The following reply was made to PR bin/171402; it has been noted by GNATS. From: Mark Johnston <mark...@gmail.com> To: bug-follo...@freebsd.org, ohart...@zedat.fu-berlin.de Cc: Subject: Re: bin/171402: fetch(1): Authentication error or Segmentation fault on HTTPS:// URLs Date: Fri, 7 Sep 2012 22:33:54 -0400
This is interesting. I was confused when this issue was reported on freebsd-current yesterday, as I couldn't reproduce it - fetch(1)ing https://launchdpad.net works fine for me on -CURRENT. Moreover, no errors from libssl were getting printed: libfetch is supposed to print them when one of the calls in fetch_ssl() fails. I also don't see the segfault, but I do get an authentication error with fetch(1) for the sourceforge page, which I suppose is to be expected. So I think it would be good to add a flag to libfetch which tells openSSL to bypass certificate verification - it would just need to call SSL_set_verify(ctx, SSL_VERIFY_NONE, NULL); at the appropriate spot. Then I saw "CLANG built" above. I tried rebuilding fetch(1)'s libraries using clang and eventually narrowed it down to libmd: if it's built with clang, I get an authentication error for lanchpad.net, and a segfault with lists.sourceforge.net. Haven't looked into what's actually going on though. -Mark _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
