Page MenuHome GnuPG

dirmngr crashes when OCSP reply contains only a byKey responderID
Closed, ResolvedPublic

Description

After enabling OCSP validity checks, dirmngr keeps crashing as soon as he hits
a certificate issued by Quo Vadis CA. The OCSP
responder at http://ocsp.quovadisglobal.com returns responses without a
responder name (the responderID field contains only a key ID).

This was reported in the Fedora bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=658230

The following patch fixes the crash however it does not make the dirmngr to
properly parse the OCSP reply so the certificate verification still fails.

  • dirmngr-1.1.0.orig/src/certcache.c 2010-03-12 13:11:27.000000000 +0100

+++ dirmngr-1.1.0.orig/src/certcache.c 2010-11-29 19:03:11.200685392 +0100
@@ -1146,7 +1146,7 @@

for (i=0; i < 256; i++)
  for (ci=cert_cache[i]; ci; ci = ci->next)
    if (ci->cert && ci->subject_dn
  • && !strcmp (ci->subject_dn, subject_dn))

+ && (!subject_dn || !strcmp (ci->subject_dn, subject_dn)))

for (cr=ctrl->ocsp_certs; cr; cr = cr->next)
  if (!memcmp (ci->fpr, cr->fpr, 20))
    {

Details

Version
1.1.0

Event Timeline

t8m added projects: dirmngr, Bug Report.
t8m added a subscriber: t8m.
werner claimed this task.

Thanks. I solved it slighly different by skipping the cache check completely.
Fix is in gnupg 1.5 because dirmngr is now a part of gnupt, proper.