Hi, > Have any of you ever seen this in the stderr.log ? > > Integer overflow in hexadecimal number at > /usr/local/ca001_pki/modules/perl5/OpenCA/PKCS7.pm line 392.
nope. But I think the reason might be that a request you have been processing was signed by a "rogue" certificate with a serial number outside the range the Perl hex() function can process. The PKCS7 module parses the output of the openca-sv executable which prints information about the signed data and the signer certificate, which does not necessarily have to be issued by OpenCA itself... So I suspect that the signature itself is the reason for this behaviour, not the internal state of OpenCA. If possible, have a look at the database and the CSR that caused the problem. You should be able to extract the header information for the request, extract the PKCS#7 structure and parse it manually. Either way, I think there is a bug lurking here, and at least we should use the BigInt classes to convert integers. Sorry I could not be of more help, Martin ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ OpenCA-Devel mailing list OpenCA-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-devel
