upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-01-05 14:42:10 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#5070 again, use [-]0x123456789abcdef for big int serial numbers

Browse source
This commit is contained in:
Howard Chu 2007-09-29 09:50:54 +00:00
parent 6db8d0d1b5
commit 37e295f269
1 changed files with 20 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
servers/slapd/schema_init.c
View file

@ -3383,7 +3383,7 @@ certificateExactNormalize(
* than sizeof(ber_int_t) */
tag = ber_peek_tag( ber, &len ); /* serial */
/* Just spit out colon-separated hex octets, like OpenSSL does.
/* Use hex format. [-]0x123456789abcdef
* Don't try to make special cases for multi-precision math
* support here, normalized values need to be canonical and
* consistent from machine to machine.
@ -3391,25 +3391,37 @@ certificateExactNormalize(
if ( len > sizeof(ber_int_t) ) {
unsigned char *ptr;
char *sptr;
char sign = 0;
tag = ber_skip_tag( ber, &len );
ptr = (unsigned char *)ber->ber_ptr;
ber_skip_data( ber, len );
while ( ptr[0] == '\0' && len > 0 ) {
/* Check for minimal encodings */
if ( ptr[0] & 0x80 ) {
if (( ptr[0] == 0xff ) && ( ptr[1] & 0x80 ))
return LDAP_INVALID_SYNTAX;
sign = -1;
} else if ( ptr[0] == 0 ) {
if (!( ptr[1] & 0x80 ))
return LDAP_INVALID_SYNTAX;
ptr++;
len--;
}
seriallen = len * 3;
seriallen = len * 2 + 3; /* leading 0x, NUL */
if ( sign )
seriallen++;
if ( seriallen > sizeof( serialbuf ))
serial = slap_sl_malloc( seriallen, ctx );
sptr = serial;
sprintf( sptr, "%02x", ptr[0] );
sptr += 2;
for ( i = 1; i<len; i++ ) {
sprintf( sptr, ":%02x", ptr[i] );
sptr += 3;
if ( sign )
*sptr++ = '-';
*sptr++ = '0';
*sptr++ = 'x';
for ( i = 0; i<len; i++ ) {
sprintf( sptr, "%02x", sign ? 256 - ptr[i] : ptr[i] );
sptr += 2;
}
seriallen--;