Commit b027e3e7 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

Fix certificateListValidate parsing of CRL extensions

Fix attributeCertificateValidate
parent c36ee0c3
......@@ -319,10 +319,11 @@ certificateListValidate( Syntax *syntax, struct berval *in )
tag = ber_skip_tag( ber, &len );
}
}
/* Optional Extensions */
/* Optional Extensions - Sequence of Sequence */
if ( tag == SLAP_X509_OPT_CL_CRLEXTENSIONS ) { /* ? */
ber_len_t seqlen;
if ( version != SLAP_X509_V2 ) return LDAP_INVALID_SYNTAX;
tag = ber_skip_tag( ber, &len );
tag = ber_peek_tag( ber, &seqlen );
if ( tag != LBER_SEQUENCE ) return LDAP_INVALID_SYNTAX;
ber_skip_data( ber, len );
tag = ber_skip_tag( ber, &len );
......@@ -388,7 +389,7 @@ attributeCertificateValidate( Syntax *syntax, struct berval *in )
if ( tag != LBER_SEQUENCE ) return LDAP_INVALID_SYNTAX;
ber_skip_data( ber, len );
ber_peek_tag( ber, &len );
tag = ber_peek_tag( ber, &len );
if ( tag == LBER_BITSTRING ) { /* issuerUniqueID */
tag = ber_skip_tag( ber, &len );
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment