Bug 4605 - tl-ldap-certalias traceback on invalid certificate
Summary: tl-ldap-certalias traceback on invalid certificate
Status: CLOSED FIXED
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Misc (show other bugs)
Version: 4.0.0
Hardware: PC Unknown
: P2 Normal
Target Milestone: 4.1.0
Assignee: Henrik Andersson
URL:
Keywords: astrand_tester
Depends on:
Blocks:
 
Reported: 2013-04-18 13:50 CEST by Henrik Andersson
Modified: 2013-06-13 11:31 CEST (History)
0 users

See Also:
Acceptance Criteria:

Attachments
Patch that adds error handling of invalid certificates. (1.05 KB, patch)
2013-04-18 13:50 CEST, Henrik Andersson 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Henrik Andersson cendio 2013-04-18 13:50:26 CEST 
Created attachment 472 [details]
Patch that adds error handling of invalid certificates.

The crash happens with the following traceback:

tl-ldap-certalias: ERROR: Failed to load certificate...
stderr from tl-certtool:  Failed to decode extension as CRLDistPointsSyntax element!
Error is .utcTime
LIBTASN1 ERROR: DER_ERROR
ERROR: Could not extract CRL distribution points from certificate (error -22)

Traceback (most recent call last):
  File "/opt/thinlinc/sbin/tl-ldap-certalias", line 1302, in <module>
    o0OOoOO = oOOo000oOoO0 ( )
  File "/opt/thinlinc/sbin/tl-ldap-certalias", line 1069, in oOOo000oOoO0
    iIi1I1 = II1i ( I1 [ 'pubkey' ] [ 1 ] [ 'exponent' ] ,
  File "/opt/thinlinc/sbin/tl-ldap-certalias", line 77, in __getitem__
    raise AttributeError

Attachment is a patch for a proper error handling of invalid cert.

The source reason for the crash is that tl-crltool fails to get CRL Distribution Points.

I'll ask the customer if we can get a copy of this failing certificate.
Comment 1 Henrik Andersson cendio 2013-04-23 12:29:31 CEST 
Fix commited in r27147.
Comment 2 Peter Åstrand cendio 2013-06-13 11:31:40 CEST 
Tested by code inspection.
Note You need to log in before you can comment on or make changes to this bug.