On Mon, Feb 06, 2006, Marko Asplund via RT wrote:

>
>
> I'm having problems with the OpenSSL SSL_CTX_load_verify_locations()
> routine dumping core on Solaris 8 (sparc, 64-bit). I first noticed
> this problem with Apache mod_ssl but it can be reproduced with a
> minimal standalone C program which calls SSL_CTX_load_verify_locations
> ().
>
> I've only experienced this problem with one certain CA bundle file
> (see attached ca-bundle.crt.gz). The problem doesn't appear with
> OpenSSL release 0.9.7e (and at least d) but starting with f I'm
> getting core dumps (tested with i, g, f and 0.9.8a).
>
> Any ideas on what has changed between 0.9.7e and 0.9.7f that may be
> causing this?
>


I don't have access to that platform so I can't diagnose this myself.A

I'd suggest removing certificates from the bundle to see if you can narrow it
down to a single case.

You could also try:

openssl crl2pkcs7 -nocrl -certfile bundle

which should also attempt to read in all of them.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org