rpms / pki-core

Clone
Source Code
GIT

Blame SOURCES/pki-core-pre-signed-CMC-renewal-UniqueKeyConstraint.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-10.6 c8-stream-10.6 c8s-stream-10.6 c9 c9-beta
  1.   92a6056ef6087ff2de5cd59334568875ec83198c
  2.   SOURCES
  3.   pki-core-pre-signed-CMC-renewal-UniqueKeyConstraint.patch
Blob History Raw
92a605 
From 7f29261148fa4a27824cb2006c515d376288ec64 Mon Sep 17 00:00:00 2001
92a605 
From: Christina Fu <cfu@redhat.com>
92a605 
Date: Tue, 20 Jun 2017 15:04:12 -0700
92a605 
Subject: [PATCH] Ticket #2618 UniqueKeyConstraint fix on subjectDN comparison
92a605
92a605 
(cherry picked from commit 2d69d9332eea7ddc5205dc9e44d15452be4be61f)
92a605 
---
92a605 
 .../com/netscape/cms/profile/constraint/UniqueKeyConstraint.java    | 6 +-----
92a605 
 1 file changed, 1 insertion(+), 5 deletions(-)
92a605
92a605 
diff --git a/base/server/cms/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java b/base/server/cms/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java
92a605 
index 030995a..2614576 100644
92a605 
--- a/base/server/cms/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java
92a605 
+++ b/base/server/cms/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java
92a605 
@@ -240,11 +240,7 @@ public class UniqueKeyConstraint extends EnrollConstraint {
92a605 
                             }
92a605 
                             // only VALID or EXPIRED certs could have reached here
92a605 
                             X509CertImpl origCert = rec.getCertificate();
92a605 
-                            String certDN =
92a605 
-                                    origCert.getSubjectDN().toString();
92a605 
-                            CMS.debug(method + " cert retrieved from ldap has subject DN =" + certDN);
92a605 
-
92a605 
-                            sjname_in_db = new X500Name(certDN);
92a605 
+                            sjname_in_db = (X500Name) origCert.getSubjectDN();
92a605
92a605 
                             if (sjname_in_db.equals(sjname_in_req) == false) {
92a605 
                                 msg = msg + "subject name not match in same key renewal;";
92a605 
--
92a605 
1.8.3.1
92a605

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation