drwetter
commented
1 week ago Hi @multiflexi , thanks for reporting. Smells like a DNS thing we had before.
- does it only happen using
--phone-out? - would you mind to strace that?
Open multiflexi opened 2 weeks ago
drwetter
commented
1 week ago Hi @multiflexi , thanks for reporting. Smells like a DNS thing we had before.
--phone-out?
multiflexi
commented
6 days ago Yes, only with --phone-out. strace.txt
drwetter
commented
5 days ago Ok, thanks! I meant just the command which segfaulted. I'll guess I'll find the segfault in the hay stack later ;-)
The error is:
testssl.sh/testssl.sh: line 2031: 3055367 Segmentation fault $OPENSSL ocsp -no_nonce ${host_header} -url "$uri" -issuer $TEMPDIR/hostcert_issuer.pem -verify_other $TEMPDIR/intermediatecerts.pem -CAfile <(cat $ADDTL_CA_FILES "$GOOD_CA_BUNDLE") -cert $HOSTCERT -text &> "$tmpfile"This happens with --phone-out with supplied openssl (the bad version), but when the openssl is compiled from the source, the error does not occur. Also it does not occur with the system provided openssl.
Using the latest 3.2 version Tested distros: Fedora 40, Ubuntu 22.04 and Slackware 15