bin/171402: fetch(1): Authentication error or Segmentation fault on HTTPS:// URLs

Oliver Hartmann ohartman at zedat.fu-berlin.de
Fri Sep 7 08:00:09 UTC 2012


>Number:         171402
>Category:       bin
>Synopsis:       fetch(1): Authentication error or Segmentation fault on HTTPS:// URLs
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 07 08:00:08 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Oliver Hartmann
>Release:        FreeBSD 10.0-CURRENT r240150M amd64
>Organization:
FU Berlin
>Environment:
FreeBSD 10.0-CURRENT #2 r240150M: Wed Sep  5 21:35:41 CEST 2012 amd64,  CLANG built
>Description:
While trying to fetch sources for a port located at a SSL secured URL, I run into a problem with fetch(1) droping a Segmentaion fault" or reporting "Authentication error", while wget(1) from port net/wget  doesn't segfaults: 


fetch:
fetch -o /dev/null https://launchpad.net/
fetch: https://launchpad.net/: Authentication error

wget:
wget https://launchpad.net/
--2012-09-07 09:45:59--  https://launchpad.net/
Resolving launchpad.net (launchpad.net)... 91.189.89.223, 91.189.89.222
Connecting to launchpad.net (launchpad.net)|91.189.89.223|:443... connected.
ERROR: cannot verify launchpad.net's certificate, issued by `/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287':
  Self-signed certificate encountered.
To connect to launchpad.net insecurely, use `--no-check-certificate'.



fetch -o /dev/null https://lists.sourceforge.net/
Segmentation fault

wget:
wget https://lists.sourceforge.net
--2012-09-07 09:47:02--  https://lists.sourceforge.net/
Resolving lists.sourceforge.net (lists.sourceforge.net)... 216.34.181.88
Connecting to lists.sourceforge.net (lists.sourceforge.net)|216.34.181.88|:443... connected.
ERROR: cannot verify lists.sourceforge.net's certificate, issued by `/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA':
  Unable to locally verify the issuer's authority.
To connect to lists.sourceforge.net insecurely, use `--no-check-certificate'.

The "Authentication error" can be avoided by applying option `--no-check-certificate' as suggested for fetching sources located at https://launchpad.net/ with wget(1). But fetch(1) doesn't seem to have the ability to switch off the authentication the same way.

The Segmentation fault seems to be weird.

I'm using the system's OpenSSL 1.0.0c, no additional port installed.
>How-To-Repeat:
Try mentioned failing fetch(1) sequences and check with wget(1).
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:


More information about the freebsd-bugs mailing list