On Mon, Apr 04, 2005 at 10:26:13AM +0200, Michael Bell wrote:
> Date: Mon, 04 Apr 2005 10:26:13 +0200
> From: Michael Bell <[EMAIL PROTECTED]>
> Subject: Re: [OpenCA-Devel] CA Certificate serial number.
>
[snip]
> >PS. Diff is not fully tested. Need some more time, particulary want to know
> >if genCRLfromFile works as expected.
> >PSS: Works for MySQL too. Use DECIMAL (49) for storing serial, so
> >ordering also works on serial.
>
> I was a little bit sceptical about the DBI fixes and therefore it take a
> little bit more time than usual to check the patch. I found some problems:
>
> Oracle: it support number(49) but only with a precision of 38 numbers
> IBM: it support numeric(49) but only with a precision of 31 numbers
Hmm, I always thought that postgres is similiar to Oracle 7 by its
features. Never thought that opensource database have features, that
commercial databases lacks.
>
> Martin, I think we can accept this because today we support only 8 byte
> integers with DB2 and Oracle. So 31 or 38 digits are better than 8 byte
> int - even if the solution is not perfect.
>
> I'm commiting on CVS HEAD including the first batch function for CVS HEAD.
I've missed mail-utils.lib and PKCS7.pm in my prevous diff. They use
hex() functions which is oveflowed by big serials. See attached diff.
Best wishes
--
Alexei Chetroi
Smile... Tomorrow will be worse. (c) Murphy's Law
diff -ru openca-0.9.2.2.orig/src/common/lib/functions/mail-utils.lib
openca-0.9.2.2/src/common/lib/functions/mail-utils.lib
--- openca-0.9.2.2.orig/src/common/lib/functions/mail-utils.lib 2005-04-04
09:04:07.000000000 +0300
+++ openca-0.9.2.2/src/common/lib/functions/mail-utils.lib 2005-04-04
09:19:23.000000000 +0300
@@ -34,6 +34,7 @@
## sendPreparedMail 40
use strict;
+use Math::BigInt lib => 'GMP';
sub warnUsers {
my @keys = @_;
@@ -60,9 +61,10 @@
my @certsList = split( "\n", $tmp );
foreach $ID ( @certsList ) {
- my ($user, $userCert, $serID);
+ my ($user, $userCert, $serID, $biSerID);
( $serID ) = ( $ID =~ /([a-f0-9]+)/i );
+ $biSerID = Math::BigInt->new ( '0x'.$serID );
##// Let's be sure it is in the right format
$serID = uc( $serID );
@@ -70,7 +72,7 @@
print i18nGettext ("Sending Mail [__CERT_SERIAL__] :
<B>Certificate Serial __CERT_SERIAL__ (0x0__HEX__)",
"__CERT_SERIAL__", $serID,
- "__HEX__", hex ($serID))
."</B><BR>";
+ "__HEX__", $biSerID
."</B><BR>";
my $cert = $db->getItem ( DATATYPE => "VALID_CERTIFICATE",
KEY => $serID );
diff -ru openca-0.9.2.2.orig/src/modules/openca-pkcs7/PKCS7.pm
openca-0.9.2.2/src/modules/openca-pkcs7/PKCS7.pm
--- openca-0.9.2.2.orig/src/modules/openca-pkcs7/PKCS7.pm 2005-04-04
08:45:21.000000000 +0300
+++ openca-0.9.2.2/src/modules/openca-pkcs7/PKCS7.pm 2005-04-04
08:55:02.000000000 +0300
@@ -64,6 +64,7 @@
use strict;
use X500::DN;
+use Math::BigInt lib => 'GMP';
package OpenCA::PKCS7;
@@ -389,7 +390,7 @@
( $currentDepth, $serial, $dn ) =
( $line =~ /depth:([\d]+) serial:([a-fA-F\d]+)
subject:(.*)/ );
- $ret->{$currentDepth}->{SERIAL} = hex ($serial) ;
+ $ret->{$currentDepth}->{SERIAL} = Math::BigInt->new
('0x'.$serial)->bstr () ;
$ret->{$currentDepth}->{DN} = $dn;
if ($self->{DEBUG})
{
