> [[email protected] - Mon Feb 27 18:45:51 2012]: > > On Mon, 27 Feb 2012, Remi Gacogne wrote: > > > You're right, I'm sorry, I have mixed it up with another test. > > This one is the right one. > > Ok, just checked by downloading the certificate from RT, and it is > corrupted again. > > I can't think of any other way that putting it here : > > http://coredump.fr/openssl-1.0.0g-invalid-read-cert.der > > Let me know if it doesn't work for you. >
OK thanks it works fine now. The cause is rather subtle: when OpenSSL reencodes a BIT STRING it normally preserves the original encoding so this shouldn't happen. However in the case of a BIT STRING inside a Name (X509_NAME) structure it didn't due to a bug. Fix is here: http://cvs.openssl.org/chngview?cn=22175 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
