Marcel Koopmans wrote:
Hello Everbody,I have an issue with recovery of openca. I was running openca 0.9.2.2 on Debian 3.1 ( PowerPC ) I have build openca 0.9.2.4 on Debian 3.1 ( x86 ) To move & upgrade my CA I did... 1) Old node of ca/ra I made a backup. 2) Configure config.xml and run configure_etc.sh 3) Copy var/crypto/keys/cakey.pem 4) run openca_start 5) New node of ca/ra... Administration->Backup and Recovery Initialize Database ( ok ) Restore Database ( ok ) Rebuild OpenSSL's database and next serialnumber ---Issue--- Try to recover OpenSSL's index database (Please wait until operation completes) Create backups of index.txt and serial ... /home/openca/offline/Elysium_Open_Systems_root_CA/var/crypto/index.txt /home/openca/offline/Elysium_Open_Systems_root_CA/var/crypto/serial Loading the Objects ... VALID_CA_CERTIFICATE: 7FFFFFFF Error 700General Error The compilation of the command cmdRebuildOpenSSLindexDB failed. panic: array extend at /home/openca/offline/Elysium_Open_Systems_root_CA/lib/functions/crypto-utils.lib line 374.
Can this be an integer overflow for Perls array index? The following sprintf statement looks for me like we found the next issue with big serials:
sprintf ("%lX", $value->getSerial());
Perhaps we have to use Math::BigInt here too. I think I have to check
Alexei's Debian patches again and if I'm back from the workshop then we
have to commit them to the stable release tree. BTW Alexei, can you
commit them by yourself?
Michael -- _______________________________________________________________ Michael Bell Humboldt-Universitaet zu Berlin Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
smime.p7s
Description: S/MIME Cryptographic Signature
