[openssl-dev] Fwd: [openssl.org #4095] X509_STORE_get_by_subject crash

2015-10-19 Thread tosif tamboli via RT
Hi, Can you please help me in below query Thanks & regards, Tosif -- Forwarded message -- From: tosif tamboli <tambol...@gmail.com> Date: Fri, Oct 16, 2015 at 3:26 PM Subject: Re: [openssl.org #4095] X509_STORE_get_by_subject crash To: r...@openssl.org My application

Re: [openssl-dev] [openssl.org #4095] X509_STORE_get_by_subject crash

2015-10-16 Thread tosif tamboli via RT
LETYPE_PEM) > > X509_STORE_CTX_init (pStoreCtx, sshX509CACertStore, pX509, NULL); > > ret = X509_verify_cert (pStoreCtx); > > in the callback function I just checked for > retVal = X509_STORE_get_by_subject (, X509_LU_CRL, > pSubject, _

Re: [openssl-dev] [openssl.org #4095] X509_STORE_get_by_subject crash

2015-10-16 Thread tosif tamboli via RT
, X509_LOOKUP_file()); X509_LOOKUP_load_file(pLookup,caFile,X509_FILETYPE_PEM) X509_STORE_CTX_init (pStoreCtx, sshX509CACertStore, pX509, NULL); ret = X509_verify_cert (pStoreCtx); in the callback function I just checked for retVal = X509_STORE_get_by_subject (, X509_LU_CRL

[openssl-dev] [openssl.org #4095] X509_STORE_get_by_subject crash

2015-10-15 Thread Emilia Käsper via RT
This sounds like an application problem. 1) Did you recompile your source? 0.9.7 and 1.0.1 are not binary-compatible. 2) The certificate hash format has changed between 1.0.1 and 0.9.7, which could explain why the lookup no longer works: https://www.openssl.org/docs/manmaster/apps/rehash.html If

[openssl-dev] [openssl.org #4095] X509_STORE_get_by_subject crash

2015-10-15 Thread tosif tamboli via RT
Hi, Recently we updated the openssl crypto from 0.9.7e 25 to 1.0.1e But it is always crashing while vertifying the certificates from image When debugged found that crash is happening when X509_STORE_get_by_subject called with issuer and issuer name is empty X509_STORE_get_by_subject

Re: X509_STORE_get_by_subject

2001-11-20 Thread Dr S N Henson
Ben Laurie wrote: Ben Laurie wrote: francoise lacambre wrote: Don't you think, in the X509_STORE_get_by_subject function, that the following line vs-current_method=j; would be replaced by : vs-current_method

Re: X509_STORE_get_by_subject

2001-11-20 Thread Ben Laurie
Ben Laurie wrote: francoise lacambre wrote: Don't you think, in the X509_STORE_get_by_subject function, that the following line vs-current_method=j; would be replaced by : vs-current_method=i; Yes! Hmm ... still

Re: X509_STORE_get_by_subject

2001-11-19 Thread Ben Laurie
francoise lacambre wrote: Don't you think, in the X509_STORE_get_by_subject function, that the following line vs-current_method=j; would be replaced by : vs-current_method=i; Yes! Cheers, Ben. in the case where j0 , i.e

Re: X509_STORE_get_by_subject

2001-11-19 Thread Ben Laurie
francoise lacambre wrote: Don't you think, in the X509_STORE_get_by_subject function, that the following line vs-current_method=j; would be replaced by : vs-current_method=i; Yes! Cheers, Ben. in the case where j0 , i.e

X509_STORE_get_by_subject

2001-11-15 Thread francoise lacambre
Don't you think, in the X509_STORE_get_by_subject function, that the following line vs-current_method=j; would be replaced by : vs-current_method=i; in the case where j0 , i.e. j==X509_LU_RETRY ? i is a LOOKUP method, not j