Andreas Metzler wrote: > On 2008-11-11 Michael Biebl <[EMAIL PROTECTED]> wrote: > [...] >> I think the backtrace led me in the correct direction, as it was >> segfaulting in libgnutls. I checked when libgnutls was last updated, and >> it was yesterday. >> I checked the changelog: > >> gnutls26 (2.4.2-2) unstable; urgency=medium > >> * [CVE-2008-4989.diff] Fix man in the middle attack for certificate >> verification. CVE-2008-4989 GNUTLS-SA-2008-3 > >> -- Andreas Metzler <[EMAIL PROTECTED]> Mon, 10 Nov 2008 19:42:54 +0100 > >> And indeed, this is the culprit. If I revert to version 2.4.2-1, the >> crashes in subversion are gone. > >> I don't know the code, so I'm not sure if this is a bug in subversion or >> gnutls, so If CCed Andreas, maybe he can comment on this and if this bug >> should be reassigned to gnutls. > > Is there a self-signed certificate involved? If yes this is probably a > duplicate of 505242.
Dunno if it is a self-signed certificate, but I guess you meant #505279
>
> A backtrace with libgnutls26-dbg will probably show it clearer.
> cu andreas
Looks like a dup of #505279
Fetching external item into 'admin'
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb72b1700 (LWP 3237)]
0xb778aff4 in _gnutls_x509_crt_get_raw_dn2 (cert=0x11,
whom=0xb77c5367 "issuer", start=0xbf93db24) at x509.c:1718
1718 x509.c: No such file or directory.
in x509.c
(gdb) bt full
#0 0xb778aff4 in _gnutls_x509_crt_get_raw_dn2 (cert=0x11,
whom=0xb77c5367 "issuer", start=0xbf93db24) at x509.c:1718
c2 = (ASN1_TYPE) 0x984f598
result = 0
start1 = <value optimized out>
end1 = <value optimized out>
signed_data = {data = 0x0, size = 0}
#1 0xb778fc9a in is_issuer (cert=0xb77c3dce, issuer_cert=0x96c4970)
at verify.c:164
dn1 = {data = 0x0, size = 0}
dn2 = {data = 0x0, size = 0}
ret = <value optimized out>
#2 0xb7790b12 in _gnutls_verify_certificate2 (cert=0x11,
trusted_cas=<value optimized out>, tcas_size=140, flags=0,
output=0xbf93dbe8) at verify.c:199
cert_signed_data = {data = 0x0, size = 0}
cert_signature = {data = 0x0, size = 0}
issuer = <value optimized out>
ret = <value optimized out>
issuer_version = <value optimized out>
result = <value optimized out>
#3 0xb7791381 in gnutls_x509_crt_list_verify (cert_list=0x984d168,
cert_list_length=0, CA_list=0x982d580, CA_list_length=140, CRL_list=0x0,
CRL_list_length=0, flags=0, verify=0xbf93dcac) at verify.c:396
No locals.
#4 0xb777364c in _gnutls_x509_cert_verify_peers (session=0x984bd18,
status=0xbf93dcac) at gnutls_x509.c:176
peer_certificate_list = (gnutls_x509_crt_t *) 0x984d168
i = 1
x = 0
ret = 1
#5 0xb7765921 in gnutls_certificate_verify_peers2 (session=0x984bd18,
status=0xbf93dcac) at gnutls_cert.c:606
No locals.
#6 0xb7765959 in gnutls_certificate_verify_peers (session=0x984bd18)
at gnutls_cert.c:639
status = <value optimized out>
ret = <value optimized out>
#7 0xb780e5e9 in ?? () from /usr/lib/libneon-gnutls.so.27
No symbol table info available.
#8 0x0984bd18 in ?? ()
No symbol table info available.
#9 0xbf93dcf8 in ?? ()
No symbol table info available.
#10 0x00000000 in ?? ()
No symbol table info available.
Cheers,
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
