns.so.2", O_RDONLY) = 3
open("/etc/resolv.conf", O_RDONLY) = 3
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 4
open("/etc/ssl/certs/594f1775.0", O_RDONLY|O_LARGEFILE) = 4
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ssl/certs/594f1775.0", O_RDONLY|O_LARGEFILE) = 4
try ssl to google...
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
open("/etc/gai.conf", O_RDONLY) = 3
open("/etc/ssl/certs/7651b327.0", O_RDONLY|O_LARGEFILE) = 4
open("/dev/urandom", O_RDONLY) = 0
open("/dev/urandom", O_RDONLY) = 0
open("/dev/urandom", O_RDONLY) = 0
I'm puzzled why Lucid doesn't check for the CA. As you can see from
above the server's cert is offered and verified on a Karmic machine. The
file referenced above (/etc/ssl/certs/594f1775.0) exists on both
machines and has the same sha1sum:
03de306e6bead81b0de390a2c47ba264139e4e69 /etc/ssl/certs/594f1775.0
Long shot, but, I did notice that the Issuer CN on the cas.ucdavis.edu
cert doesn't have a value. Is it required?
--
fopen fails on some SSL urls
https://bugs.launchpad.net/bugs/592442
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list