[xmlsec] debian problem - works on sarge, fails on etch

Wed, 10 Oct 2007 04:47:22 -0700 

Hi,

The xmlsec1 program supplied on sarge successfully verifies a signed
document, but the same program on etch fails with an error.

Does anyone know what the problem might be ?

regards
Martin
------------------------------------------------------------------------------------------
Sarge Details:
xmlsec1                           1.2.6-1

$ xmlsec1 --verify  --trusted-pem src/test/root.cert ll
OK
SignedInfo References (ok/all): 1/1
Manifests References (ok/all): 0/0

$ strace -e trace=open xmlsec1 --verify  --trusted-pem
src/test/root.cert ll 2>&1 | grep open
open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or
directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/usr/lib/libxmlsec1-openssl.so.1", O_RDONLY) = 3
open("/usr/lib/libxmlsec1.so.1", O_RDONLY) = 3
open("/usr/lib/i686/cmov/libssl.so.0.9.7", O_RDONLY) = 3
open("/usr/lib/i686/cmov/libcrypto.so.0.9.7", O_RDONLY) = 3
open("/lib/libdl.so.2", O_RDONLY)       = 3
open("/usr/lib/libxslt.so.1", O_RDONLY) = 3
open("/usr/lib/libxml2.so.2", O_RDONLY) = 3
open("/lib/libpthread.so.0", O_RDONLY)  = 3
open("/usr/lib/libz.so.1", O_RDONLY)    = 3
open("/lib/libm.so.6", O_RDONLY)        = 3
open("/lib/libc.so.6", O_RDONLY)        = 3
open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 3
open("/usr/lib/ssl/cert.pem", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("src/test/root.cert", O_RDONLY)    = 3
open("ll", O_RDONLY)                    = 3
open("/etc/localtime", O_RDONLY)        = 3

------------------------------------------------------------------------------------------
Etch details:
xmlsec1                                  1.2.9-5

$ xmlsec1 --verify  --trusted-pem src/test/root.cert ll
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=360:obj=x509-store:subj=X509_verify_cert:error=4:crypto
 library function failed:subj=/C=UK/ST=Scotland/L=Edinburgh/O=DataCash 
Ltd/OU=Technology/CN=DataCash Payments CA/[EMAIL PROTECTED];err=24;msg=invalid 
CA certificate
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=408:obj=x509-store:subj=unknown:error=71:certificate
 verification failed:err=24;msg=invalid CA certificate
func=xmlSecKeysMngrGetKey:file=keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
 library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
 is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcesKeyInfoNode:error=1:xmlsec
 library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
 library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 1/1
Manifests References (ok/all): 0/0
Error: failed to verify file "ll"

$ strace -e trace=open xmlsec1 --verify  --trusted-pem
src/test/root.cert ll 2>&1 | grep open
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/usr/lib/libxmlsec1-openssl.so.1", O_RDONLY) = 3
open("/usr/lib/libxmlsec1.so.1", O_RDONLY) = 3
open("/usr/lib/i686/cmov/libssl.so.0.9.8", O_RDONLY) = 3
open("/usr/lib/i686/cmov/libcrypto.so.0.9.8", O_RDONLY) = 3
open("/usr/lib/libxslt.so.1", O_RDONLY) = 3
open("/lib/tls/i686/cmov/libdl.so.2", O_RDONLY) = 3
open("/usr/lib/libz.so.1", O_RDONLY)    = 3
open("/lib/tls/i686/cmov/libm.so.6", O_RDONLY) = 3
open("/usr/lib/libxml2.so.2", O_RDONLY) = 3
open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) = 3
open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 3
open("/usr/lib/ssl/cert.pem", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such
file or directory)
open("src/test/root.cert", O_RDONLY|O_LARGEFILE) = 3
open("ll", O_RDONLY)                    = 3


-- 
Martin Waite
System Architect
*DataCash*

Tel (Direct): +44 (0)131 538 8431
Mobile: +44 (0)7866 750509

DataCash Ltd, Suite 3/1 Great Michael House,
14 Links Place, Edinburgh, EH6 7EZ, United Kingdom.

Tel: +44 (0)870 7274 762
Fax: +44 (0)870 7274 782

www.datacash.com <http://www.datacash.com/>

DISCLAIMER: This email and any files transmitted with it are
confidential to DataCash Group plc and its group companies. It is
intended only for the person to whom it is addressed. If you have
received this email in error, please forward it to [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> with the subject line "Received in Error". If
you are not the intended recipient you must not use, disclose, copy,
print, distribute or rely on this email or any of its transmitted files.
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to