summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorh.sterling <h.sterling>2005-08-14 00:27:53 +0000
committerh.sterling <h.sterling>2005-08-14 00:27:53 +0000
commit90298f0cbd3a26bae80f754591d0288f9de1dd97 (patch)
tree64b3929a31218dbc4f0f25043cf1d5e9f594ef72 /src
parent5c58627c710bcaf718defe85a5d20293137a4f6a (diff)
downloadtog-pegasus-90298f0cbd3a26bae80f754591d0288f9de1dd97.zip
tog-pegasus-90298f0cbd3a26bae80f754591d0288f9de1dd97.tar.gz
tog-pegasus-90298f0cbd3a26bae80f754591d0288f9de1dd97.tar.xz
BUG#:4053
TITLE:certificate provider cannot handle some hex serial numbers DESCRIPTION: Submit approved fix
Diffstat (limited to 'src')
-rw-r--r--src/Clients/ssltrustmgr/tests/Makefile12
-rw-r--r--src/Pegasus/Common/SSLContext.cpp2
-rw-r--r--src/Pegasus/ControlProviders/CertificateProvider/CertificateProvider.cpp4
-rw-r--r--src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp2
4 files changed, 11 insertions, 9 deletions
diff --git a/src/Clients/ssltrustmgr/tests/Makefile b/src/Clients/ssltrustmgr/tests/Makefile
index 931257b..d95a58e 100644
--- a/src/Clients/ssltrustmgr/tests/Makefile
+++ b/src/Clients/ssltrustmgr/tests/Makefile
@@ -60,6 +60,7 @@ clean:
@$(RM) index.txt.attr
@$(RM) index.txt.old
@$(RM) .rnd
+ @$(RM) $(PEGASUS_HOME)/ca.crl
#
# Create certificates and CRLs required for running the tests
@@ -72,33 +73,34 @@ ifdef PEGASUS_HAS_SSL
@#
@$(OPENSSL_COMMAND) genrsa -out $(PEGASUS_HOME)/testdn1.key 1024
@$(OPENSSL_COMMAND) req -config $(OPENSSL_CNF) -new -key $(PEGASUS_HOME)/testdn1.key -out $(PEGASUS_HOME)/testdn1.csr < testdn1.txt
- @$(OPENSSL_COMMAND) x509 -in $(PEGASUS_HOME)/testdn1.csr -out $(PEGASUS_HOME)/testdn1.cert -req -signkey $(PEGASUS_HOME)/testdn1.key -days 356
+ @$(OPENSSL_COMMAND) x509 -in $(PEGASUS_HOME)/testdn1.csr -out $(PEGASUS_HOME)/testdn1.cert -req -signkey $(PEGASUS_HOME)/testdn1.key -days 356 -set_serial 00
@$(RM) $(PEGASUS_HOME)/testdn1.csr
@#
@# Create a self-signed CA
@#
+ @$(ECHO) "00" > $(PEGASUS_HOME)/ca.srl
@$(OPENSSL_COMMAND) genrsa -out $(PEGASUS_HOME)/testca1.key 1024
- @$(OPENSSL_COMMAND) req -new -key $(PEGASUS_HOME)/testca1.key -x509 -config $(OPENSSL_CNF) -days 365 -out $(PEGASUS_HOME)/testca1.cert < testca1.txt
+ @$(OPENSSL_COMMAND) req -new -key $(PEGASUS_HOME)/testca1.key -x509 -config $(OPENSSL_CNF) -set_serial 00 -days 365 -out $(PEGASUS_HOME)/testca1.cert < testca1.txt
@#
@# Create a certificate signed by the CA
@#
@$(OPENSSL_COMMAND) genrsa -out $(PEGASUS_HOME)/testdn2.key 1024
@$(OPENSSL_COMMAND) req -config $(OPENSSL_CNF) -new -key $(PEGASUS_HOME)/testdn2.key -out $(PEGASUS_HOME)/testdn2.csr < testdn2.txt
- @$(OPENSSL_COMMAND) x509 -req -days 365 -in $(PEGASUS_HOME)/testdn2.csr -CA $(PEGASUS_HOME)/testca1.cert -CAkey $(PEGASUS_HOME)/testca1.key -CAcreateserial -out $(PEGASUS_HOME)/testdn2.cert
+ @$(OPENSSL_COMMAND) x509 -req -days 365 -in $(PEGASUS_HOME)/testdn2.csr -CA $(PEGASUS_HOME)/testca1.cert -CAkey $(PEGASUS_HOME)/testca1.key -CAserial $(PEGASUS_HOME)/ca.srl -out $(PEGASUS_HOME)/testdn2.cert
@$(RM) $(PEGASUS_HOME)/testdn2.csr
@#
@# Create a second test certificate signed by the CA
@#
@$(OPENSSL_COMMAND) genrsa -out $(PEGASUS_HOME)/testdn3.key 1024
@$(OPENSSL_COMMAND) req -config $(OPENSSL_CNF) -new -key $(PEGASUS_HOME)/testdn3.key -out $(PEGASUS_HOME)/testdn3.csr < testdn3.txt
- @$(OPENSSL_COMMAND) x509 -req -days 365 -in $(PEGASUS_HOME)/testdn3.csr -CA $(PEGASUS_HOME)/testca1.cert -CAkey $(PEGASUS_HOME)/testca1.key -CAcreateserial -out $(PEGASUS_HOME)/testdn3.cert
+ @$(OPENSSL_COMMAND) x509 -req -days 365 -in $(PEGASUS_HOME)/testdn3.csr -CA $(PEGASUS_HOME)/testca1.cert -CAkey $(PEGASUS_HOME)/testca1.key -CAserial $(PEGASUS_HOME)/ca.srl -out $(PEGASUS_HOME)/testdn3.cert
@$(RM) $(PEGASUS_HOME)/testdn3.csr
@#
@# Create a third test certificate signed by the CA
@#
@$(OPENSSL_COMMAND) genrsa -out $(PEGASUS_HOME)/testdn4.key 1024
@$(OPENSSL_COMMAND) req -config $(OPENSSL_CNF) -new -key $(PEGASUS_HOME)/testdn4.key -out $(PEGASUS_HOME)/testdn4.csr < testdn4.txt
- @$(OPENSSL_COMMAND) x509 -req -days 365 -in $(PEGASUS_HOME)/testdn4.csr -CA $(PEGASUS_HOME)/testca1.cert -CAkey $(PEGASUS_HOME)/testca1.key -CAcreateserial -out $(PEGASUS_HOME)/testdn4.cert
+ @$(OPENSSL_COMMAND) x509 -req -days 365 -in $(PEGASUS_HOME)/testdn4.csr -CA $(PEGASUS_HOME)/testca1.cert -CAkey $(PEGASUS_HOME)/testca1.key -CAserial $(PEGASUS_HOME)/ca.srl -out $(PEGASUS_HOME)/testdn4.cert
@$(RM) $(PEGASUS_HOME)/testdn4.csr
@#
@# Create a CRL issued by the test CA and revoke a certificate
diff --git a/src/Pegasus/Common/SSLContext.cpp b/src/Pegasus/Common/SSLContext.cpp
index 042335d..0bc50fb 100644
--- a/src/Pegasus/Common/SSLContext.cpp
+++ b/src/Pegasus/Common/SSLContext.cpp
@@ -1526,7 +1526,7 @@ String SSLCertificateInfo::toString() const
sprintf(buf, "Version number: %d\n", _rep->versionNumber);
s.append(buf);
- sprintf(buf, "Serial number: %ld\n", _rep->serialNumber);
+ sprintf(buf, "Serial number: %lu\n", _rep->serialNumber);
s.append(buf);
s.append("Not before date: ");
diff --git a/src/Pegasus/ControlProviders/CertificateProvider/CertificateProvider.cpp b/src/Pegasus/ControlProviders/CertificateProvider/CertificateProvider.cpp
index fab85b9..fc8d9cb 100644
--- a/src/Pegasus/ControlProviders/CertificateProvider/CertificateProvider.cpp
+++ b/src/Pegasus/ControlProviders/CertificateProvider/CertificateProvider.cpp
@@ -493,7 +493,7 @@ inline CIMInstance _getCRLInstance(X509_CRL* xCrl, String host, CIMNamespaceName
{
r = sk_X509_REVOKED_value(revoked, i);
rawSerialNumber = ASN1_INTEGER_get(r->serialNumber);
- sprintf(serial, "%ld", rawSerialNumber);
+ sprintf(serial, "%lu", rawSerialNumber);
revokedSerialNumbers.append(String(serial));
revocationDate = getDateTime(r->revocationDate);
@@ -1208,7 +1208,7 @@ void CertificateProvider::invokeMethod(
//serial number
long rawSerialNumber = ASN1_INTEGER_get(X509_get_serialNumber(xCert));
char serial[256];
- sprintf(serial, "%ld", rawSerialNumber);
+ sprintf(serial, "%lu", rawSerialNumber);
serialNumber = String(serial);
//subject name
diff --git a/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp b/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp
index 4ec2d66..fa65d27 100644
--- a/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp
+++ b/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp
@@ -414,7 +414,7 @@ void HTTPAuthenticatorDelegator::handleHTTPMessage(
//get certificate properties
String issuerName = clientCertificate->getIssuerName();
char serialNumber[256];
- sprintf(serialNumber, "%ld", clientCertificate->getSerialNumber());
+ sprintf(serialNumber, "%lu", clientCertificate->getSerialNumber());
//ATTN: Use certificate provider constants
String truststoreType = (httpMessage->authInfo->isExportConnection() ? String("3") : String("2"));