Odd, gmail clearly shows the diff attached, but it doesn't seem to
have made it through the mailing list processing. Here's an inline
copy...
On Sat, Jul 4, 2009 at 11:01 AM, Will<
wglozer@...> wrote:
> Hi,
>
> SSL handshaking with new_ssl will fail when a certificate contains
> attributes unknown to the public_key module. Here is a patch that
> leaves the attribute value encoded when its type is unknown.
>
> -Will
>
diff -r 80795205fd0a src/pubkey_cert_records.erl
--- a/src/pubkey_cert_records.erl Sat Jul 04 10:44:41 2009 -0700
+++ b/src/pubkey_cert_records.erl Sat Jul 04 10:51:40 2009 -0700
@@ -187,8 +187,11 @@
end, Exts).
transform(#'AttributeTypeAndValue'{type=Id,value=Value0} = ATAV, Func) ->
- Type = attribute_type(Id),
- {ok, Value} = 'OTP-PUB-KEY':Func(Type, Value0),
+ {ok, Value} =
+ case attribute_type(Id) of
+ Type when is_atom(Type) -> 'OTP-PUB-KEY':Func(Type, Value0);
+ _UnknownType -> {ok, Value0}
+ end,
ATAV#'AttributeTypeAndValue'{value=Value};
transform(AKI = #'AuthorityKeyIdentifier'{authorityCertIssuer=ACI},Func) ->
AKI#'AuthorityKeyIdentifier'{authorityCertIssuer=transform(ACI,Func)};
@@ -231,7 +234,8 @@
attribute_type(?'id-at-serialNumber') -> 'X520SerialNumber';
attribute_type(?'id-at-pseudonym') -> 'X520Pseudonym';
attribute_type(?'id-domainComponent') -> 'DomainComponent';
-attribute_type(?'id-emailAddress') -> 'EmailAddress'.
+attribute_type(?'id-emailAddress') -> 'EmailAddress';
+attribute_type(Type) -> Type.
%%% Old code transforms
________________________________________________________________
erlang-bugs mailing list. See
http://www.erlang.org/faq.htmlerlang-bugs (at) erlang.org
