Bug 890569

Summary: freeradius2 Segmentation fault - OCSP
Product: Red Hat Enterprise Linux 5 Reporter: bbonok
Component: freeradius2Assignee: John Dennis <jdennis>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 5.8   
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-11-01 20:43:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description bbonok 2012-12-27 20:05:23 UTC 
Description of problem: FreeRADIUS crash with Segmentation fault when check certificate with OCSP server and the server request doesn't have NextUpdate field.

The problem is fixed in upstream.

See:
http://lists.freeradius.org/pipermail/freeradius-users/2012-July/061979.html


The used OCSP server is from RHCS 8.0.


Settings:

Configure authentication with EAP-TLS and set oscp checking.
Comment 1 John Dennis 2013-11-01 18:31:17 UTC 
Upstream commit id 30d5e93746fb22b781be2ea72ec3a3146d4c0821 fixes this (courtesy of Maja Gorecka-Wolniewicz). The commit was first introduced into freeradius version 2.2.0, hence freeradius-2.0.0 contains the fix.
Comment 2 John Dennis 2013-11-01 20:43:44 UTC 
This Bugzilla has been reviewed by Red Hat and is not planned on being
addressed in Red Hat Enterprise Linux 5, and therefore will be closed.
If this bug is critical to production systems, please contact your Red
Hat support representative and provide sufficient business
justification.