Commit fd4dfa08 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#6466

parent c410ce63
......@@ -2,6 +2,7 @@ OpenLDAP 2.4 Change Log
OpenLDAP 2.4.22 Engineering
Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements (ITS#6435)
Fixed slapd certificateListValidate (ITS#6466)
Fixed slapd REP_ENTRY flag handling (ITS#5340)
Fixed slapd sasl auxprop_lookup (ITS#6441)
Fixed slapo-collect REP_ENTRY flag handling (ITS#5340,ITS#6423)
......
......@@ -326,9 +326,12 @@ certificateListValidate( Syntax *syntax, struct berval *in )
/* revokedCertificates - Sequence of Sequence, Optional */
if ( tag == LBER_SEQUENCE ) {
ber_len_t seqlen;
if ( ber_peek_tag( ber, &seqlen ) == LBER_SEQUENCE ) {
/* Should NOT be empty */
ber_skip_data( ber, len );
ber_tag_t stag;
stag = ber_peek_tag( ber, &seqlen );
if ( stag == LBER_SEQUENCE || !len ) {
/* RFC5280 requires non-empty, but X.509(2005) allows empty. */
if ( len )
ber_skip_data( ber, len );
tag = ber_skip_tag( ber, &len );
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment