I found some bugs in PKCS7.pm. diff is included at the end of the message.
Which version of OpenCA do you use? Your diff does not match my version of PKCS7.pm and you don't make a context diff (diff -u). Please make context diff and send me the version which you use.
First, one I reported a while back, that line 334 needs different syntax to split the line since the regexp matching doesn't work.
Second, it looks like the error values were never checked, since none of the error checks in parseDepth are valid perl regular expressions.
I can commit the regex changes if I know the version and I have a context diff.
Lastly, something odd is happening with the DN check. The line:
my $x500_dn = X500::DN->ParseRFC2253 ($dn);
sets $x500_dn as undef, which it wasn't before. It turns out that by this point, $dn has it's values split by "/" instead of ",", and X500::DN->ParseRFC2253 doesn't like that. Removing the initial "/" and converting all of the others to "," fixes that problem.
This fix is dangerous because this is not a bug in PKCS7.pm. Every DN which is present inside of OpenCA must be an RFC2253 distinguished name. If you get some "/" instead of some "," then there is a bug in openca-sv. Therefore it is really important for me to know the used software version.
So I wait for the version and the context diffs to have a chance to understand the patch. Please don't think that I don't like your patch but the PKCS#7 stuff is highly critical for OpenCA, so I have to understand the patch fully before I can commit it.
Michael
P.S. please attach the patch. This is more safe than an included patch. -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
