Bugzilla – Bug 5806
tl-crltool can fail to parse CRL list
Last modified: 2016-11-17 14:31:43
You need to
before you can comment on or make changes to this bug.
We introduced a bug in r22192 that can make tl-crltool error out with "ERROR:
Could not get revocation list size (error code -22)". It depends on the stack
contents if the function will fail or not.
The problem is that we forgot to remove a check for the "count" variable when
it was removed as a parameter.
To test, download a few CRL:s and run the tl-crltool --list on them. You can
find CRL URIs in most certificates.
Verified using thinlinc build 5045:
curl http://crl3.digicert.com/sha2-ha-server-g5.crl |
Works as expected, verified that same crl failed using tl-crltool from 4.5.0.