RFR(S): 8224729: sun/security/provider/certpath/ldap/LDAPCertStoreImpl.java can't handle forward slash characters in Certificate Issuer Names

Langer, Christoph christoph.langer at sap.com
Fri May 24 09:11:48 UTC 2019


Hi,

please review this fix for an issue that I've discovered when working with test security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java.

It fails when the test tries to do the CRL verification of the certificate. It has issues in the LDAP implementation because of the certificate's name "cn=Actalis Authentication Root CA,o=Actalis S.p.A./03358520967,c=IT". The name contains a forward slash which is at the same time a compound separator in javax.naming/LDAP. So it needs some escaping.

I also cleaned up some debugging code and removed/commented out unused fields and methods.

Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8224729.0/
Bug: https://bugs.openjdk.java.net/browse/JDK-8224729

Thanks
Christoph

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20190524/cef4412e/attachment.htm>


More information about the security-dev mailing list