diff options
| author | Ingela Anderton Andin <[email protected]> | 2012-08-27 11:31:19 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2012-08-27 11:31:19 +0200 |
| commit | 4877acc0598fe257315e8398dc9e11428d757000 (patch) | |
| tree | c12bd2682dcc61665f72df7a2acbbeae97b86e36 /lib/public_key/asn1 | |
| parent | 1e27e69bfb2f119aac822937cb2625313de1a6cd (diff) | |
| parent | 69d4a56d9f7ade14fd0496ffbf56d96bf9184aef (diff) | |
| download | otp-4877acc0598fe257315e8398dc9e11428d757000.tar.gz otp-4877acc0598fe257315e8398dc9e11428d757000.tar.bz2 otp-4877acc0598fe257315e8398dc9e11428d757000.zip | |
Merge branch 'ia/ssl/countryname-utf8-workaround/OTP-10222' into maint
* ia/ssl/countryname-utf8-workaround/OTP-10222:
ssl & public_key: Workaround that some certificates encode countryname as utf8 and close down gracefully if other ASN-1 errors occur.
Diffstat (limited to 'lib/public_key/asn1')
| -rw-r--r-- | lib/public_key/asn1/OTP-PKIX.asn1 | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/lib/public_key/asn1/OTP-PKIX.asn1 b/lib/public_key/asn1/OTP-PKIX.asn1 index fbf531df40..e94a77a3e7 100644 --- a/lib/public_key/asn1/OTP-PKIX.asn1 +++ b/lib/public_key/asn1/OTP-PKIX.asn1 @@ -225,7 +225,17 @@ dnQualifier ATTRIBUTE-TYPE-AND-VALUE-CLASS ::= { countryName ATTRIBUTE-TYPE-AND-VALUE-CLASS ::= { ID id-at-countryName - TYPE X520countryName } + TYPE X520countryName } -- this is currently not used when decoding + -- The decoding and mapping between ID and Type is done in the code + -- in module publickey_cert_records via the function attribute_type + -- To be more forgiving and compatible with other SSL implementations + -- regarding how to handle and sometimes accept incorrect certificates + -- we define and use the type below instead of X520countryName + + OTP-X520countryname ::= CHOICE { + printableString PrintableString (SIZE (2)), + utf8String UTF8String (SIZE (2)) +} serialNumber ATTRIBUTE-TYPE-AND-VALUE-CLASS ::= { ID id-at-serialNumber |