Bug 890569 - freeradius2 Segmentation fault - OCSP
Summary: freeradius2 Segmentation fault - OCSP
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: freeradius2
Version: 5.8
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: ---
Assignee: John Dennis
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-12-27 20:05 UTC by bbonok
Modified: 2013-11-01 20:43 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-11-01 20:43:44 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description bbonok 2012-12-27 20:05:23 UTC
Description of problem: FreeRADIUS crash with Segmentation fault when check certificate with OCSP server and the server request doesn't have NextUpdate field.

The problem is fixed in upstream.

See:
http://lists.freeradius.org/pipermail/freeradius-users/2012-July/061979.html


The used OCSP server is from RHCS 8.0.


Settings:

Configure authentication with EAP-TLS and set oscp checking.

Comment 1 John Dennis 2013-11-01 18:31:17 UTC
Upstream commit id 30d5e93746fb22b781be2ea72ec3a3146d4c0821 fixes this (courtesy of Maja Gorecka-Wolniewicz). The commit was first introduced into freeradius version 2.2.0, hence freeradius-2.0.0 contains the fix.

Comment 2 John Dennis 2013-11-01 20:43:44 UTC
This Bugzilla has been reviewed by Red Hat and is not planned on being
addressed in Red Hat Enterprise Linux 5, and therefore will be closed.
If this bug is critical to production systems, please contact your Red
Hat support representative and provide sufficient business
justification.


Note You need to log in before you can comment on or make changes to this bug.