On 12/18/2009 07:45 AM, Jason Gerard DeRose wrote:
On Thu, 2009-12-17 at 11:32 -0500, Rob Crittenden wrote:
Found a few problems with certificate handling with certmonger. Add a
try/except to handle base64-encoded certificates more gracefully. I had
also missed a function import causing things to blow up in some cases.
ack. pushed to master.
Hmm... maybe this should have been NAK'ed. The issues were under active
discussion. I don't think the patch is doing any harm but I'm not sure
it's the right solution. Maybe the patch shouldn't have been applied.
We have to be careful with our data types.
The patch effectively was trying to determine if a certificate was
encoded in binary DER format as opposed to base64 encoded PEM format by
trying to base64 decode the certificate, if it successfully decoded it
was assumed to be PEM. That's not the right way to handle this IMHO.
We either need to:
* adopt the convention that all certificates are in pem format when
exchanged at an interface boundary
* Have a method to unambiguously identify the certificate encoding, this
could be done in one of two ways.
1. Always associate an encoding format attribute with the certificate
2. We do have the ability to unambiguously distinguish between binary
objects and text objects. We could adopt the convention that if the data
type of the certificate object is binary it is in DER format and if the
data type of the certificate is TEXT then it's in PEM format.
The distinction between binary and text is based on whether the object
is a str class or a unicode class. The downside of this approach is
we've haven't been rigorous with enforcing the correct data types, a
problem compounded by the fact Python happily converts between str and
unicode silently. Provided we're careful with using the right data type
then the following would work:
if type(cert) is unicode:
cert_der = base64.b64decode(cert)
cert_der = cert
if type(cert) is str:
cert_pem = cert
cert_pem = der_cert_to_pem(cert)
What we don't want to do is start employing heuristics to guess the
encoding, format, or data type of objects, it's not robust defensive
John Dennis <jden...@redhat.com>
Looking to carve out IT costs?
Freeipa-devel mailing list