ITS#7746 fix for cert with NULL issuerDN

author Howard Chu <hyc@openldap.org>

Thu, 14 Nov 2013 11:02:07 +0000 (03:02 -0800)

committer Howard Chu <hyc@openldap.org>

Thu, 14 Nov 2013 11:02:07 +0000 (03:02 -0800)
author Howard Chu <hyc@openldap.org>
Thu, 14 Nov 2013 11:02:07 +0000 (03:02 -0800)
committer Howard Chu <hyc@openldap.org>
Thu, 14 Nov 2013 11:02:07 +0000 (03:02 -0800)
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c

index d177795925d03b6c41389b98669f9d4a53b9f282..d4f5024b305be56a9a5f9be15f162fe580727455 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -3713,12 +3713,14 @@ certificateExactNormalize(
         tag = ber_skip_tag( ber, &len );        /* SignatureAlg */
         ber_skip_data( ber, len );
         tag = ber_peek_tag( ber, &len );        /* IssuerDN */
-       len = ber_ptrlen( ber );
-       bvdn.bv_val = val->bv_val + len;
-       bvdn.bv_len = val->bv_len - len;
+       if ( len ) {
+               len = ber_ptrlen( ber );
+               bvdn.bv_val = val->bv_val + len;
+               bvdn.bv_len = val->bv_len - len;
  
-       rc = dnX509normalize( &bvdn, &issuer_dn );
-       if ( rc != LDAP_SUCCESS ) goto done;
+               rc = dnX509normalize( &bvdn, &issuer_dn );
+               if ( rc != LDAP_SUCCESS ) goto done;
+       }
  
         normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" )
                 + sn2.bv_len + issuer_dn.bv_len;
author	Howard Chu <hyc@openldap.org>
	Thu, 14 Nov 2013 11:02:07 +0000 (03:02 -0800)
committer	Howard Chu <hyc@openldap.org>
	Thu, 14 Nov 2013 11:02:07 +0000 (03:02 -0800)