On Fri, 2013-01-11 at 14:19 -0800, Nathan Kinder wrote:
Th patch itself looks fine. It looks like its doing what is advertised.
I have a question, though, about the effects of this patch.
Prior to this patch, if DS syntax checking were turned off, then a
number of attributes could be stored in the TPS data records with a
value of "". Now, when these records are accessed - either for
processing or display in the UI, the values are usually returned with
various function calls that ultimately call something like:
char *get_cert_attr_byname(LDAPMessage *entry, const char *name)
This would return "" for an empty attribute, but presumably would return
NULL now that the attribute does not exist in the record. Have you
looked at all the places where these parameters are queried, and made
sure that we handle the NULL return correctly?