User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3b) Gecko/20030210
Kurt D. Zeilenga wrote:
Mark,
Why did you introduce dnX509normalize2()?
Shouldn't dnX509normalize() handle this need?
Kurt
Kurt,
Yes you're right. It should.
And initially I tried to use it. But this routine is leaking memory
somewhere...
The nasty thing about it is that the leak makes it impossible to free
the certificate structure in certificateExactConvert.
X509_free(xcert); equals coredump.
The real work isn't done in dnX509normalize but in
ldap/libraries/libldap/ldap_X509dn2bv which seems hard to debug,
and because of the lenght of the routine dnX509normalize2 should be much
easier to maintain.
However if you can find the leak and fix it then dnX509normalize2 is no
longer needed.
I'm not sure if dnX509normalize is used in any other routine..... If it
isn't I would prefer to drop it.