gLite > gLite 3.1 > glite-VOMS_oracle > Update to glite-VOMS_oracle 3.1.9-0  
 
 

 

 

gLite 3.1

glite-VOMS_oracle - Update to version 3.1.9-0


Date 13.05.08
Priority Normal

Description

glite-security-voms (VOMS Core)

The new version of the gLite VOMS Core (1.8.3) contains several new features and bug fixes.

Examples of the bugs fixed:
  • bug #31476: voms stops adding entries in log file (really, this time) (tracked)
  • bug #33259: VOMS-CORE: misleading error message displayed by voms-proxy-init
  • bug #33212: VOMS-CORE: missing user-level attribute value in the proxy
  • bug #27431: [VOMS] 64 bit compatibility issue: comparison is always true due to limited range of data type
  • bug #26832: VOMS incorrectly checks ownership of vomses file
  • bug #22437: Problems with voms validation at tomcat startup
  • bug #31476: voms stops adding entries in log file (tracked)
  • bug #32689: Problem validating Short lived certificates with the new org.glite.voms package
  • bug #32262: [voms-1.7.22] Regular crashes! (this turned out to be a duplicate of bug #31476)
  • bug #33886: VOMS 1.8.returns roles in the AC even if roles are not requested
Furthermore, the following changes are present:
  • Integrated patch from Apple for MacOSX compilation. From this version, VOMS supports MacOSX as a compilation platform. Patch from Patrick Carlisle.
  • Integrated patch from compilation with OpenSSL 0.9.8. Patch from Eamon Kenny & others.
  • Implemented the first step of the globus independence plan, as detailed at EGEE 07. Now the server is capable of accepting pure SSL requests as well as GSI requests.
  • Implemented logging following requirements of the security logging document. --syslog option is required to activate it.
  • The server component now requires versions 3.0.0 of either voms-mysql or voms-oracle, and will refuse to start otherwise.
  • There has never been a version 2 of voms-mysql, the version number jumped directly to 3 to harmonize with voms-oracle.
  • Now, if it recognizes that the client will be capable to handle it, the OpenSSL version of the base64 encoding is used rather then the homegrown one. voms-proxy-init 1.8.0 and above will be able to recognize it.
  • Some backwards compatible changes to the client-server protocol have been made.
  • removed segfault in oracle interface following problems in communication with the DB.
  • fixed the performance problem found by dimitar in voms-oracle.
Configuration changes: No configuration changes are required. Adding --syslog to the server configuration is recommended.

Developer changes:
  • New API added for the C and C++ APIs. VOMS_RetrieveFromFile() and VOMS_Retrieve(FILE*, recurse_type), respectively.
  • In the Java APIs, the package name has been changed to org.glite.voms as agreed, to remove conflict with old versions. This will imply though that developers interested in using the Java API will have to change the package name in their import statements.
As usual, except where noted, everything is backwards-compatible with previous version, both on the protocol level (i.e. client and server versions may be freely mixed) and ABI level (API libraries can be upgraded with newer versions without needing recompilation of the linking parties).
Other Updates

The new version of the glite-security-trustmanager package fixes the problem of log4j and BouncyCastle jars not being installed in the tomcat server/lib directory.



Please also have a look at the list of known issues.

This update fixes various bugs. For the full list of bugs, please see list below.

Fixed bugs

Number Description
 #10729 VOMS API should return clean FQAN
 #15023 VOMS: bad oracle performance caused by storing AC SN in database
 #22437 Problems with voms validation at tomcat startup
 #23291 [ VOMS ] voms-proxy-info fails to analyse voms-proxy-fake proxy
 #26804 [VOMS 1.7.16-2] voms-proxy-init fails on some x86 platforms
 #26832 VOMS incorrectly checks ownership of vomses file
 #27431 [VOMS] 64 bit compatibility issue: comparison is always true due to limited range of data type
 #27496 A new voms's API is needed
 #28753 [VOMS 1.7.20-1] strange time offset on Mac OS X 10.4
 #31191 VOMS build errors on SL5
 #31476 voms stops adding entries in log file
 #31800 voms-proxy-info returns 1 in v1.8.0
 #32147 Include voms-ping and voms-admin-ping in the packaging
 #32310 VOMS: Segfault while processing signing_policy file
 #32353 VOMS Server error when trying to create a proxy
 #32661 Little bug on /opt/glite/etc/glite-security-trustmanager/configure.sh
 #32689 Problem validating Short lived certificates with the new org.glite.voms package
 #32694 VOMS on MySQL loses FQANs
 #33212 VOMS-CORE: missing user-level attribute value in the proxy
 #33259 VOMS-CORE: misleading error message displayed by voms-proxy-init
 #33886 VOMS 1.8.returns roles in the AC even if roles are not requested
 #33933 voms-mysql 3.0.2 returns uncorrect context for generic attributes

Updated rpms

Name Version Full RPM name Description
glite-VOMS_oracle 3.1.9-0 glite-VOMS_oracle-3.1.9-0.i386.rpm gLite metapackage (glite-VOMS_oracle)
glite-security-trustmanager 1.8.16-1 glite-security-trustmanager-1.8.16-1.noarch.rpm org.glite.security.trustmanager v. 1.8.16-2
glite-security-voms-api-cpp 1.8.3-3.slc4 glite-security-voms-api-cpp-1.8.3-3.slc4.i386.rpm org.glite.security.voms-api-cpp v. 1.8.3.3
glite-security-voms-clients 1.8.3-3.slc4 glite-security-voms-clients-1.8.3-3.slc4.i386.rpm org.glite.security.voms-clients v. 1.8.3_3
glite-security-voms-config 1.8.3-3.slc4 glite-security-voms-config-1.8.3-3.slc4.i386.rpm org.glite.security.voms-config v. 1.8.3.3
glite-security-voms-oracle 3.1.1-1.slc4 glite-security-voms-oracle-3.1.1-1.slc4.i386.rpm org.glite.security.voms-oracle v. 3.1.1.1
glite-security-voms-server 1.8.3-4.slc4 glite-security-voms-server-1.8.3-4.slc4.i386.rpm org.glite.security.voms-server v. 1.8.3.4

The RPMs can be updated using yum via

Service reconfiguration after update

Not needed.

Service restart after update

Not needed.

How to apply the fix

  1. Update the RPMs (see above)
  2. Update configuration (see above)
  3. Restart the service if necessary (see above)