/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
/* revokedCertificates - Sequence of Sequence, Optional */
if ( tag == LBER_SEQUENCE ) {
ber_len_t seqlen;
- if ( ber_peek_tag( ber, &seqlen ) == LBER_SEQUENCE ) {
- /* Should NOT be empty */
- ber_skip_data( ber, len );
+ ber_tag_t stag;
+ stag = ber_peek_tag( ber, &seqlen );
+ if ( stag == LBER_SEQUENCE || !len ) {
+ /* RFC5280 requires non-empty, but X.509(2005) allows empty. */
+ if ( len )
+ ber_skip_data( ber, len );
tag = ber_skip_tag( ber, &len );
}
}
p = normalized->bv_val;
for ( l = 0; !BER_BVISNULL( &nlines[l] ); l++ ) {
- p = lutil_memcopy( p, nlines[l].bv_val, nlines[l].bv_len );
-
+ p = lutil_strbvcopy( p, &nlines[l] );
*p++ = '$';
}
*--p = '\0';
p = out->bv_val;
p = lutil_strcopy( p, "{ serialNumber " /*}*/ );
- p = lutil_strncopy( p, sn.bv_val, sn.bv_len );
+ p = lutil_strbvcopy( p, &sn );
p = lutil_strcopy( p, ", issuer rdnSequence:\"" );
- p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+ p = lutil_strbvcopy( p, &ni );
p = lutil_strcopy( p, /*{*/ "\" }" );
assert( p == &out->bv_val[out->bv_len] );
p = out->bv_val;
p = lutil_strcopy( p, "{ serialNumber " /*}*/ );
- p = lutil_strncopy( p, sn3.bv_val, sn3.bv_len );
+ p = lutil_strbvcopy( p, &sn3 );
p = lutil_strcopy( p, ", issuer rdnSequence:\"" );
- p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+ p = lutil_strbvcopy( p, &ni );
p = lutil_strcopy( p, /*{*/ "\" }" );
assert( p == &out->bv_val[out->bv_len] );
p = normalized->bv_val;
p = lutil_strcopy( p, "{ serialNumber " /*}*/ );
- p = lutil_strncopy( p, sn2.bv_val, sn2.bv_len );
+ p = lutil_strbvcopy( p, &sn2 );
p = lutil_strcopy( p, ", issuer rdnSequence:\"" );
- p = lutil_strncopy( p, issuer_dn.bv_val, issuer_dn.bv_len );
+ p = lutil_strbvcopy( p, &issuer_dn );
p = lutil_strcopy( p, /*{*/ "\" }" );
rc = LDAP_SUCCESS;
p = out->bv_val;
p = lutil_strcopy( p, "{ issuer rdnSequence:\"" /*}*/ );
- p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+ p = lutil_strbvcopy( p, &ni );
p = lutil_strcopy( p, "\", thisUpdate \"" );
- p = lutil_strncopy( p, tu.bv_val, tu.bv_len );
+ p = lutil_strbvcopy( p, &tu );
p = lutil_strcopy( p, /*{*/ "\" }" );
assert( p == &out->bv_val[out->bv_len] );
p = out->bv_val;
p = lutil_strcopy( p, "{ issuer rdnSequence:\"" /*}*/ );
- p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+ p = lutil_strbvcopy( p, &ni );
p = lutil_strcopy( p, "\", thisUpdate \"" );
- p = lutil_strncopy( p, tu2.bv_val, tu2.bv_len );
+ p = lutil_strbvcopy( p, &tu2 );
p = lutil_strcopy( p, /*{*/ "\" }" );
assert( p == &out->bv_val[out->bv_len] );
p = normalized->bv_val;
p = lutil_strcopy( p, "{ issuer rdnSequence:\"" );
- p = lutil_strncopy( p, issuer_dn.bv_val, issuer_dn.bv_len );
+ p = lutil_strbvcopy( p, &issuer_dn );
p = lutil_strcopy( p, "\", thisUpdate \"" );
- p = lutil_strncopy( p, thisUpdate.bv_val, thisUpdate.bv_len );
+ p = lutil_strbvcopy( p, &thisUpdate );
p = lutil_strcopy( p, /*{*/ "\" }" );
rc = LDAP_SUCCESS;
p = out->bv_val;
p = lutil_strcopy( p, "{ serialNumber " );
- p = lutil_strncopy( p, sn.bv_val, sn.bv_len );
+ p = lutil_strbvcopy( p, &sn );
p = lutil_strcopy( p, ", issuer { baseCertificateID { issuer { directoryName:rdnSequence:\"" );
- p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+ p = lutil_strbvcopy( p, &ni );
p = lutil_strcopy( p, "\" }, serial " );
- p = lutil_strncopy( p, i_sn.bv_val, i_sn.bv_len );
+ p = lutil_strbvcopy( p, &i_sn );
p = lutil_strcopy( p, " } } }" );
assert( p == &out->bv_val[out->bv_len] );
p = out->bv_val;
p = lutil_strcopy( p, "{ serialNumber " );
- p = lutil_strncopy( p, sn3.bv_val, sn3.bv_len );
+ p = lutil_strbvcopy( p, &sn3 );
p = lutil_strcopy( p, ", issuer { baseCertificateID { issuer { directoryName:rdnSequence:\"" );
- p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+ p = lutil_strbvcopy( p, &ni );
p = lutil_strcopy( p, "\" }, serial " );
- p = lutil_strncopy( p, i_sn3.bv_val, i_sn3.bv_len );
+ p = lutil_strbvcopy( p, &i_sn3 );
p = lutil_strcopy( p, " } } }" );
assert( p == &out->bv_val[out->bv_len] );
p = normalized->bv_val;
p = lutil_strcopy( p, "{ serialNumber " );
- p = lutil_strncopy( p, sn2.bv_val, sn2.bv_len );
+ p = lutil_strbvcopy( p, &sn2 );
p = lutil_strcopy( p, ", issuer { baseCertificateID { issuer { directoryName:rdnSequence:\"" );
- p = lutil_strncopy( p, issuer_dn.bv_val, issuer_dn.bv_len );
+ p = lutil_strbvcopy( p, &issuer_dn );
p = lutil_strcopy( p, "\" }, serial " );
- p = lutil_strncopy( p, i_sn2.bv_val, i_sn2.bv_len );
+ p = lutil_strbvcopy( p, &i_sn2 );
p = lutil_strcopy( p, " } } }" );
Debug( LDAP_DEBUG_TRACE, "attributeCertificateExactNormalize: %s\n",
ptr = lutil_strncopy( ptr, >.bv_val[ STRLENOF( "YYYYmmddHH:MM:" ) ],
STRLENOF( "SS" ) );
ptr = lutil_strcopy( ptr, ".000000Z#00" );
- ptr = lutil_strncopy( ptr, cnt.bv_val, cnt.bv_len );
+ ptr = lutil_strbvcopy( ptr, &cnt );
*ptr++ = '#';
*ptr++ = '0';
*ptr++ = '0';
ptr = bv.bv_val;
ptr = lutil_strncopy( ptr, gt.bv_val, gt.bv_len - 1 );
ptr = lutil_strcopy( ptr, ".000000Z#" );
- ptr = lutil_strncopy( ptr, cnt.bv_val, cnt.bv_len );
+ ptr = lutil_strbvcopy( ptr, &cnt );
*ptr++ = '#';
*ptr++ = '0';
for ( i = 0; i < sid.bv_len; i++ ) {