8c20519 Ticket 49543 - fix certmap dn comparison

Authored and Committed by ftweedal 5 years ago
    Ticket 49543 - fix certmap dn comparison
    
    Bug Description: Differences in DN string representations between
    the value included in certmap.conf, and the stringified value of the
    Issuer DN produced by NSS, as well as buggy DN normalisation code in
    389 itself, cause 389 to wrongly reject the correct certmap
    configuration to use.  Authentication fails.  This behaviour was
    observed when there is an escaped comma in an attribute value.
    
    Fix Description: Instead of comparing stringified DNs, parse the DN
    represented in certmap.conf into an NSS CertNAME.  Use the NSS DN
    comparison routine when comparing certificate Issuer DNs against the
    certmap configurations.  Remove the buggy DN normalisation routine.
    
    https://pagure.io/389-ds-base/issue/49543
    
    Author: Fraser Tweedale <ftweedal@redhat.com>
    
    Review by: ???
    
        
file modified
+12 -8
file modified
+1 -1
file modified
+21 -6
file modified
+26 -136
file modified
+2 -1