[Mono-list] TLS and permissions?
Mark Farver
mfarver at mindbent.org
Wed Sep 1 11:44:06 EDT 2010
So I have an application that works correctly when run by root, but
fails when run by a normal user:
System.Net.WebException: Error getting response stream (Write: The
authentication or decryption has failed.): SendFailure --->
System.IO.IOException: The authentication or decryption has failed.
---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate
received from server. Error code: 0xffffffff800b010a
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates
(Mono.Security.X509.X509CertificateCollection certificates) [0x00000]
in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1
() [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process ()
[0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check)
Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage
(Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename
unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
(IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
(IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetRequestStream (IAsyncResult
asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetRequestStream () [0x00000] in
<filename unknown>:0
at Amazon.SimpleDB.AmazonSimpleDBClient.Invoke[DomainMetadataResponse]
(IDictionary`2 parameters) [0x00000] in <filename unknown>:0
I applied the patch listed here which is what made it work for root,
(previously root got Error Code 0xffffffff80092012)
https://bugzilla.novell.com/show_bug.cgi?id=634433
Any ideas why certificate checking would behave differently for
root/normal user?
Thanks
Mark Farver
More information about the Mono-list
mailing list