[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6460) SASL EXTERNAL fails with long certificate serial numbers

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6460) SASL EXTERNAL fails with long certificate serial numbers
From: masarati@aero.polimi.it
Date: Sun, 24 Jan 2010 18:14:31 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

> * masarati@aero.polimi.it [2010-01-24 16:01:23 +0100]:
>> Funny enough, the same thing is dealt with correctly in certificate
>> validation/normalization in slapd/schema_init.c
>
> That was a result of ITS#5070 (which you filed).

right :)

> Maybe there is an
> opportunity for refactoring, but I wouldn't be a good judge of that.

I don't quite bother about refactoring to minimize code duplication. 
Rather, I think the libldap function x509_cert_get_dn() should first
validate the certificate, much like slapd's certificateValidate() does.

I'm applying the fix, please test.

p.

Prev by Date: Re: (ITS#6460) SASL EXTERNAL fails with long certificate serial numbers
Next by Date: Re: (ITS#6460) SASL EXTERNAL fails with long certificate serial numbers
Index(es):
- Chronological
- Thread