[Freeipa-devel] [PATCH] 360 be smarter about decoding certs
John Dennis
jdennis at redhat.com
Thu Jan 28 21:33:05 UTC 2010
On 01/28/2010 04:15 PM, Rob Crittenden wrote:
> Gah, got the description mixed up with the last patch :-(
>
> Be a bit smarter about decoding certificates that might be base64
> encoded. First see if it only contains those characters allowed before
> trying to decode it. This reduces the number of false positives.
I'm not sure the test is doing what you want or even if it's the right
test.
The test is saying "If there is one or more characters in the bas64
alphabet then try and decode. That means just about anything will match,
which doesn't seem like a very strong test.
Why not just try and decode it and let the decoder decide if it's really
base64, the decoder has much strong rules about the input, including
assuring the padding is correct.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-devel
mailing list