From owner-freebsd-bugs@FreeBSD.ORG  Sat Sep  8 02:40:10 2012
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8B7D1106564A
	for <freebsd-bugs@hub.freebsd.org>;
	Sat,  8 Sep 2012 02:40:10 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 75C3F8FC08
	for <freebsd-bugs@hub.freebsd.org>;
	Sat,  8 Sep 2012 02:40:10 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q882eAJ0055525
	for <freebsd-bugs@freefall.freebsd.org>; Sat, 8 Sep 2012 02:40:10 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q882eAgt055511;
	Sat, 8 Sep 2012 02:40:10 GMT (envelope-from gnats)
Date: Sat, 8 Sep 2012 02:40:10 GMT
Message-Id: <201209080240.q882eAgt055511@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Mark Johnston <markjdb@gmail.com>
Cc: 
Subject: Re: bin/171402: fetch(1): Authentication error or Segmentation fault
 on HTTPS:// URLs
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Mark Johnston <markjdb@gmail.com>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Sep 2012 02:40:10 -0000

The following reply was made to PR bin/171402; it has been noted by GNATS.

From: Mark Johnston <markjdb@gmail.com>
To: bug-followup@FreeBSD.org, ohartman@zedat.fu-berlin.de
Cc:  
Subject: Re: bin/171402: fetch(1): Authentication error or Segmentation fault
 on HTTPS:// URLs
Date: Fri, 7 Sep 2012 22:33:54 -0400

 This is interesting. I was confused when this issue was reported on
 freebsd-current yesterday, as I couldn't reproduce it - fetch(1)ing
 https://launchdpad.net works fine for me on -CURRENT. Moreover, no
 errors from libssl were getting printed: libfetch is supposed to print
 them when one of the calls in fetch_ssl() fails.
 
 I also don't see the segfault, but I do get an authentication error with
 fetch(1) for the sourceforge page, which I suppose is to be expected.
 So I think it would be good to add a flag to libfetch which tells
 openSSL to bypass certificate verification - it would just need to call
 
 SSL_set_verify(ctx, SSL_VERIFY_NONE, NULL);
 
 at the appropriate spot.
 
 Then I saw "CLANG built" above. I tried rebuilding fetch(1)'s libraries
 using clang and eventually narrowed it down to libmd: if it's built with
 clang, I get an authentication error for lanchpad.net, and a segfault
 with lists.sourceforge.net. Haven't looked into what's actually going on
 though.
 
 -Mark