Hallo zusammen,
I've found a bug in ${certextract ...} clause when handling custom
separator for RFC4514 DN.
Example:
${certextract{subject,>/}{$tls_in_ourcert}}
The process gets SIGSEGV (strlen(NULL) called, see the source).
The fix (against 4.84) is attached (tls_field_from_dn-4.84.diff).
--
Best regards,
Roman Rybalko
commit cc96493b0e1b66b32592478a1b9197d83ee9e2f2
Author: Roman Rybalko <devel@???>
Date: Wed Dec 24 16:10:36 2014 +0300
tls_field_from_dn() fix for custom out separator
diff --git src/tls.c src/tls.c
index f2ab567..41e72d7 100644
--- src/tls.c
+++ src/tls.c
@@ -249,10 +249,18 @@ while ((ele = string_nextinlist(&mod, &insep, NULL, 0)))
dn_to_list(dn);
insep = ',';
-len = Ustrlen(match);
-while ((ele = string_nextinlist(&dn, &insep, NULL, 0)))
- if (Ustrncmp(ele, match, len) == 0 && ele[len] == '=')
- list = string_append_listele(list, outsep, ele+len+1);
+if (match)
+ {
+ len = Ustrlen(match);
+ while ((ele = string_nextinlist(&dn, &insep, NULL, 0)))
+ if (Ustrncmp(ele, match, len) == 0 && ele[len] == '=')
+ list = string_append_listele(list, outsep, ele+len+1);
+ }
+else
+ {
+ while ((ele = string_nextinlist(&dn, &insep, NULL, 0)))
+ list = string_append_listele(list, outsep, ele);
+ }
return list;
}
