Re: PKCS12_parse() SEGV.

2010-05-09 Thread David Woodhouse
On Sun, 2010-05-09 at 12:12 +0100, David Woodhouse wrote: > Although that's OK for my purposes, I think it's actually a bug. The man > page for PKCS12_parse() says that *ca can be a valid stack, in which > case additional certificates are appended to *ca. > > It _doesn't_ say "oh, but if parsing f

Re: PKCS12_parse() SEGV.

2010-05-09 Thread David Woodhouse
On Fri, 2010-05-07 at 23:37 +0200, Dr. Stephen Henson wrote: > > > If you pass a NULL for the final argument in PKCS12_parse() extra CA > certificates are ignored as it has nowhere to put them. > > If you pass a pointer to a NULL STACK_OF(X509) i.e do: > > STACK_OF(X509) *ca = NULL; > > and pa

Re: PKCS12_parse() SEGV.

2010-05-07 Thread Dr. Stephen Henson
On Fri, May 07, 2010, David Woodhouse wrote: > On Fri, 2010-05-07 at 19:24 +0200, Dr. Stephen Henson wrote: > > Setting ca to NULL if it fails should work. That should be done in > > PKCS12_parse() on error. > > AIUI I don't want it to be NULL; I need it to be an empty stack. I need > the return

Re: PKCS12_parse() SEGV.

2010-05-07 Thread David Woodhouse
On Fri, 2010-05-07 at 19:24 +0200, Dr. Stephen Henson wrote: > Setting ca to NULL if it fails should work. That should be done in > PKCS12_parse() on error. AIUI I don't want it to be NULL; I need it to be an empty stack. I need the returned 'extra' certs so that I can work around RT#1942 on the

Re: PKCS12_parse() SEGV.

2010-05-07 Thread Dr. Stephen Henson
On Fri, May 07, 2010, David Woodhouse wrote: > With OpenSSL 0.9.8n this test program segfaults the second time it tries > to parse the PKCS#12 file. It was fixed for OpenSSL 1.0.0 by this > commit: http://cvs.openssl.org/chngview?cn=17957 > > Starting program: /home/dwmw2/p12test .cert/certificat

PKCS12_parse() SEGV.

2010-05-07 Thread David Woodhouse
With OpenSSL 0.9.8n this test program segfaults the second time it tries to parse the PKCS#12 file. It was fixed for OpenSSL 1.0.0 by this commit: http://cvs.openssl.org/chngview?cn=17957 Starting program: /home/dwmw2/p12test .cert/certificate.p12 Enter PKCS#12 passphrase: 140737353934504:error:23