Bug 1686058

Summary: specifying digest for signing time-stamping responses is mandatory
Product: Red Hat Enterprise Linux 8 Reporter: Hubert Kario <hkario>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Daiki Ueno <dueno>
Severity: low Docs Contact:
Priority: low    
Version: 8.0CC: dueno, tmraz
Target Milestone: rcKeywords: ManPageChange, Triaged
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openssl-1.1.1b-3.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-05 22:40:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1643026, 1682501    
Bug Blocks:    

Description Hubert Kario 2019-03-06 15:57:21 UTC 
Description of problem:
man page of openssl ts specifies that digest is optional, it is actually mandatory

Version-Release number of selected component (if applicable):
openssl-1.1.1-8.el8.x86_64

How reproducible:
always

Steps to Reproduce:
1. use config file that does not specify signer_digest, use command line that does not specify digest

Actual results:
140617514493760:error:2F098088:time stamp routines:ts_CONF_lookup_fail:cannot find config variable:crypto/ts/ts_conf.c:106:tsr_test::signer_digest

Expected results:
man page of ts specifying that digest is mandatory, not optional

Additional info:
Comment 1 Tomas Mraz 2019-03-06 17:16:02 UTC 
It is optional on both places but it has to be specified on at least one place. The documentation should be clarified.
Comment 2 Hubert Kario 2019-03-25 14:03:12 UTC 
fixed upstream: https://github.com/openssl/openssl/pull/8421
Comment 11 errata-xmlrpc 2019-11-05 22:40:19 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:3700