Reading request subject returns something which doesn't work as an X509_NAME..

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Reading request subject returns something which doesn't work as an X509_NAME..

Katie Lucas



I'm reading in a request, I can read various bits and bobs out of it,
including a key which then verifies the request. That's all fine.

When I read the requests subject, I get a non-null pointer. Which
crashes any of the X509 name functions I pass it to..

  // normal openssl startup

  FILE *fp = fopen("cl.req","r");
  if (!fp) return 0;
  X509_REQ *req = PEM_read_X509_REQ (fp, NULL, NULL, NULL);
  fclose (fp);

  // this is all fine

  if (!req) { cout << "Can't read req"<<endl;  exit(2); }
  X509_NAME *sname = X509_REQ_get_subject_name(req);
  if (!sname) { cout << "Can't read subject name"<<endl;  exit(2); }
  cout << "subjectname:" << endl;

  X509_NAME_print_ex_fp(stdout,sname,0,0);

  // segmentation fault inside this.


The request file is fine, and "openssl req -text" prints it out
perfectly legibly and "openssl ca" can sign it into a working
certificate.

However trying to parse or print the subject or set it into a
certificate structure causes a segv. Even a call to
"X509_NAME_entry_count" causes a segv.

I can't see any real differences between what I'm doing and what
apps/ca.c or apps/req.c do or with what the example on signing
certificates in NSwO does.

Is there something else I need to do to the X509 name system on
startup to prepare it for working or something? (Which would seem odd,
because I can read OTHER fields)

The request prints out as

Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=UK, O=KLL HttpClient, CN=HttpClient
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (512 bit)
                Modulus (512 bit):

Which looks simple enough.

Cheers for any help.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Reading request subject returns something which doesn't work as an X509_NAME..

Katie Lucas
On Wed, Nov 09, 2005 at 03:27:18PM +0000, Katie Lucas wrote:
> When I read the requests subject, I get a non-null pointer. Which
> crashes any of the X509 name functions I pass it to..

*sigh*

Ok, we have found this. Apparently, we have multiple versions of
openssl in various places on this machine. Headers from 0.9.6 don't
play nicely with libraries from 0.9.8

I thought this was a wierd one.

Now I just have to work out how to safely upgrade it on the rather
elderly version of RedHat that's running...



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]