[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5151) certificateListValidate rejects valid lists

To: openldap-its@OpenLDAP.org
Subject: (ITS#5151) certificateListValidate rejects valid lists
From: hyc@OpenLDAP.org
Date: Mon, 24 Sep 2007 05:56:42 GMT

Full_Name: Howard Chu
Version: HEAD/re24
OS: 
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (76.168.84.21)
Submitted by: hyc


I ran into a couple problems; the check for timestamps doesn't take into account
that Time is a CHOICE of UTCTime and GeneralizedTime. Also the check for the
revocation list doesn't verify that it's a SEQUENCE OF SEQUENCE, so it
mistakenly skips over closing signatureAlgorithm if the revocation list is
absent. Will be fixed in HEAD shortly.

Prev by Date: Re: (ITS#5070) Issues in X.509 certificate parsing
Next by Date: Re: (ITS#5142) and (ITS#5143) Why I think these bugs are important to have fixed.
Index(es):
- Chronological
- Thread