[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6703) Patch - Mozilla NSS - reject non-file key and cert files

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6703) Patch - Mozilla NSS - reject non-file key and cert files
From: hyc@symas.com
Date: Mon, 15 Nov 2010 19:40:16 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

rmeggins@redhat.com wrote:
> Full_Name: Rich Megginson
> Version: 2.4.23 (current CVS HEAD)
> OS: RHEL5
> URL: ftp://ftp.openldap.org/incoming/openldap-2.4.23-reject_non_file_key_cert_pem_files-20101111.patch
> Submission from: (NULL) (76.113.111.209)
>
>
> If you specify a directory instead of a file to TLS_CACERT, or if one of the
> items in the TLS_CACERTDIR is a directory, the NSS PEM reader will crash.  This
> patch rejects any item which looks like a directory.

It sounds like this is a bug that ought to be patched in the NSS PEM reader 
instead, no?

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: (ITS#6710) Mods already refreshed on a forwarding server is lost by its consumer
Next by Date: Re: (ITS#6703) Patch - Mozilla NSS - reject non-file key and cert files
Index(es):
- Chronological
- Thread