Public bug reported: Openssl binary segfault on try to sign certificate.
Steps to reproduce: 1. create root CA (self-signed certificate) 2. create 'local CA' directory structure by something like this (see full shell script in attach): CA_DIR=demoCA mkdir -p $CA_DIR/signedcerts # contains copies of each signed certificate mkdir -p $CA_DIR/private # contains the private key mkdir -p $CA_DIR/tmp # temporary certificate sign request files echo '01' > $CA_DIR/serial touch $CA_DIR/index.txt 3. Generate sign request and sign first certificate (openssl req, openssl ca) 4. Try do it again for next certificate. Actual result: First certificate is signed, but on try to sign second openssl segfaults. Expected result: Explain what wron with 'demoCA' directory instead of segfault. Additional details: Into attachment small script for reproduce the bug. Possible it is my (I'm not sure): https://errors.ubuntu.com/bucket/?id=%2Fusr%2Fbin%2Fopenssl%3A11%3Aasn1_cb%3ACONF_parse_list%3AASN1_generate_v3%3Aasn1_multi%3AASN1_generate_v3 Ubuntu 12.04.1 LTS x86_64 openssl 1.0.1-4ubuntu5.5 ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: openssl 1.0.1-4ubuntu5.5 ProcVersionSignature: Ubuntu 3.2.0-32.51-generic 3.2.30 Uname: Linux 3.2.0-32-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.0.1-0ubuntu14 Architecture: amd64 Date: Wed Nov 7 12:16:31 2012 InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425) ProcEnviron: TERM=xterm PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: openssl UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: openssl (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug precise running-unity ** Attachment added: "openssl_ca_crash_reproduce.sh" https://bugs.launchpad.net/bugs/1075916/+attachment/3426521/+files/openssl_ca_crash_reproduce.sh ** Description changed: Openssl binary segfault on try to sign certificate. Steps to reproduce: 1. create root CA (self-signed certificate) 2. create 'local CA' directory structure by something like this (see full shell script in attach): CA_DIR=demoCA - mkdir -p $CA_DIR/signedcerts # contains copies of each signed certificate - mkdir -p $CA_DIR/private # contains the private key + mkdir -p $CA_DIR/signedcerts # contains copies of each signed certificate + mkdir -p $CA_DIR/private # contains the private key mkdir -p $CA_DIR/tmp # temporary certificate sign request files echo '01' > $CA_DIR/serial touch $CA_DIR/index.txt 3. Generate sign request and sign first certificate (openssl req, openssl ca) 4. Try do it again for next certificate. - Actual result: First certificate is signed, but on try to sign second openssl segfaults. - Expected result: Explain what wron with 'demoCA' directory instead of segfault. - Additional details: Into attachment small script for reproduce the bug. Ubuntu 12.04.1 LTS x86_64 openssl 1.0.1-4ubuntu5.5 ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: openssl 1.0.1-4ubuntu5.5 ProcVersionSignature: Ubuntu 3.2.0-32.51-generic 3.2.30 Uname: Linux 3.2.0-32-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.0.1-0ubuntu14 Architecture: amd64 Date: Wed Nov 7 12:16:31 2012 InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425) ProcEnviron: - TERM=xterm - PATH=(custom, user) - LANG=en_US.UTF-8 - SHELL=/bin/bash + TERM=xterm + PATH=(custom, user) + LANG=en_US.UTF-8 + SHELL=/bin/bash SourcePackage: openssl UpgradeStatus: No upgrade log present (probably fresh install) ** Description changed: Openssl binary segfault on try to sign certificate. Steps to reproduce: 1. create root CA (self-signed certificate) 2. create 'local CA' directory structure by something like this (see full shell script in attach): CA_DIR=demoCA mkdir -p $CA_DIR/signedcerts # contains copies of each signed certificate mkdir -p $CA_DIR/private # contains the private key mkdir -p $CA_DIR/tmp # temporary certificate sign request files echo '01' > $CA_DIR/serial touch $CA_DIR/index.txt 3. Generate sign request and sign first certificate (openssl req, openssl ca) 4. Try do it again for next certificate. Actual result: First certificate is signed, but on try to sign second openssl segfaults. Expected result: Explain what wron with 'demoCA' directory instead of segfault. Additional details: Into attachment small script for reproduce the bug. + Into another attachment is backtrace for openssl compiled by hands (apt- + get source openssl, configure with debug, make) + + Possible it is my (I'm not sure): + https://errors.ubuntu.com/bucket/?id=%2Fusr%2Fbin%2Fopenssl%3A11%3Aasn1_cb%3ACONF_parse_list%3AASN1_generate_v3%3Aasn1_multi%3AASN1_generate_v3 + + + Ubuntu 12.04.1 LTS x86_64 openssl 1.0.1-4ubuntu5.5 ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: openssl 1.0.1-4ubuntu5.5 ProcVersionSignature: Ubuntu 3.2.0-32.51-generic 3.2.30 Uname: Linux 3.2.0-32-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.0.1-0ubuntu14 Architecture: amd64 Date: Wed Nov 7 12:16:31 2012 InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425) ProcEnviron: TERM=xterm PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: openssl UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1075916 Title: 'openssl ca' segfaults on second run To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1075916/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
