Yes, some weeks ago Dieter did file an ITS in this context;-)
[mailto:openldap-technical-bounces+hartmut.lehnert=secunet.com@OpenLDAP.org] Im Auftrag
von Quanah Gibson-Mount
Gesendet: Mittwoch, 16. Juni 2010 20:28
An: Lehnert, Hartmut; openldap-technical(a)openldap.org
Betreff: Re: Q: status of component matching?
--On Wednesday, June 16, 2010 4:51 PM +0200 "Lehnert, Hartmut"
I would like to post further information on this theme which is of
essential interest to us.
After preventing slapd to dump a core file (by preventing memory freeing)
we could not perform a component match filter search, and in the
meanwhile we debugged slapd to see why a component match filter search
The result is that the signature algorithm of our certificate
(sha256WithRSA) cannot be parsed by the code contained in
"contrib/slapd-modules/comp_match/certificate.c". The function
BDecAlgorithmIdentifier fails in line 198 because the value of
totalElmtsLen1 is 11 and the value of elmtLen0 is 13 while parsing the
OID 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 and obviously not
handling the trailing Null parameter of the AlgorithmIdentifier.
Can anybody suggest a solution for this problem?
File an ITS?
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration