From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/60346 Path: news.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: ldap cert retrieval and pem encoding Date: Tue, 24 May 2005 16:18:31 +0200 Message-ID: References: NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1116944502 30066 80.91.229.2 (24 May 2005 14:21:42 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Tue, 24 May 2005 14:21:42 +0000 (UTC) Cc: ding@gnus.org Original-X-From: ding-owner+M8873@lists.math.uh.edu Tue May 24 16:21:39 2005 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by ciao.gmane.org with esmtp (Exim 4.43) id 1DaaEa-0006YE-T5 for ding-account@gmane.org; Tue, 24 May 2005 16:18:17 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu ident=lists) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1DaaFB-0005CV-00; Tue, 24 May 2005 09:18:53 -0500 Original-Received: from util2.math.uh.edu ([129.7.128.23]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1DaaF7-0005CQ-00 for ding@lists.math.uh.edu; Tue, 24 May 2005 09:18:49 -0500 Original-Received: from quimby.gnus.org ([80.91.224.244]) by util2.math.uh.edu with esmtp (Exim 4.30) id 1DaaF5-0001jw-Fr for ding@lists.math.uh.edu; Tue, 24 May 2005 09:18:47 -0500 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net ([217.13.230.178] helo=yxa.extundo.com) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1DaaF4-00056f-00 for ; Tue, 24 May 2005 16:18:46 +0200 Original-Received: from latte.josefsson.org (c494102a.s-bi.bostream.se [217.215.27.65]) (authenticated bits=0) by yxa.extundo.com (8.13.4/8.13.4/Debian-1) with ESMTP id j4OEIXNd028599 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 24 May 2005 16:18:36 +0200 Original-To: Ulf Stegemann OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:21:050524:ulf@zeitform.de::RGge8uEnutRlFfRa:4wqC X-Hashcash: 1:21:050524:ding@gnus.org::Sond35fWLRzEcN6U:5R6h In-Reply-To: (Ulf Stegemann's message of "Tue, 24 May 2005 12:02:26 +0200") User-Agent: Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) X-Spam-Status: No, score=0.1 required=5.0 tests=FORGED_RCVD_HELO autolearn=failed version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on yxa-iv X-Virus-Scanned: ClamAV version 0.84, clamav-milter version 0.84e on yxa.extundo.com X-Virus-Status: Clean X-Spam-Score: -4.9 (----) Precedence: bulk Original-Sender: ding-owner@lists.math.uh.edu Xref: news.gmane.org gmane.emacs.gnus.general:60346 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:60346 Ulf Stegemann writes: > XEmacs 21.4 (patch 17) "Jumbo Shrimp" [Lucid] (i686-pc-linux, Mule), > No Gnus v0.4 > > The ldap server I use stores s/mime certificates either in DER or in PEM > format. smime-ldap retrieves only DER encoded certificates correctly. PEM > encoded certificates are fetched, too, but the resulting tmp file/buffer does > not contain the correct cert only something that looks like a cert. > > Can anyone confirm this behaviour or is it a local problem? The code assume the data returned is in DER form, so I think your analysis is correct, and it is not a local problem. The received, assumed-DER, data is then base64 encoded, and wrapped into a PEM blob. You should be able to base64 decode the tmp file/buffer content, and get the certificate in PEM format. I see two solutions: The Right Thing: figure out how to get the type of data returned from the server, and follow that hint. The Workaround: Look at the received data to see if the head happen to match a PEM header, and decide based on that. It might be that the two solutions collapse into one if the server can't return the type of data in any other way of having a PEM header on the blob, though.