| Anonymous | Login | Signup for a new account | 2013-05-24 18:29 UTC |  |
| Main | My View | View Issues |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0000139 | uhub | Unspecified | public | 2010-06-30 00:56 | 2010-07-07 18:56 | ||||
| Reporter | aiko | ||||||||
| Assigned To | janvidar | ||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||
| Status | resolved | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Summary | 0000139: Unable to use TLS | ||||||||
| Description | I have 2 issues with TLS 1) Segmentation fault when using telnet 2) Error while loading certificate | ||||||||
| Additional Information | Software: uhub-0.3.2 OS: Gentoo/AMD64 Installation: make USE_SSL=YES 1) Connecting with telnet and enter some random stuff results in segmentation fault. 2) I added the folling to the default configuration: tls_private_key="/etc/uhub/certificate.pem" tls_certificate="/etc/uhub/certificate.pem" tls_enable=yes tls_require=yes I used the script create_certificate.sh shipped in the tools directory and I tried my own certificate created by tinyca2. I always get: FATAL: SSL_CTX_check_private_key: Private key does not match the certificate public key: error:02001002:system library:fopen:No such file or directory The HUB seems to work while not using TLS. | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files |  ssl-error-handling.patch [^] (1,111 bytes) 2010-07-02 17:07 [Show Content]
| ||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0000437) janvidar (administrator) 2010-06-30 19:14 |
Ensure that the certificate is indeed installed in /etc/uhub/certificated.pem. |
|
(0000440) aiko (reporter) 2010-07-01 13:40 |
Reproduced issue 1) on my Debian/Testing system. $ tar -xvjf uhub-0.3.2-src.tar.bz2 $ cd uhub-0.3.2 $ make USE_SSL=YES $ su $ make install $ uhub 2nd terminal: $ telnet localhost 1511 > asdf Result at terminal 1) > 2010-07-01 13:33:38 INFO: Starting uhub/0.3.2, listening on :::1511... > Segmentation fault |
|
(0000441) aiko (reporter) 2010-07-02 17:19 |
I figured it out. At http://www.uhub.org/config_ssl.php, [^] it is said, that I have to use: tls_private_key="/etc/uhub/certificate.pem" tls_certificate="/etc/uhub/certificate.pem" That does not work, because the config loader does not strip the '"'. Removing the '"' from my configuration makes it work. After successfully loading the certificate the segmentation fault does not happen anymore too. I also attached a small patch. SSL_CTX_use_certificate_file and SSL_CTX_use_PrivateKey_file may return '0' in case of an error. With this patch, uhub stops earlier. I thought that the certificates have been loaded successfully before. May you remove the '"' from the example at http://www.uhub.org/config_ssl.php [^] ? Aiko |
|
(0000442) janvidar (administrator) 2010-07-04 16:21 |
OK, thanks for your analyzis. I'll leave the bug open until the documentation is updated. |
|
(0000443) janvidar (administrator) 2010-07-07 18:23 |
Will also fix the bug in the code. |
|
(0000444) janvidar (administrator) 2010-07-07 18:27 |
Actually I cannot reproduce this with 0.3.2. |
|
(0000445) janvidar (administrator) 2010-07-07 18:29 |
Ah nevermind, forgot to enable SSL :) |
|
(0000446) janvidar (administrator) 2010-07-07 18:56 |
Fixed code on the 0.3.x-stable branch. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2010-06-30 00:56 | aiko | New Issue | |
| 2010-06-30 19:14 | janvidar | Note Added: 0000437 | |
| 2010-06-30 19:22 | janvidar | Status | new => resolved |
| 2010-06-30 19:22 | janvidar | Resolution | open => unable to reproduce |
| 2010-06-30 19:22 | janvidar | Assigned To | => janvidar |
| 2010-07-01 13:40 | aiko | Note Added: 0000440 | |
| 2010-07-01 13:40 | aiko | Status | resolved => feedback |
| 2010-07-01 13:40 | aiko | Resolution | unable to reproduce => reopened |
| 2010-07-02 17:07 | aiko | File Added: ssl-error-handling.patch | |
| 2010-07-02 17:19 | aiko | Note Added: 0000441 | |
| 2010-07-04 16:21 | janvidar | Note Added: 0000442 | |
| 2010-07-07 18:23 | janvidar | Note Added: 0000443 | |
| 2010-07-07 18:23 | janvidar | Status | feedback => assigned |
| 2010-07-07 18:27 | janvidar | Note Added: 0000444 | |
| 2010-07-07 18:29 | janvidar | Note Added: 0000445 | |
| 2010-07-07 18:56 | janvidar | Note Added: 0000446 | |
| 2010-07-07 18:56 | janvidar | Status | assigned => resolved |
| 2010-07-07 18:56 | janvidar | Resolution | reopened => fixed |
| 2013-04-15 12:32 | janvidar | Category | => Unspecified |
|
Issue History |
| Copyright © 2000 - 2013 MantisBT Team |
|