Hi, On Wed, Nov 23, 2022 at 01:37:47PM -0500, Selva Nair wrote: > pkcs11h_certiciate_freeCertificate() does seem to handle NULL argument. > With --show-tls, are we calling this before intializing the pkcs11 library? > That could trigger an ASSERT.
If I build on Linux with mbedtls && --enable-pkcs11 (which I normally
don't do), and run --show-tls, this is what happens...
TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256
TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256
TLS-PSK-WITH-AES-128-CCM-8
openvpn: pkcs11h-certificate.c:1213: pkcs11h_certificate_freeCertificate:
Assertion `_g_pkcs11h_data!=NULL' failed.
Aborted (core dumped)
... so, the crash seems to agree with your analysis :-)
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
