[Pkg-openssl-devel] Bug#670581: Bug#670581: openssl: ntpd segfaults with error 4 in libcrypto.so.0.9.8 on Debian squeeze
Andris Kalnozols
andris at hpl.hp.com
Tue May 1 16:52:06 UTC 2012
On 4/30/2012 11:54 PM, Andris Kalnozols wrote:
> However, I can't find where the ntpd program ever calls ssl_init()
> or the INIT_SSL() macro. So I'm betting that this problem will go
> away once I find the proper place to call this important routine.
I took a look at the latest development code base (ntp-dev-4.2.7p275)
from ntp.org and it appears that the missing SSL initialization call
is now present. Backporting the fix to the proper location gives this
for the version of NTP (4.2.6p2) for Debian squeeze:
> --- ntpd.c.orig 2012-04-22 00:33:29.000000000 -0700
> +++ ntpd.c 2012-05-01 00:04:55.770602014 -0700
> @@ -836,10 +836,11 @@
> /*
> * Call the init_ routines to initialize the data structures.
> *
> * Exactly what command-line options are we expecting here?
> */
> + INIT_SSL();
> init_auth();
> init_util();
> init_restrict();
> init_mon();
> init_timer();
This does indeed fix the problem.
My apologies for the false bug report but with your help I was able
to dig deeper into the OpenSSL internals that I could have otherwise.
I will notify the Debian maintainers for NTP of this important patch.
Best regards,
Andris
More information about the Pkg-openssl-devel
mailing list