bin/171402: fetch(1): Authentication error or Segmentation fault
on HTTPS:// URLs
Mark Johnston
markjdb at gmail.com
Sat Sep 8 02:40:10 UTC 2012
The following reply was made to PR bin/171402; it has been noted by GNATS.
From: Mark Johnston <markjdb at gmail.com>
To: bug-followup at FreeBSD.org, ohartman at zedat.fu-berlin.de
Cc:
Subject: Re: bin/171402: fetch(1): Authentication error or Segmentation fault
on HTTPS:// URLs
Date: Fri, 7 Sep 2012 22:33:54 -0400
This is interesting. I was confused when this issue was reported on
freebsd-current yesterday, as I couldn't reproduce it - fetch(1)ing
https://launchdpad.net works fine for me on -CURRENT. Moreover, no
errors from libssl were getting printed: libfetch is supposed to print
them when one of the calls in fetch_ssl() fails.
I also don't see the segfault, but I do get an authentication error with
fetch(1) for the sourceforge page, which I suppose is to be expected.
So I think it would be good to add a flag to libfetch which tells
openSSL to bypass certificate verification - it would just need to call
SSL_set_verify(ctx, SSL_VERIFY_NONE, NULL);
at the appropriate spot.
Then I saw "CLANG built" above. I tried rebuilding fetch(1)'s libraries
using clang and eventually narrowed it down to libmd: if it's built with
clang, I get an authentication error for lanchpad.net, and a segfault
with lists.sourceforge.net. Haven't looked into what's actually going on
though.
-Mark
More information about the freebsd-bugs
mailing list