diff options
| author | Mingli Yu <mingli.yu@windriver.com> | 2020-08-05 15:45:50 +0800 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2020-08-05 10:02:11 -0700 |
| commit | 52f5141109fae5f49c5a7334e9ded2b028e16cf6 (patch) | |
| tree | 03dc451b9536fcf030ee79723d979147875641cf /meta-python/recipes-devtools/python/python-pygpgme/0003-handle-generic-error-when-no-passphrase-callback-pre.patch | |
| parent | 532038dfbce07ccc141dccde891e1040005c7eb0 (diff) | |
| download | meta-openembedded-52f5141109fae5f49c5a7334e9ded2b028e16cf6.tar.gz | |
freeradius: fix the occasional verification failure
Fixes:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
chmod g+r ca.key
openssl pkcs12 -in server.p12 -out server.pem -passin pass:'whatever' -passout pass:'whatever'
chmod g+r server.pem
C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
error 7 at 0 depth lookup: certificate signature failure
140066667427072:error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus:../openssl-1.1.1g/crypto/rsa/rsa_ossl.c:553:
140066667427072:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:../openssl-1.1.1g/crypto/asn1/a_verify.c:170:
error server.pem: verification failed
make: *** [Makefile:107: server.vrfy] Error 2
It seems the ca.pem mismatchs server.pem which results in failing to
execute "openssl verify -CAfile ca.pem server.pem", so add the logic
to check the file to avoid inconsistency.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python-pygpgme/0003-handle-generic-error-when-no-passphrase-callback-pre.patch')
0 files changed, 0 insertions, 0 deletions