Skip to content

Fix ca crash #5114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mattcaswell wants to merge 2 commits into from
Closed

Fix ca crash #5114

mattcaswell wants to merge 2 commits into from

Conversation

@mattcaswell
Copy link
Member

@mattcaswell mattcaswell commented Jan 19, 2018

Two related issues were causing a seg fault in the ca application. Firstly it is possible to create a certificate with an empty Subject. Secondly if ca reads an index.txt file with a missing subject in an entry then it will crash.

Fixes #5109

@mattcaswell
Don't allow an empty Subject when creating a Certificate
a168d7e 
Misconfiguration (e.g. an empty policy section in the config file) can
lead to an empty Subject. Since certificates should have unique Subjects
this should not be allowed.
@mattcaswell
Don't crash on a missing Subject in index.txt
1fecaa6 
An index.txt entry which has an empty Subject name field will cause ca
to crash. Therefore check it when we load it to make sure its not empty.

Fixes openssl#5109
@mattcaswell mattcaswell added branch: master Applies to master branch 1.1.0 labels Jan 19, 2018
This was referenced Jan 19, 2018
Closed
Closed
@richsalz richsalz added the approval: done This pull request has the required number of approvals label Jan 19, 2018
levitte pushed a commit that referenced this pull request Jan 22, 2018
@mattcaswell
Don't allow an empty Subject when creating a Certificate
f2982ad 
Misconfiguration (e.g. an empty policy section in the config file) can
lead to an empty Subject. Since certificates should have unique Subjects
this should not be allowed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from #5114)

(cherry picked from commit e505f1e)
levitte pushed a commit that referenced this pull request Jan 22, 2018
@mattcaswell
Don't crash on a missing Subject in index.txt
462163e 
An index.txt entry which has an empty Subject name field will cause ca
to crash. Therefore check it when we load it to make sure its not empty.

Fixes #5109

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from #5114)

(cherry picked from commit 1e05c6d)
@mattcaswell
Copy link
Member Author

mattcaswell commented Jan 22, 2018

Pushed. Thanks.

levitte pushed a commit that referenced this pull request Jan 22, 2018
@mattcaswell
Don't allow an empty Subject when creating a Certificate
e505f1e 
Misconfiguration (e.g. an empty policy section in the config file) can
lead to an empty Subject. Since certificates should have unique Subjects
this should not be allowed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from #5114)
levitte pushed a commit that referenced this pull request Jan 22, 2018
@mattcaswell
Don't crash on a missing Subject in index.txt
1e05c6d 
An index.txt entry which has an empty Subject name field will cause ca
to crash. Therefore check it when we load it to make sure its not empty.

Fixes #5109

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from #5114)
@vdukhovni
Copy link

vdukhovni commented Feb 22, 2018

Please revert and rework. See comments on #5115

@vdukhovni vdukhovni reopened this Feb 22, 2018
@vdukhovni vdukhovni removed the approval: done This pull request has the required number of approvals label Feb 22, 2018
@mattcaswell
Copy link
Member Author

mattcaswell commented Feb 23, 2018

Closing this in favour of tracking it under the original issue #5109.

This was referenced Feb 23, 2018
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@richsalz richsalz richsalz approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

branch: master Applies to master branch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mattcaswell @vdukhovni @richsalz