www.cendio.com
Bug 4605 - tl-ldap-certalias traceback on invalid certificate
: tl-ldap-certalias traceback on invalid certificate
Status: CLOSED FIXED
: ThinLinc
Misc
: 4.0.0
: PC Unknown
: P2 Normal
: 4.1.0
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2013-04-18 13:50 by
Modified: 2013-06-13 11:31 (History)


Attachments
Patch that adds error handling of invalid certificates. (1.05 KB, patch)
2013-04-18 13:50, Henrik Andersson
Details


Note

You need to log in before you can comment on or make changes to this bug.


Description From cendio 2013-04-18 13:50:26
Created an attachment (id=472) [details]
Patch that adds error handling of invalid certificates.

The crash happens with the following traceback:

tl-ldap-certalias: ERROR: Failed to load certificate...
stderr from tl-certtool:  Failed to decode extension as CRLDistPointsSyntax
element!
Error is .utcTime
LIBTASN1 ERROR: DER_ERROR
ERROR: Could not extract CRL distribution points from certificate (error -22)

Traceback (most recent call last):
  File "/opt/thinlinc/sbin/tl-ldap-certalias", line 1302, in <module>
    o0OOoOO = oOOo000oOoO0 ( )
  File "/opt/thinlinc/sbin/tl-ldap-certalias", line 1069, in oOOo000oOoO0
    iIi1I1 = II1i ( I1 [ 'pubkey' ] [ 1 ] [ 'exponent' ] ,
  File "/opt/thinlinc/sbin/tl-ldap-certalias", line 77, in __getitem__
    raise AttributeError

Attachment is a patch for a proper error handling of invalid cert.

The source reason for the crash is that tl-crltool fails to get CRL
Distribution Points.

I'll ask the customer if we can get a copy of this failing certificate.
------- Comment #1 From cendio 2013-04-23 12:29:31 -------
Fix commited in r27147.
------- Comment #2 From cendio 2013-06-13 11:31:40 -------
Tested by code inspection.