Re: [openssl-dev] [openssl.org #4675] Bug: Parsing Configuration that contains System Variables
Hello, I found a working configuration now. I could not find that when searching fort he problem. Nevertheless, it still feels somehow not working as expected. Thank you very much for pointing me in the right direction and sorry for bothering you. Georg -Ursprüngliche Nachricht- Von: Stephen Henson via RT [mailto:r...@openssl.org] Gesendet: Freitag, 16. September 2016 16:18 An: georg.hoellr...@gmx.at Cc: openssl-dev@openssl.org Betreff: [openssl.org #4675] Bug: Parsing Configuration that contains System Variables On Fri Sep 16 13:54:00 2016, georg.hoellr...@gmx.at wrote: > > As long as $SAN is unset I get > openssl version > 6870300:error:0E065068:configuration file routines:STR_COPY:variable > has no value:conf_def.c:618:line 17 > This is expected and documented behaviour: see config manual page for details. If you want a non existent environment variable to have a default value you can use the default section to define it. Again see config manual page and examples for details. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4675 Please log in as guest with password guest if prompted -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4675 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4675] Bug: Parsing Configuration that contains System Variables
On Fri Sep 16 13:54:00 2016, georg.hoellr...@gmx.at wrote: > > As long as $SAN is unset I get > openssl version > 6870300:error:0E065068:configuration file routines:STR_COPY:variable has no > value:conf_def.c:618:line 17 > This is expected and documented behaviour: see config manual page for details. If you want a non existent environment variable to have a default value you can use the default section to define it. Again see config manual page and examples for details. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4675 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4675] Bug: Parsing Configuration that contains System Variables
Hello,
I think there is a bug in the config file parsing code.
Configuration:
---
openssl version -a
OpenSSL 1.0.1k 8 Jan 2015 (Library: OpenSSL 1.0.1g 7 Apr 2014)
built on: Tue Apr 8 11:04:36 CEST 2014
platform: Cygwin
options: bn(64,32) md2(int) rc4(8x,mmx) des(ptr,risc1,16,long)
blowfish(idx)
compiler: gcc -D_WINDLL -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -DDSO_DLFCN
-DHAVE_DLFCN_H -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486
-Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM
-DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/usr/ssl"
---
Changed Config File to
---
cat /usr/ssl/openssl.cnf
[req]
promt=no
distinguished_name=dn
default_md=sha256
default_bits=2048
req_extensions=alt_names
[dn]
C=AT
ST=SomeState
L=MyLocation
O="Test"
OU="Test"
E="t...@example.com"
[alt_names]
subjectAltName=${ENV::SAN}
---
As long as $SAN is unset I get
openssl version
6870300:error:0E065068:configuration file routines:STR_COPY:variable has no
value:conf_def.c:618:line 17
Setting an empty variable, fixes the problem:
export SAN="" && openssl version
OpenSSL 1.0.1k 8 Jan 2015 (Library: OpenSSL 1.0.1g 7 Apr 2014)
Expected beahviour: Such a configuration file should also work when it
contains an empty variable.
I've tested this behaivor on different systems and with different verison.
Kind Regards,
Georg
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4675
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
