[rs-dev] TransactionIDs on SCEP and filenames
Graham Leggett
minfrin at sharp.fm
Sun Aug 13 23:14:53 CEST 2023
On 07 Aug 2023, at 22:18, Dirk-Willem van Gulik via rs-dev <rs-dev at redwax.eu> wrote:
> After looking into this some more - it seems that below patch / more protection is actually needed - it prevents the 1 in 20 fails on a CISCO SCEP all (when there are things like dots and /-esh in the KeyID).
>
> So at the least below safe_filename() is needed (and not just wise) for the client controled KeyID. Looking at the serial files - those should be safe as they are essentially numbers (assuming a sensible length).
>
> Not yet committed.
Definitely makes sense, and builds fine.
+1.
Regards,
Graham
—
More information about the rs-dev
mailing list