- masarati@aero.polimi.it [2010-01-24 16:01:23 +0100]:
Funny enough, the same thing is dealt with correctly in certificate validation/normalization in slapd/schema_init.c
That was a result of ITS#5070 (which you filed).
right :)
Maybe there is an opportunity for refactoring, but I wouldn't be a good judge of that.
I don't quite bother about refactoring to minimize code duplication. Rather, I think the libldap function x509_cert_get_dn() should first validate the certificate, much like slapd's certificateValidate() does.
I'm applying the fix, please test.
p.