View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000657 | Main CAcert Website | certificate issuing | public | 2008-12-09 11:23 | 2015-07-31 05:32 |
| Reporter | teus | Assigned To | BenBE | ||
| Priority | high | Severity | major | Reproducibility | always |
| Status | needs work | Resolution | open | ||
| Product Version | 2008 | ||||
| Target Version | 2014 Q2 | ||||
| Summary | 0000657: server cert issued with country field takes first two letters of country | ||||
| Description | issued server certificate with country field has a copy of first two letter of country name or on organisation assurance only the country code should be accepted. | ||||
| Additional Information | example: organisation country is named by the organisation assurer as: the Netherlands, the server certificate will show as country: "th" | ||||
| Tags | No tags attached. | ||||
| Reviewed by | |||||
| Test Instructions | https://bugs.cacert.org/view.php?id=657#c5150 | ||||
|
|
Length of the fields according to RFC 5280 -- Upper Bounds ub-name INTEGER ::= 32768 ub-common-name INTEGER ::= 64 ub-locality-name INTEGER ::= 128 ub-state-name INTEGER ::= 128 ub-organization-name INTEGER ::= 64 ub-organizational-unit-name INTEGER ::= 64 ub-title INTEGER ::= 64 ub-serial-number INTEGER ::= 64 ub-match INTEGER ::= 128 ub-emailaddress-length INTEGER ::= 255 ub-common-name-length INTEGER ::= 64 ub-country-name-alpha-length INTEGER ::= 2 ub-country-name-numeric-length INTEGER ::= 3 ub-domain-defined-attributes INTEGER ::= 4 ub-domain-defined-attribute-type-length INTEGER ::= 8 ub-domain-defined-attribute-value-length INTEGER ::= 128 ub-domain-name-length INTEGER ::= 16 ub-extension-attributes INTEGER ::= 256 ub-e163-4-number-length INTEGER ::= 15 ub-e163-4-sub-address-length INTEGER ::= 40 ub-generation-qualifier-length INTEGER ::= 3 ub-given-name-length INTEGER ::= 16 ub-initials-length INTEGER ::= 5 ub-integer-options INTEGER ::= 256 ub-numeric-user-id-length INTEGER ::= 32 ub-organization-name-length INTEGER ::= 64 ub-organizational-unit-name-length INTEGER ::= 32 ub-organizational-units INTEGER ::= 4 ub-pds-name-length INTEGER ::= 16 ub-pds-parameter-length INTEGER ::= 30 ub-pds-physical-address-lines INTEGER ::= 6 ub-postal-code-length INTEGER ::= 16 ub-pseudonym INTEGER ::= 128 ub-surname-length INTEGER ::= 40 ub-terminal-id-length INTEGER ::= 24 ub-unformatted-address-length INTEGER ::= 180 ub-x121-address-length INTEGER ::= 16 |
|
|
I pushed a fix to https://github.com/INOPIAE/CAcert/tree/bug-657 |
|
|
I merged the branch with the recent release and testserver-stable branches. The fix is avilable under https://github.com/INOPIAE/CAcert/tree/bug-657 [^] |
|
|
Current patch lacking server-side validation and reporting (e.g. warning) when violating the restrictions. |
|
|
Test instructions: Verify that there is information about the length limits in the "new-org-form" Verify that a lowercase country code gets converted to upper case before being inserted into the DB Verify that strange characters ( < > " & ... ) in Org name, Contact mail, town, state and country are correctly escaped when editing the organisation. Verify that there is an "Edit Organisation" button while editing an organisation and there is a "New Organisation" button while creating a new one |
|
|
I added the organisation "Gallien" as new organisation. There was an information about the length limit to the country code. -> ok Lower case country code was converted to upper case country code. -> ok I added <"&%@> after the normal entries into Org name, Town, State and Comment (forgot email) -> in the organisation overview they get displayed as I had enterd them -> when trying to edit the organisation this characters are gone -> I'm not sure how this should look like, but it should be the same for both The "Edit Organisation" button is called "Update" the "New Organisation" buttion is called "Next" => Not OK. At least the visualisation of the escaping needs more work. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2008-12-09 11:23 | teus | New Issue | |
| 2014-03-15 17:40 | INOPIAE | Note Added: 0004641 | |
| 2014-03-15 20:01 | INOPIAE | Assigned To | => INOPIAE |
| 2014-03-15 20:34 | INOPIAE | Note Added: 0004642 | |
| 2014-03-15 20:34 | INOPIAE | Assigned To | INOPIAE => BenBE |
| 2014-03-15 20:34 | INOPIAE | Status | new => fix available |
| 2014-06-08 09:54 | INOPIAE | Note Added: 0004806 | |
| 2014-06-15 17:45 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable b6b67f82 |
| 2014-06-15 17:45 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable f50ec866 |
| 2014-06-15 17:45 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable eb482e86 |
| 2014-06-15 17:45 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable ba462bd6 |
| 2014-06-15 17:45 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable c80cd13b |
| 2014-06-15 17:45 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 5b725c22 |
| 2014-06-15 17:45 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable b86110f3 |
| 2014-06-15 17:45 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable ba4e4e64 |
| 2014-06-15 17:45 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 014b2bc7 |
| 2014-06-15 17:45 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 1fe48d41 |
| 2014-06-15 17:47 | BenBE | Status | fix available => needs review & testing |
| 2014-06-15 17:47 | BenBE | Product Version | => 2008 |
| 2014-06-15 17:47 | BenBE | Target Version | => 2014 Q2 |
| 2014-06-15 18:01 | BenBE | Note Added: 0004842 | |
| 2014-12-02 21:00 | felixd | Note Added: 0005150 | |
| 2014-12-02 21:00 | felixd | Note Edited: 0005150 | |
| 2014-12-02 21:01 | felixd | Test Instructions | => https://bugs.cacert.org/view.php?id=657#c5150 |
| 2014-12-02 21:47 | Eva | Note Added: 0005153 | |
| 2014-12-02 21:50 | Eva | Note Edited: 0005153 | |
| 2014-12-23 20:29 | Eva | Status | needs review & testing => needs work |
| 2015-07-30 11:05 | INOPIAE | Relationship added | related to 0001382 |
| 2015-07-31 05:32 | INOPIAE | Relationship added | related to 0001148 |
