The following CRL triggers this behaviour:
https://info.pca.dfn.de/doc/large_crl.pem
Thanks,
Jürgen
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4531
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe:
Hi.
Openssl 1.0.2h cannot parse really large CRLs anymore. "Really large"
means > some 1MB.
It seems as if the new check in line 202 in x_name.c, commited 5 days
ago, has a side effect beyond name decoding:
https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/asn1/x_name.c#L202
[double-post; sent this previously to r...@openssl.org, and didn't get a
ticket reply or something. As I feel that potentially a large number of
people is affected, e.g. via Apache crl parsing etc., re-sent to
openssl-dev.]
Hi.
Openssl 1.0.2h cannot parse really large CRLs anymore. "Really