https://issues.apache.org/bugzilla/show_bug.cgi?id=52630
Christoph Anton Mitterer <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | --- Comment #9 from Christoph Anton Mitterer <[email protected]> 2012-02-18 01:18:40 UTC --- Reopening as the issue is still there as described in previous posts. Analogous to #52631: First, please don't blindly close my bugs, just YOU cannot reproduce them immediately. If I'd abandon a bug report and wouldn't answer on it for a longer time (> weeks) than it's ok to do this without being impolite. The same here, I can offer you my config. Furhter, I'm not 100% sure this is a apache bug,... it's just the logical starting point in the search. I did an strace now as you suggested,... actually it seem to try opening the files but now the big suprise: open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/1149214e.r0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/dd4b34ea.r0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/7ecb2657.namespaces", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/30ffc224.r0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/DFN-GridGermany-Root.namespaces", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/DFN-GridGermany-Root.pem", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/1149214e.signing_policy", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/7ecb2657.signing_policy", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/30ffc224.0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/7ecb2657.0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/GermanGrid.signing_policy", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/DFN-GridGermany-Root.info", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/7ecb2657.r0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/GermanGrid.pem", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/1149214e.0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/GermanGrid.namespaces", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/dd4b34ea.namespaces", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/GermanGrid.info", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/30ffc224.signing_policy", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/GermanGrid.crl_url", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/dd4b34ea.signing_policy", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/dd4b34ea.0", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/30ffc224.namespaces", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/DFN-GridGermany-Root.crl_url", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/DFN-GridGermany-Root.signing_policy", O_RDONLY) = 19 open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/1149214e.namespaces", O_RDONLY) = 19 Picked out two CAs here, DFN-GridGermany-Root and GermanGrid, as well as their respective openssl hash filenames, in both, old and new hash format. Content _is_ acatully read, e.g.: open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/GermanGrid.pem", O_RDONLY) = 19 fstat(19, {st_mode=S_IFREG|0644, st_size=1631, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fec67cc9000 read(19, "-----BEGIN CERTIFICATE-----\nMIIE"..., 4096) = 1631 read(19, "", 4096) = 0 close(19) = 0 munmap(0x7fec67cc9000, 4096) = 0 or open("/etc/apache2/pki/virtual-hosts/lcg-lrz-monitoring.grid.lrz.de/client.acceptable-CA-DNs.crt.d/dfb080e4.r0", O_RDONLY) = 19 fstat(19, {st_mode=S_IFREG|0644, st_size=5325, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fec67cc9000 read(19, "-----BEGIN X509 CRL-----\nMIIPNTC"..., 4096) = 4096 read(19, "TE5MTRaMBMCAgb/Fw0wODA1\nMTYxNTE5"..., 4096) = 1229 read(19, "", 4096) = 0 read(19, "", 4096) = 0 close(19) = 0 What's weird is, that ALL FILEs are read... Not only the .0 and .r0 files (and their symlink targets) but also .info, .crl_url, .namespaces, etc.) Also it seems that files in both openssl hash formats are opened, old and new. For some files I compared the number of read bytes (from strace) with their size... it seems all are full read. I also did the same strace, when specifying the absolute path (/etc/grid-security/certificates/ ... Basically the same seems to happen there,... same files read,.. same sizes... just that the SSL handshake works. Any further ideas? -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
