subject:"\[kleopatra\] \[Bug 376563\] Kleopatra crashes with segmentation fault on startup after importing PEM file"

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2022-03-23 Thread Guido Winkelmann

https://bugs.kde.org/show_bug.cgi?id=376563

--- Comment #10 from Guido Winkelmann  ---
(In reply to Guido Winkelmann from comment #9)
> As of 2022-03-23, the bug is still present in the released version 21.08.3,
> but does appear to be fixed in the newest git version.

Does anybody happen to know which commit fixed it, and whether it was in
kleopatra itself or in libkleo?

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2022-03-23 Thread Guido Winkelmann

https://bugs.kde.org/show_bug.cgi?id=376563

--- Comment #9 from Guido Winkelmann  ---
As of 2022-03-23, the bug is still present in the released version 21.08.3, but
does appear to be fixed in the newest git version.

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2019-08-01 Thread Arnold Seiler

https://bugs.kde.org/show_bug.cgi?id=376563

Arnold Seiler  changed:

   What|Removed |Added

 CC||arnold338250...@web.de

--- Comment #8 from Arnold Seiler  ---
User certificates from KIT seem to suffer from this bug as well.
They are cross signed by an old chain with root-CA "Deutsche Telekom Root CA 2"
and a new one with root-CA "T-TeleSec GlobalRoot Class 2".
User certificates are available here (this is mine)
https://search.ca.kit.edu/pubdownload/pem/10311245368690295726648917385
Installing the new root-CA by hand from
https://pki.pca.dfn.de/kit-ca/cgi-bin/pub/pki?cmd=getStaticPage;name=index;id=2_ID=0
seems to enforce the new chain and solve the invalid old root.

Nevertheless the valid path should be found without manual intervention.

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2018-01-31 Thread Andre Heinecke

https://bugs.kde.org/show_bug.cgi?id=376563

--- Comment #7 from Andre Heinecke  ---
No it's a bug in GpgSM / Kleopatra. This special certificate is not handled by
GpgSM correctly and Kleopatra can't cope with it. I'm not sure if this is only
an upstream bug without further analysis. At least Kleopatra should handle
this.

I'll try to look at it soon.

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2018-01-31 Thread Denis Kurz

https://bugs.kde.org/show_bug.cgi?id=376563

Denis Kurz  changed:

   What|Removed |Added

 CC||kde...@posteo.de

--- Comment #6 from Denis Kurz  ---
You might want to consider if this was caused by a Qt bug that was resolved
fixed in 5.8, as described in Bug 361895, Comment 1.

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2017-02-20 Thread Andre Heinecke

https://bugs.kde.org/show_bug.cgi?id=376563

Andre Heinecke  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |CONFIRMED

--- Comment #5 from Andre Heinecke  ---
Thank you very much. I can reproduce the problem with this certificate and I
agree about the likely cause.

But there is also an underlying problem in GpgSM. It does not handle the
certificate well either. When importing it I got warnings about "Certificate
chain too long" and while gpgsm -k looks ok if you do a 
"gpgsm -k --with-validation" causing it to check the certificate chain it takes
a while and then shows:
  [checking the CRL failed: Bad certificate chain]
  [certificate is bad: Bad certificate chain]

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2017-02-18 Thread Guido Winkelmann

https://bugs.kde.org/show_bug.cgi?id=376563

--- Comment #4 from Guido Winkelmann  ---
Created attachment 104098
  --> https://bugs.kde.org/attachment.cgi?id=104098=edit
The pem file that caused the crash after it was imported

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2017-02-18 Thread Guido Winkelmann

https://bugs.kde.org/show_bug.cgi?id=376563

--- Comment #3 from Guido Winkelmann  ---
I just had another look into the PEM file I imported, and I noticed something
that could potentially, without having actually looked at the code, explain the
out of control recursion:

The Comodo CA certificate is signed by AddTrust External CA Root, which itself
is cross signed by UTN - DATACorp SGC, meaning UTN - DATACorp SGC is itself
again signed by AddTrust.

This cross-signing thing is a fairly obscure feature of X.509 certificates
that, until recently, was very rarely seen in the wild. If a programmer is not
aware of this possibility, and didn't think to check X.509 trust paths for
loops or at least limit the length of support trust chains, then trying to
build a trust path for a certificate with such a cross-signed CA in there
somewhere will usually lead to endless recursion.

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2017-02-18 Thread Guido Winkelmann

https://bugs.kde.org/show_bug.cgi?id=376563

--- Comment #2 from Guido Winkelmann  ---
gpgsm -k looks like it's working fine here and doesn't show anything that looks
fishy to me.

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

2017-02-17 Thread Andre Heinecke

https://bugs.kde.org/show_bug.cgi?id=376563

--- Comment #1 from Andre Heinecke  ---
Thank you for your detailed report.

I've had a brief look at the code and don't see an obvious recursion
possiblity.

As you write that this happens after importing a specific certificate could you
attach that certificate here or send it to aheine...@intevation.de

Additionally it would be great if you could check with "gpgsm -k" if the output
looks fishy already. (e.g. one certificate is repeated a lot)

-- 
You are receiving this mail because:
You are watching all bug changes.

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file

10 matches

Site Navigation

Mail list logo

Footer information