On Tue, Aug 22, 2006 at 11:08:38AM +0100, Ross, D (Derek) wrote:
> Nope, I've seen successful transfers from that user from my (1.6.6-1) dCache :
>
> billing-2006.07.21:07.21 10:12:39 [door:GFTP-gftp0440-Unknown-878@gridftp-gftp0440Domain:request] ["/C=IT/O=INFN/OU=Personal Certificate/L=Bari/CN=Nicola De [log in to unmask]":
> 36200:24266:lcg0502.gridpp.rl.ac.uk] [000300000000000000865F18,0] <unknown> 1153473159992 0 {0:""}
Ah, newer grid-mapfile2dcache-kpwd does the following to the dcache.kpwd
# workaround for a bug in gsidcap (Lionel Schwarz)
if ($dn =~ s/\@[-\w\.]+//) {
push( @{$map{$ac}} , $dn );
}
mapping "/C=IT/O=INFN/OU=Personal Certificate/L=Bari/CN=Nicola De Filippis/E=Nicola.defilippis" cms001
mapping "/C=IT/O=INFN/OU=Personal Certificate/L=Bari/CN=Nicola De [log in to unmask]" cms001
mapping "/C=IT/O=INFN/OU=Personal Certificate/L=Bari/CN=Nicola De [log in to unmask]" cms001
mapping "/C=IT/O=INFN/OU=Personal Certificate/L=Bari/CN=Nicola De [log in to unmask]" cms001
I suspect that nobody reported this as a bug to dcache and they just dropped a hack
in grid-mapfile2dcache-kpwd :( So now we allow in DN's that don't even exist.
Kostas
PS> Time to port my change to the newer grid-mapfile2dcache-kpwd I guess.
|