[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5021) test021-certificate fails on HP-UX

Bug in OpenSSL 0.9.7d - unless it's with how OpenLDAP uses it, I don't

The offending operation (on Jennifer Smith) adds one certificate and
deletes the old one.  However the added and the old certificate compare
equal because certificateExactNormalize() produces the same string for
  0$email=ca@example.com,cn=example ca,
    o=openldap example\2C ltd.,st=california,c=us

That's because i2s_ASN1_INTEGER(0, sn ) in certificateExactNormalize()
returns serial number "0".  The inputs to that function are
  (gdb) p *sn
  $6 = {length = 1, type = 2, data = 0x402e5278 "\003", flags = 0}
  (gdb) p *sn
  $8 = {length = 1, type = 2, data = 0x402e5cf0 "\001xample.@\036", flags = 0}
Those *sn values are the same as on a successful run on Linux, except
the 2nd data[1...] (the xample... string) which I presume does not
matter when length=1.

The input certificates ('val' arg to certificateExactNormalize()) are