On Thu, Jul 31, 2003, Samuel Meder wrote: > I'm currently working on updating our code to work with 0.9.7 and am > hitting a few snags: > > * Handling of critical extensions has changed (no big deal, just needed > to make our code tell openssl to ignore critical extensions) > > * I know get a core dump when trying to print a extension written > against the ASN1 code in 0.9.6 (extension is described in > http://www.ietf.org/internet-drafts/draft-ietf-pkix-proxy-07.txt). The > same code works fine with 0.9.6. A stack trace from the dump: > > #0 0x40131060 in ASN1_item_ex_d2i (pval=0xbfffefac, in=0xbffff008, len=14, > it=0x40056aeb, tag=-1, aclass=0, opt=0 '\0', ctx=0xbfffefb0) > at tasn_dec.c:148 > 148 if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; > (gdb) where > #0 0x40131060 in ASN1_item_ex_d2i (pval=0xbfffefac, in=0xbffff008, len=14, > it=0x40056aeb, tag=-1, aclass=0, opt=0 '\0', ctx=0xbfffefb0) > at tasn_dec.c:148 > #1 0x40130fc8 in ASN1_item_d2i (pval=0xbfffefac, in=0xbffff008, len=14, > it=0x40056aeb) at tasn_dec.c:115 > #2 0x40149b2a in X509V3_EXT_print (out=0x805d368, ext=0x805c9e8, flag=0, > indent=12) at v3_prn.c:119 > #3 0x40149e07 in X509V3_extensions_print (bp=0x805d368, > title=0x4018c08b "X509v3 extensions", exts=0x805c4f8, flag=0, indent=12) > at v3_prn.c:187 > #4 0x4012cbb4 in X509_print_ex (bp=0x805d368, x=0x805b2f0, nmflags=0, cflag=0) > at t_x509.c:238 > #5 0x4012c53b in X509_print_ex_fp (fp=0x402ecc40, x=0x805b2f0, nmflag=0, > cflag=0) at t_x509.c:90 > #6 0x4012c4ba in X509_print_fp (fp=0x402ecc40, x=0x805b2f0) at t_x509.c:76 > #7 0x08049f9f in main (argc=2, argv=0xbffffa04) at grid_proxy_info.c:522 > > Any ideas? >
Hard to tell without seeing your code. What extension does it implement? 0.9.6 ASN1 code should work with 0.9.7 but that hasn't been extensively tested. The old ASN1 did some horrible things which was one reason why it was replaced. The X509V3_EXT structure has a new ASN1_ITEM field in it. Make sure that is set to NULL. You might try converting the ASN1 module to 0.9.7 standard, that should be fairly painless (see the examples all over the new code). > Another question I have is whether there is a official end-of-life date for 0.9.6? > Only bug fixes will be committed to 0.9.6 and then only fairly critical ones. It will still be supported (for some value of "supported") for a while yet though but any new code is strongly advised to use 0.9.7. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
