Open multiflexi opened 2 weeks ago
Hi @multiflexi , thanks for reporting. Smells like a DNS thing we had before.
--phone-out
?Yes, only with --phone-out. strace.txt
Ok, thanks! I meant just the command which segfaulted. I'll guess I'll find the segfault in the hay stack later ;-)
The error is:
testssl.sh/testssl.sh: line 2031: 3055367 Segmentation fault $OPENSSL ocsp -no_nonce ${host_header} -url "$uri" -issuer $TEMPDIR/hostcert_issuer.pem -verify_other $TEMPDIR/intermediatecerts.pem -CAfile <(cat $ADDTL_CA_FILES "$GOOD_CA_BUNDLE") -cert $HOSTCERT -text &> "$tmpfile"
This happens with --phone-out with supplied openssl (the bad version), but when the openssl is compiled from the source, the error does not occur. Also it does not occur with the system provided openssl.
Using the latest 3.2 version Tested distros: Fedora 40, Ubuntu 22.04 and Slackware 15