Full_Name: Quanah Gibson-Mount Version: 2.4.17 OS: NA URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.111.29.239) GnuTLS fails to parse certain subjectAltNames and returns spurious SHORT_BUFFER error. We passed in a buffer size of 1025, and it's internally overwriting it with a size of only 31 and then complaining that 31 is too small
quanah@zimbra.com wrote: > Full_Name: Quanah Gibson-Mount > Version: 2.4.17 > OS: NA > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (75.111.29.239) > > > GnuTLS fails to parse certain subjectAltNames and returns spurious SHORT_BUFFER > error. > > We passed in a buffer size of 1025, and it's internally overwriting it with a > size of only 31 and then complaining that 31 is too small > The bug was reported against Ubuntu jaunty originally, and still exists in current GnuTLS git. So it appears to affect at least 2.4.2-present. The fix is trivial and is attached below. I will also submit this to the GnuTLS bug tracker. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
hyc@symas.com wrote: > The bug was reported against Ubuntu jaunty originally, and still exists in > current GnuTLS git. So it appears to affect at least 2.4.2-present. The fix is > trivial and is attached below. I will also submit this to the GnuTLS bug tracker. This is https://savannah.gnu.org/support/index.php?106975 -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Open to Feedback
Howard Chu wrote: > hyc@symas.com wrote: >> The bug was reported against Ubuntu jaunty originally, and still exists in >> current GnuTLS git. So it appears to affect at least 2.4.2-present. The fix is >> trivial and is attached below. I will also submit this to the GnuTLS bug tracker. > > This is https://savannah.gnu.org/support/index.php?106975 > It looks like the fix for this was released in GnuTLS 2.9.4. Closing this ITS. (Current release is 2.9.6) -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Feedback to Closed
GnuTLS bug, fixed in 2.8.4 and 2.9.4