diff options
author | Mingli Yu <mingli.yu@windriver.com> | 2020-08-05 15:45:50 +0800 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2020-08-23 11:13:58 -0700 |
commit | 5aa6849a907c1827df256773dc8c0c739dfa183c (patch) | |
tree | 861c8f6110f414d4efd8c135cc4a6b09f5c29133 /meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb | |
parent | 57b629543eb22242180c67f48f653b5b0abbd717 (diff) | |
download | meta-openembedded-contrib-5aa6849a907c1827df256773dc8c0c739dfa183c.tar.gz |
freeradius: fix the occasional verification failure
Fixes:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
chmod g+r ca.key
openssl pkcs12 -in server.p12 -out server.pem -passin pass:'whatever' -passout pass:'whatever'
chmod g+r server.pem
C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
error 7 at 0 depth lookup: certificate signature failure
140066667427072:error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus:../openssl-1.1.1g/crypto/rsa/rsa_ossl.c:553:
140066667427072:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:../openssl-1.1.1g/crypto/asn1/a_verify.c:170:
error server.pem: verification failed
make: *** [Makefile:107: server.vrfy] Error 2
It seems the ca.pem mismatchs server.pem which results in failing to
execute "openssl verify -CAfile ca.pem server.pem", so add the logic
to check the file to avoid inconsistency.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 52f5141109fae5f49c5a7334e9ded2b028e16cf6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb')
0 files changed, 0 insertions, 0 deletions