[Help-gnutls] Bug in certtool

Fabian Fagerholm fabbe at paniq.net
Tue Nov 9 13:48:21 CET 2004


I found that certtool crashes when I generate a certificate with a CRL
distribution point URI. When I invoke certtool like this:

certtool --generate-self-signed --load-privkey ca-key.pem --outfile
ca-cert.pem --bits 4096

The program crashes at this point:

Enter the URI of the CRL distribution point: http://www.example.org/example.crl
Segmentation fault

A gdb backtrace shows the following:

#0  0x4007a934 in asn1_write_value () from /tmp/lib/libgnutls.so.12
#1  0x4005d8e1 in _gnutls_x509_ext_gen_crl_dist_points ()
   from /tmp/lib/libgnutls.so.12
#2  0x400723fe in gnutls_x509_crt_set_crl_dist_points ()
   from /tmp/lib/libgnutls.so.12
#3  0x0804db65 in generate_self_signed ()
#4  0x0804e000 in gaa_parser ()
#5  0x0804d32d in main ()

I got certtool from
http://josefsson.org/daily/gnutls/gnutls-20041109.tar.gz and compiled it
and installed it in /tmp just to test. The same error was present in the
latest Debian-packaged version, which is based on gnutls 1.0.16.

Has anyone else experienced this?

Fabian Fagerholm <fabbe at paniq.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20041109/cbd8c2bd/attachment.pgp>

More information about the Gnutls-help mailing list