Improve logging when libcurl is built without OpenSSL
Basics
Technical
Logistics
Basics
Technical
Logistics
Description
When invoking the shibd executable directly (instead of using the init script), on RHEL6 the wrong libcurl is linked. This leads, among other things, to a warning when trying to download metadata over https. One instance of this bug:
shibd -t 2012-09-21 12:17:11 ERROR XMLTooling.libcurl.InputStream : error while fetching https://metadata-server/metadata.xml: (59) Unknown cipher in list: ALL:!aNULL:!LOW:!EXPORT:!SSLv2 2012-09-21 12:17:11 ERROR XMLTooling.ParserPool : fatal error on line 0, column 0, message: internal error in NetAccessor 2012-09-21 12:17:11 ERROR OpenSAML.MetadataProvider.XML : error while loading resource (https://metadata-server/metadata.xml): XML error(s) during parsing, check log for specifics 2012-09-21 12:17:11 WARN OpenSAML.MetadataProvider.XML : adjusted reload interval to 600 seconds 2012-09-21 12:17:11 WARN OpenSAML.MetadataProvider.XML : trying backup file, exception loading remote resource: XML error(s) during parsing, check log for specifics overall configuration is loadable, check console for non-fatal problems
Yeah, you wanted to fix the message and some reminder... So this is the reminder (which refers to a minor bug, after all). Of course I understand that fixing the binary for that rare case might be overshoot.
Scott Cantor September 24, 2012 at 1:52 PM
Or are you referring to my suggestion that we fix the log message? That was all I was thinking of doing. Not really because of the command line per se, that threw me off.
Scott Cantor September 24, 2012 at 1:51 PM
Other than documenting it more extensively, I'm not sure what you're suggesting I do about it. I'm not going to create a shell script wrapper, if that's what you're suggesting. It's far too rare to run it from the command line to make that sensible.
When invoking the shibd executable directly (instead of using the init script), on RHEL6 the wrong libcurl is linked. This leads, among other things, to a warning when trying to download metadata over https.
One instance of this bug:
shibd -t
2012-09-21 12:17:11 ERROR XMLTooling.libcurl.InputStream : error while fetching https://metadata-server/metadata.xml: (59) Unknown cipher in list: ALL:!aNULL:!LOW:!EXPORT:!SSLv2
2012-09-21 12:17:11 ERROR XMLTooling.ParserPool : fatal error on line 0, column 0, message: internal error in NetAccessor
2012-09-21 12:17:11 ERROR OpenSAML.MetadataProvider.XML : error while loading resource (https://metadata-server/metadata.xml): XML error(s) during parsing, check log for specifics
2012-09-21 12:17:11 WARN OpenSAML.MetadataProvider.XML : adjusted reload interval to 600 seconds
2012-09-21 12:17:11 WARN OpenSAML.MetadataProvider.XML : trying backup file, exception loading remote resource: XML error(s) during parsing, check log for specifics
overall configuration is loadable, check console for non-fatal problems