-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/11354/
-----------------------------------------------------------
Review request for qpid and Gordon Sim.
Description
-------
When a client provides an identifying certificate that does not contain a
CommonName entry in the subject, the CERT_GetCommonName() method returns a NULL
pointer.
This fix checks for that null pointer, and returns an empty ("") client auth id
in that case. From a security/functionality point of view, I think setting
the auth-id to an empty string when CN is not present can be considered valid.
This addresses bug qpid-4883.
https://issues.apache.org/jira/browse/qpid-4883
Diffs
-----
/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp 1485741
Diff: https://reviews.apache.org/r/11354/diff/
Testing
-------
crash reproducer + unit tests.
Thanks,
Kenneth Giusti
