The version of ocspd I was using was the one I found on this web site
https://www.openca.org/projects/ocspd/. Sounds like there have been code
changes since this version was released. Is there a more recient release
than Version 1.5.1-rc1? If not, are there plans to make a new release?
As for your questons, you can see my comments below.
Bruce
On Dec 3, 2007 8:31 PM, Massimiliano Pala <[EMAIL PROTECTED]>
wrote:
> Hi Bruce,
>
> thanks for the help..
>
> I checked the code, and it seems that if the problem is still there it
> is not in the current updated version. Indeed the current code in
> ocsp_request.c is:
>
> /* Check for headers */
> if( (!cont_len) &&
> ((pnt = strstr_nocase(buf, "Content-Length: " )) != NULL) ) {
> if((pnt_end = strstr(pnt, "\r\n")) != NULL )
> sscanf((char *) (pnt+16), "%d", &cont_len );
> if(ocspd_conf->debug) {
> syslog(LOG_ERR, "DEBUG::Got Content Len [%d]",
> cont_len);
> }
> }
>
> Question: why did you included the .spec file in your email ? In other
> words, what does the new .spec file addresses ?
I am using the source RPM, so rather than modify the souce code directly, I
have the spec file apply the patch during the rpmbuild.
>
>
> Question: the patch you sent does not really patch the checking
> for the Headers besides the 'POST', is that what you were referring to
> really ?
I had a look at the patch again this morning and it does modify the code
where it is looking for content-length. Have a look at the patch again. I
can resend it if it was mangled.
>
>
> Question: can you send an OCSP request generated by Java ?
>
> In your email you mention the use of strcasestr() and strncasecmp(),
> before adopting them, I want to be sure it does not add any
> reliability/porting
> issue. I tried it on opensolaris/solaris/ubuntu/FC7/FC6 and it works.
> I hope older distros and OSes will not have issues with it as well.
> I can not currently test it on BSD, do you know if those calls are
> supported ?
>
> I attach a simple code, if it compiles, the calls should be there
> (to compile just run `cc -o test test.c`). Anybody can test this on
> BSD/MacOS X/others ?
>
> Later,
> Max
>
>
> Bruce Keats wrote:
> > I have tracked the problem down and I have attached the changes. I
> > have only tested these changes on Fedora Core 7, but they should work
> > for other Linux distros.
> >
> > The problem is that the code is treating the HTTP headers as case
> > sensitive by using the strstr() and strncmp() for the field-names.
> > JAVA is sending out the HTTP request with the string "Content-length:
> > " whereas the code in http_request.c is using strstr("Content-Length:
> > "). Therefore the code will never find the content length and fails
> > to parse the HTTP request.
> >
> > My change is to use strcasestr() and strncasecmp(). I have attached
> > the diff and the new spec file.
> >
> > Bruce
>
> --
>
> Best Regards,
>
> Massimiliano Pala
>
>
> --o------------------------------------------------------------------------
> Massimiliano Pala [OpenCA Project Manager]
> [EMAIL PROTECTED]
> Tel.: +39 (0)11 564
> 7081
> http://security.polito.it Fax: +39 178 270
> 2077
> Mobile: +39 (0)347 7222
> 365
>
> Politecnico di Torino (EuroPKI) CA Info:
>
> Authority Access Point
> http://ca.polito.it
> Authority's Certificate:
> http://ca.polito.it/ca_cert/en_index.html
> Certificate Revocation List:
> http://ca.polito.it/crl03/crl.crl
>
> --o------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> SF.Net email is sponsored by: The Future of Linux Business White Paper
> from Novell. From the desktop to the data center, Linux is going
> mainstream. Let it simplify your IT future.
> http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
> _______________________________________________
> Openca-Users mailing list
> Openca-Users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
>
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
