#18613 [NoF->Opn]: Multiple OU in x509 certificate problem

Wed, 07 Apr 2004 00:16:05 -0700 

 ID:               18613
 User updated by:  agoralski at certum dot pl
 Reported By:      agoralski at certum dot pl
-Status:           No Feedback
+Status:           Open
 Bug Type:         OpenSSL related
 Operating System: Linux 2.4.18-grsec
 PHP Version:      4.2.2
 New Comment:

Multiple OUs are visible in "name" after openssl_x509_parse so here's a
quick & dirty workaround:



function get_ous($data) {

    if (strlen(strstr($data,'/OU='))>0) {

        $parts=explode('=', $data);



        for ($i=0, $j=count($parts); $i<$j; $i++) {

            if ($i>0) {

                if (substr($parts[$i-1], strrpos($parts[$i-1],
'/')+1)=='OU') {

                    $ret[]=substr($parts[$i], 0, strrpos($parts[$i],
'/'));

                }

            }

        }

        return $ret;

    } else {

        return false;

    }

}



$cert=openssl_x509_parse($crt);

$ous=get_ous($cert['name']);

if (is_array($ous)) {

   //your code here

}


Previous Comments:
------------------------------------------------------------------------

[2004-04-06 12:50:59] allins at nosc dot mil

confirmed also exists in php 4.3.4 on fedora linux

------------------------------------------------------------------------

[2004-04-06 12:32:07] allins at nosc dot mil

verified on RedHat 9, PHP 4.2.2

output from var_dump of array after openssl_x509_parse was performed. 

There should have been an ["OU"]=> "DoD" before the PKI line



["issuer"]=>

  array(4) {

    ["C"]=>

    string(2) "US"

    ["O"]=>

    string(15) "U.S. Government"

    ["OU"]=>

    string(3) "PKI"

    ["CN"]=>

    string(22) "DOD CLASS 3 EMAIL CA-7"

------------------------------------------------------------------------

[2002-09-26 20:03:27] [EMAIL PROTECTED]

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.



------------------------------------------------------------------------

[2002-09-11 10:52:56] [EMAIL PROTECTED]

Any news about the patch..?



------------------------------------------------------------------------

[2002-07-29 11:40:54] [EMAIL PROTECTED]

Please submit the diff -u output to [EMAIL PROTECTED]

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/18613

-- 
Edit this bug report at http://bugs.php.net/?id=18613&edit=1

Reply via email to