X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fschema_init.c;h=dc7fb9c5838b550c89fa17bc040c5235ded40f72;hb=6273df07da2d23bea3f79ce630f8778e1881b3a7;hp=55fc2fa8888127464fae42dd5fbb0a67cff5ff17;hpb=9cfa465107943c2b9692fb7b1b6a3719c87df93c;p=openldap

diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index 55fc2fa888..dc7fb9c583 100644
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -326,9 +326,12 @@ certificateListValidate( Syntax *syntax, struct berval *in )
 	/* revokedCertificates - Sequence of Sequence, Optional */
 	if ( tag == LBER_SEQUENCE ) {
 		ber_len_t seqlen;
-		if ( ber_peek_tag( ber, &seqlen ) == LBER_SEQUENCE ) {
-			/* Should NOT be empty */
-			ber_skip_data( ber, len );
+		ber_tag_t stag;
+		stag = ber_peek_tag( ber, &seqlen );
+		if ( stag == LBER_SEQUENCE || !len ) {
+			/* RFC5280 requires non-empty, but X.509(2005) allows empty. */
+			if ( len )
+				ber_skip_data( ber, len );
 			tag = ber_skip_tag( ber, &len );
 		}
 	}
@@ -2265,8 +2268,7 @@ postalAddressNormalize(
 
 	p = normalized->bv_val;
 	for ( l = 0; !BER_BVISNULL( &nlines[l] ); l++ ) {
-		p = lutil_memcopy( p, nlines[l].bv_val, nlines[l].bv_len );
-
+		p = lutil_strbvcopy( p, &nlines[l] );
 		*p++ = '$';
 	}
 	*--p = '\0';
@@ -3329,9 +3331,9 @@ serialNumberAndIssuerPretty(
 
 	p = out->bv_val;
 	p = lutil_strcopy( p, "{ serialNumber " /*}*/ );
-	p = lutil_strncopy( p, sn.bv_val, sn.bv_len );
+	p = lutil_strbvcopy( p, &sn );
 	p = lutil_strcopy( p, ", issuer rdnSequence:\"" );
-	p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+	p = lutil_strbvcopy( p, &ni );
 	p = lutil_strcopy( p, /*{*/ "\" }" );
 
 	assert( p == &out->bv_val[out->bv_len] );
@@ -3491,9 +3493,9 @@ serialNumberAndIssuerNormalize(
 	p = out->bv_val;
 
 	p = lutil_strcopy( p, "{ serialNumber " /*}*/ );
-	p = lutil_strncopy( p, sn3.bv_val, sn3.bv_len );
+	p = lutil_strbvcopy( p, &sn3 );
 	p = lutil_strcopy( p, ", issuer rdnSequence:\"" );
-	p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+	p = lutil_strbvcopy( p, &ni );
 	p = lutil_strcopy( p, /*{*/ "\" }" );
 
 	assert( p == &out->bv_val[out->bv_len] );
@@ -3588,9 +3590,9 @@ certificateExactNormalize(
 	p = normalized->bv_val;
 
 	p = lutil_strcopy( p, "{ serialNumber " /*}*/ );
-	p = lutil_strncopy( p, sn2.bv_val, sn2.bv_len );
+	p = lutil_strbvcopy( p, &sn2 );
 	p = lutil_strcopy( p, ", issuer rdnSequence:\"" );
-	p = lutil_strncopy( p, issuer_dn.bv_val, issuer_dn.bv_len );
+	p = lutil_strbvcopy( p, &issuer_dn );
 	p = lutil_strcopy( p, /*{*/ "\" }" );
 
 	rc = LDAP_SUCCESS;
@@ -3920,9 +3922,9 @@ issuerAndThisUpdatePretty(
 
 	p = out->bv_val;
 	p = lutil_strcopy( p, "{ issuer rdnSequence:\"" /*}*/ );
-	p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+	p = lutil_strbvcopy( p, &ni );
 	p = lutil_strcopy( p, "\", thisUpdate \"" );
-	p = lutil_strncopy( p, tu.bv_val, tu.bv_len );
+	p = lutil_strbvcopy( p, &tu );
 	p = lutil_strcopy( p, /*{*/ "\" }" );
 
 	assert( p == &out->bv_val[out->bv_len] );
@@ -3986,9 +3988,9 @@ issuerAndThisUpdateNormalize(
 	p = out->bv_val;
 
 	p = lutil_strcopy( p, "{ issuer rdnSequence:\"" /*}*/ );
-	p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+	p = lutil_strbvcopy( p, &ni );
 	p = lutil_strcopy( p, "\", thisUpdate \"" );
-	p = lutil_strncopy( p, tu2.bv_val, tu2.bv_len );
+	p = lutil_strbvcopy( p, &tu2 );
 	p = lutil_strcopy( p, /*{*/ "\" }" );
 
 	assert( p == &out->bv_val[out->bv_len] );
@@ -4081,9 +4083,9 @@ certificateListExactNormalize(
 	p = normalized->bv_val;
 
 	p = lutil_strcopy( p, "{ issuer rdnSequence:\"" );
-	p = lutil_strncopy( p, issuer_dn.bv_val, issuer_dn.bv_len );
+	p = lutil_strbvcopy( p, &issuer_dn );
 	p = lutil_strcopy( p, "\", thisUpdate \"" );
-	p = lutil_strncopy( p, thisUpdate.bv_val, thisUpdate.bv_len );
+	p = lutil_strbvcopy( p, &thisUpdate );
 	p = lutil_strcopy( p, /*{*/ "\" }" );
 
 	rc = LDAP_SUCCESS;
@@ -4516,11 +4518,11 @@ serialNumberAndIssuerSerialPretty(
 
 	p = out->bv_val;
 	p = lutil_strcopy( p, "{ serialNumber " );
-	p = lutil_strncopy( p, sn.bv_val, sn.bv_len );
+	p = lutil_strbvcopy( p, &sn );
 	p = lutil_strcopy( p, ", issuer { baseCertificateID { issuer { directoryName:rdnSequence:\"" );
-	p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+	p = lutil_strbvcopy( p, &ni );
 	p = lutil_strcopy( p, "\" }, serial " );
-	p = lutil_strncopy( p, i_sn.bv_val, i_sn.bv_len );
+	p = lutil_strbvcopy( p, &i_sn );
 	p = lutil_strcopy( p, " } } }" );
 
 	assert( p == &out->bv_val[out->bv_len] );
@@ -4630,11 +4632,11 @@ serialNumberAndIssuerSerialNormalize(
 	p = out->bv_val;
 
 	p = lutil_strcopy( p, "{ serialNumber " );
-	p = lutil_strncopy( p, sn3.bv_val, sn3.bv_len );
+	p = lutil_strbvcopy( p, &sn3 );
 	p = lutil_strcopy( p, ", issuer { baseCertificateID { issuer { directoryName:rdnSequence:\"" );
-	p = lutil_strncopy( p, ni.bv_val, ni.bv_len );
+	p = lutil_strbvcopy( p, &ni );
 	p = lutil_strcopy( p, "\" }, serial " );
-	p = lutil_strncopy( p, i_sn3.bv_val, i_sn3.bv_len );
+	p = lutil_strbvcopy( p, &i_sn3 );
 	p = lutil_strcopy( p, " } } }" );
 
 	assert( p == &out->bv_val[out->bv_len] );
@@ -4763,11 +4765,11 @@ attributeCertificateExactNormalize(
 	p = normalized->bv_val;
 
 	p = lutil_strcopy( p, "{ serialNumber " );
-	p = lutil_strncopy( p, sn2.bv_val, sn2.bv_len );
+	p = lutil_strbvcopy( p, &sn2 );
 	p = lutil_strcopy( p, ", issuer { baseCertificateID { issuer { directoryName:rdnSequence:\"" );
-	p = lutil_strncopy( p, issuer_dn.bv_val, issuer_dn.bv_len );
+	p = lutil_strbvcopy( p, &issuer_dn );
 	p = lutil_strcopy( p, "\" }, serial " );
-	p = lutil_strncopy( p, i_sn2.bv_val, i_sn2.bv_len );
+	p = lutil_strbvcopy( p, &i_sn2 );
 	p = lutil_strcopy( p, " } } }" );
 
 	Debug( LDAP_DEBUG_TRACE, "attributeCertificateExactNormalize: %s\n",
@@ -5108,7 +5110,7 @@ csnNormalize21(
 	ptr = lutil_strncopy( ptr, &gt.bv_val[ STRLENOF( "YYYYmmddHH:MM:" ) ],
 		STRLENOF( "SS" ) );
 	ptr = lutil_strcopy( ptr, ".000000Z#00" );
-	ptr = lutil_strncopy( ptr, cnt.bv_val, cnt.bv_len );
+	ptr = lutil_strbvcopy( ptr, &cnt );
 	*ptr++ = '#';
 	*ptr++ = '0';
 	*ptr++ = '0';
@@ -5201,7 +5203,7 @@ csnNormalize23(
 	ptr = bv.bv_val;
 	ptr = lutil_strncopy( ptr, gt.bv_val, gt.bv_len - 1 );
 	ptr = lutil_strcopy( ptr, ".000000Z#" );
-	ptr = lutil_strncopy( ptr, cnt.bv_val, cnt.bv_len );
+	ptr = lutil_strbvcopy( ptr, &cnt );
 	*ptr++ = '#';
 	*ptr++ = '0';
 	for ( i = 0; i < sid.bv_len; i++ ) {