X-Recipient: archive-cygwin@delorie.com
X-Spam-Check-By: sourceware.org
X-Mailer: 21.4 (patch 21) "Educational Television" XEmacs Lucid (via feedmail 10 I)
To: cygwin@cygwin.com
Subject: Re: openssl errors creating password for certificate authority (CA 	Request)
References: <365885.40190.qm@web81101.mail.mud.yahoo.com> 	<20080827085804.GT29104@calimero.vinschen.de>
From: "Dr. Volker Zell" <dr.volker.zell@oracle.com>
Date: Thu, 28 Aug 2008 16:00:16 +0200
In-Reply-To: <20080827085804.GT29104@calimero.vinschen.de> (Corinna Vinschen's message of "Wed, 	27 Aug 2008 10:58:04 +0200")
Message-ID: <7z7ia19r4f.fsf@vzell-de.de.oracle.com>
User-Agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.4.21 (cygwin32)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-IsSubscribed: yes
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie.com@cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

>>>>> Corinna Vinschen writes:

    > On Aug 27 00:33, Auteria W. Winzer Jr. wrote:
    >> I opt to use a challenge password for sending a CA request. When I incorporate the challenge password I get the following error:
    >> 
    >> Please enter the following 'extra' attributes
    >> to be sent with your certificate request
    >> A challenge password []:1234567890
    >> Error adding attribute
    >> 1896:error:0D0BA041:asn1 encoding routines:ASN1_STRING_set:malloc failure:asn1_lib.c:381:
    >> 1896:error:0B08A041:x509 certificate routines:X509_ATTRIBUTE_set1_data:malloc failure:x509_att.c:317:
    >> problems making Certificate Request
    >> 
    >> If I don't use the challenge password attribute everything works fine.
    >> 
    >> Is it recommended to use a challenge password for CA requests? Your valuable imput is grately appreciated.

    > It's hard to tell anything without a self-contained example which allows
    > to reproduce this.  There's a malloc failure, for whatever reason.

    >> $ cygcheck -c cygwin
    >> Cygwin Package Information
    >> Package              Version        Status
    >> cygwin               1.5.25-15      OK

    > openssl version?

FWIW, I'm in the process of updating neon to the latest version and see the same error in the latest neon test suite with
openssl-0.9.8h (the latest):

  Write out database with 1 new entries
  Data Base Updated
  + MKPKCS12='/usr/bin/openssl pkcs12 -export -passout stdin -in client.cert -inkey client.key'
  + echo foobar
  + /usr/bin/openssl pkcs12 -export -passout stdin -in client.cert -inkey client.key -name 'Just A Neon Client Cert' -out client.p12
  4212:error:0D0BA041:asn1 encoding routines:ASN1_STRING_set:malloc failure:asn1_lib.c:381:
  4212:error:0B08A041:x509 certificate routines:X509_ATTRIBUTE_set1_data:malloc failure:x509_att.c:317:

The test suite worked fine with the previous version of neon (the
current in cygwin 1.5) and openssl-0.9.8g (current at that time).
    
    > Corinna

Ciao
  Volker
  

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/