[Pkg-openssl-devel] Bug#843682: openssl: 'openssl dsaparam 2048 -out file' hangs, trying to read from stdin

Kurt Roeckx kurt at roeckx.be
Tue Nov 8 22:53:44 UTC 2016


reassign 843682 sendmail
thanks

On Tue, Nov 08, 2016 at 11:01:57PM +0100, Andreas Beckmann wrote:
> On 2016-11-08 22:17, Kurt Roeckx wrote:
> >>   openssl dsaparam 2048 -out file
> > 
> > The 2048 should be the last parameter, like it has always been
> > documented. It's now trying to read DSA parameters from stdin,
> > instead of generating them.
> 
> Thanks. That script is probably a decade old ...
> 
> This is a quick grep of all obvious openssl invocations in the sendmail package.
> Are there more "wrong" ones?
> 
> I especially like 
>   openssl dhparam -dsaparam -in $FILE >> $FILE
> :-)
> (which is probably correct as long as openssl consumes the input before generating any output)
> 
> ./debian/local/update_tls.in:                           LINK="$CERT_DIR/"$(openssl x509 -noout -hash < $MTA_CRT)".0";
> ./debian/local/update_tls.in:                           LINK="$CERT_DIR/"$(openssl x509 -noout -hash < $MSP_CRT)".0";
> ./debian/local/update_tls.in:                           openssl dsaparam 2048 -out $COM_PRM;

So I guess that was the one you reported. The rest look fine at
first look.

> Feel free to reassign the bug to sendmail.

Doing so.


Kurt



More information about the Pkg-openssl-devel mailing list