-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
rhel-9.1.0
-
None
-
Low
-
rhel-sst-cs-stacks
-
ssg_core_services
-
None
-
False
-
-
None
-
None
-
None
-
None
-
If docs needed, set a value
-
-
x86_64
-
None
Description of problem:
Enabling the legacy provider in openssl.cnf makes "squid -k parse" die with a SEGV.
Version-Release number of selected component (if applicable):
openssl-libs-3.0.1-43.el9_0.x86_64
squid-5.5-3.el9_1.x86_64
How reproducible: always (I think)
Reproduced in a fresh minimal install of RHEL 9.1/x64 in Virtualbox 7 but it was first noticed in a VM hosted by VMware vSphere 7.
Steps to Reproduce:
1. Enable (uncomment) the legacy provider in /etc/pki/tls/openssl.cnf
[provider_sect]
default = default_sect
legacy = legacy_sect
##
[default_sect]
activate = 1
[legacy_sect]
activate = 1
2. Try to parse squid config:
squid -k parse -f /etc/squid/squid.conf.default
Actual results:
...
2022/12/22 18:04:29| Initializing https:// proxy context
2022/12/22 18:04:29| Requiring client certificates.
Segmentation fault (core dumped)
Expected results:
No SEGV by squid -k parse
Additional info:
The actual squid config does not matter.
Also throws a SEGV with an empty squid.conf.
