Re: bin/171402: fetch(1): Authentication error or Segmentation f

The following reply was made to PR bin/171402; it has been noted by GNATS.

From: Mark Johnston <markjdb@gmail.com>
To: bug-followup@FreeBSD.org, ohartman@zedat.fu-berlin.de
Cc:  
Subject: Re: bin/171402: fetch(1): Authentication error or Segmentation fault
 on HTTPS:// URLs
Date: Fri, 7 Sep 2012 22:33:54 -0400

 This is interesting. I was confused when this issue was reported on
 freebsd-current yesterday, as I couldn't reproduce it - fetch(1)ing
 https://launchdpad.net works fine for me on -CURRENT. Moreover, no
 errors from libssl were getting printed: libfetch is supposed to print
 them when one of the calls in fetch_ssl() fails.

 I also don't see the segfault, but I do get an authentication error with
 fetch(1) for the sourceforge page, which I suppose is to be expected.
 So I think it would be good to add a flag to libfetch which tells
 openSSL to bypass certificate verification - it would just need to call

 SSL_set_verify(ctx, SSL_VERIFY_NONE, NULL);

 at the appropriate spot.

 Then I saw "CLANG built" above. I tried rebuilding fetch(1)'s libraries
 using clang and eventually narrowed it down to libmd: if it's built with
 clang, I get an authentication error for lanchpad.net, and a segfault
 with lists.sourceforge.net. Haven't looked into what's actually going on
 though.

 -Mark
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"