Alexei Chetroi wrote:
1st. CA certificate, even if created with -set_serial 01 is stored in database under key which look like hexadecimal number. So cmd listCerts list ca certificates referenced by serial number different from the real one.
This is a hash from the CA certificate.
2nd. getOwner in AC.pm around line 1252 check serial length. and if it
less than 16 retrieves CERTIFICATE otherwise CA_CERTIFICATE. I don't
really know if these issues are related to each other, So I've changed
line 1252 in AC.pm from:
"if (length ($self->{acl}->{object}) < 16) {"
to
"if ( $self->{acl}->{object} =~ /^\d+$/ )"
Correct me If i'm wrong.
The fix is correct. The code is no longer present in the CVS HEAD version.
PS. Diff is not fully tested. Need some more time, particulary want to know if genCRLfromFile works as expected. PSS: Works for MySQL too. Use DECIMAL (49) for storing serial, so ordering also works on serial.
I was a little bit sceptical about the DBI fixes and therefore it take a little bit more time than usual to check the patch. I found some problems:
Oracle: it support number(49) but only with a precision of 38 numbers IBM: it support numeric(49) but only with a precision of 31 numbers
Martin, I think we can accept this because today we support only 8 byte integers with DB2 and Oracle. So 31 or 38 digits are better than 8 byte int - even if the solution is not perfect.
I'm commiting on CVS HEAD including the first batch function for CVS HEAD.
Michael -- _______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
smime.p7s
Description: S/MIME Cryptographic Signature
