On Wed, Dec 14, 2022 at 12:30:25PM +0100, Renaud Allard wrote: > Hi Otto, > > > On 12/14/22 12:01, Otto Moerbeek wrote: > > On Tue, Dec 13, 2022 at 10:34:53AM +0100, Renaud Allard wrote: > > > > > Hello, > > > > > > I was force renewing some certs because I removed some domains from > > > the cert, and got this: > > > acme-client(53931) in free(): chunk canary corrupted 0xa06cb09db00 > > > 0xb0@0xb0 > > > > > > I am using vm.malloc_conf=SUR>> > > > > > > Best Regards > > > > > > I cannot reproduce with several attempts. Please include details on > > platform and version. > > > > Can you show a run with -v on? That gives a hint where the problem > > occurs. > > > > Do you get a core dump? If so, try to get a backtrace. > > > > > It's quite hard to reproduce, I only had it once when I shrank the > alternative names involved in one certificate. There was no core dump. > > This was produced on 7.2-stable amd64 > account and domain keys are ecdsa > > I ran it with -vvF and could get my run log thanks to tmux back buffer. > I will skip all the verification/certs babble > > isildur# acme-client -vvF arnor.org > > acme-client: /somewhere/arnor.org.key: loaded domain key > > acme-client: /etc/acme/letsencrypt-privkey.pem: loaded account key > > acme-client: /somewhere/arnor.org.crt: certificate valid: 74 days left > > acme-client: /somewhere/arnor.org.crt: domain list changed, forcing renewal > acme-client: https://acme-v02.api.letsencrypt.org/directory: directories > > acme-client: acme-v02.api.letsencrypt.org: DNS: 172.65.32.248 > > ******** lots of standard certs/verif dialog ********* > -----END CERTIFICATE----- ] (5800 bytes) > > acme-client(53931) in free(): chunk canary corrupted 0xa06cb09db00 0xb0@0xb0 > acme-client: /somewhere/arnor.org.crt: created > > acme-client: /somewhere/arnor.org.fullchain.pem: created > > acme-client: signal: revokeproc(53931): Abort trap > > Best Regards
Try this -Otto Index: revokeproc.c =================================================================== RCS file: /home/cvs/src/usr.sbin/acme-client/revokeproc.c,v retrieving revision 1.19 diff -u -p -r1.19 revokeproc.c --- revokeproc.c 22 Nov 2021 08:26:08 -0000 1.19 +++ revokeproc.c 14 Dec 2022 14:16:46 -0000 @@ -239,6 +239,7 @@ revokeproc(int fd, const char *certfile, goto out; } force = 2; + continue; } if (found[j]++) { if (revocate) {