ID: 29418 Updated by: [EMAIL PROTECTED] Reported By: sartre at gmail dot com -Status: No Feedback +Status: Closed Bug Type: OpenSSL related Operating System: Linux (Slackware 10.0) PHP Version: 4.3.8 New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Thanks to Kamesh Jayachandran and Netware. Previous Comments: ------------------------------------------------------------------------ [2004-08-13 01:00:05] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". ------------------------------------------------------------------------ [2004-07-29 08:16:20] [EMAIL PROTECTED] Read the instructions *carefully* on how to produce a useful backtrace with debugging information. ------------------------------------------------------------------------ [2004-07-29 06:03:57] sartre at gmail dot com There's a backtrace in the 'actual result' field.. Mysteriously it did not contain *any* zend routine. Whether this may or may not be a scripting bug, I (nor would any of we) didn't expect PHP to segfault (that's why I posted that). Thanks! ------------------------------------------------------------------------ [2004-07-29 05:45:53] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Thank you for helping us make PHP better. ------------------------------------------------------------------------ [2004-07-28 05:26:02] sartre at gmail dot com Description: ------------ (using PHP 4.3.8 as the standalone executable, OpenSSL 0.9.7d) I was writing a regression script for testing my script but when signing a certificate with a CA I stumbled upon an unending delay (self-signed first and then signed against the generated CA in the same script). The PHP executable (I am not running apache) does not always reproduce the segfault. The *error* (forced in the script): The client uses the same private key as the CA. PS: It's my first time using OpenSSL in PHP, and I do not understand most of it, but I didn't expect to get a segfault. Reproduce code: --------------- $key = openssl_pkey_new (); $csr = openssl_csr_new ($dn, $key); openssl_csr_export ($csr, $csr_exported); $csr_signed = openssl_csr_sign ($csr, NULL, $key, 365); openssl_x509_export ($csr_signed, $x509_exported); openssl_pkey_export ($key, $key_exported, ''); $key_public = openssl_pkey_get_public ($x509_exported); $struct = openssl_x509_parse ($x509_exported); // set $dn to other value $cert_ca = openssl_x509_read ($x509_exported); $cert_cakey = openssl_pkey_get_private ($cert_client); $client_csr = openssl_csr_new ($dn, $cert_cakey); openssl_csr_export ($client_csr, $client_csr_exported); // here! openssl_csr_sign ($client_csr, $cert_ca, $cert_cakey, 365); // (I cannot continue) Expected result: ---------------- Segfault Actual result: -------------- #0 0x40536bff in mallopt () from /lib/libc.so.6 #1 0x40535a2f in free () from /lib/libc.so.6 #2 0x08189e7d in shutdown_memory_manager () #3 0x0816e470 in php_request_shutdown () #4 0x081a82c0 in main () (I expected to see any SSL function called) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=29418&edit=1