[Date Prev][Date Next]
Re: memory leaks
Julio Sánchez Fernández wrote:
> El mié, 05-12-2001 a las 10:31, Pierangelo Masarati escribió:
> > I see from openssl headers that the X509_NAME basically is a
> > stack of X509_NAME_ENTRY, each of which on turn is made of a
> > ASN1_OBJECT (the attr, I suppose) and a ASN1_STRING (the value).
> The value may be in any string syntax, i.e. printableString,
> teletexString, bmpString, universalString, utf8String.
In fact, one big drawback of directly accessing X509_NAME structure
is that we need to interpret all of its fields; we have to weigh it
in comparison to asking openssl routines for strings we do not want
to trust (as I got from your original posting, at least).
> > If you can access the attrs and the values, all you need to do is
> > for each rdn
> > for each ava
> > ava = ldapava_new(attr, value)
> > ldapava_append_to_rdn(rdn, ava)
> > end
> > ldapava_append_to_dn(dn, rdn)
> > end
> IIRC, each entry in the stack has a level identifier. Al AVAs in the
> same RDN share the same level. A level change always marks the beginning
> of a new RDN.
AVA sorting inside a RDN is part of normalization; of course
the LDAPDN structure we'd generate by interpreting the X509_NAME
still needs to pass normalization before being converted into
a string representation.
Dr. Pierangelo Masarati | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale | fax: +39 02 2399 8334
Politecnico di Milano |
via La Masa 34, 20156 Milano, Italy |