[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Q: status of component matching?

Hi all!
I would like to post further information on this theme which is of essential interest to us.

After preventing slapd to dump a core file (by preventing memory freeing) we could not perform a component match filter search, and in the meanwhile we debugged slapd to see why a component match filter search fails.

The result is that the signature algorithm of our certificate (sha256WithRSA) cannot be parsed by the code contained in “contrib/slapd-modules/comp_match/certificate.c”. The function BDecAlgorithmIdentifier fails in line 198 because the value of totalElmtsLen1 is 11 and the value of elmtLen0 is 13 while parsing the OID 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 and obviously not handling the trailing Null parameter of the AlgorithmIdentifier.

Can anybody suggest a solution for this problem?