From dev-return-28486-apmail-directory-dev-archive=directory.apache.org@directory.apache.org Mon Jan 05 13:41:36 2009 Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 57983 invoked from network); 5 Jan 2009 13:41:35 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 5 Jan 2009 13:41:35 -0000 Received: (qmail 16141 invoked by uid 500); 5 Jan 2009 13:41:35 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 16089 invoked by uid 500); 5 Jan 2009 13:41:35 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 16080 invoked by uid 99); 5 Jan 2009 13:41:35 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 05 Jan 2009 05:41:35 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of ayyagarikiran@gmail.com designates 209.85.142.184 as permitted sender) Received: from [209.85.142.184] (HELO ti-out-0910.google.com) (209.85.142.184) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 05 Jan 2009 13:41:25 +0000 Received: by ti-out-0910.google.com with SMTP id y8so5657378tia.5 for ; Mon, 05 Jan 2009 05:41:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=cy2Dxcxk4q4BBGyNZgD9BFVACpDigQ1vbO9qx5Ijlgg=; b=G9M7LawCYBNvwJX2d18a/9xoVsrev4w89qoKcaGJ04MJcfWIfRz05W37Y6YV0PgtN0 8zchtOJ39oV6sG6S+1qokB3opQQ0zurm8kolKsk3DK61fLXwsL2RuzPOPcdBhsJpoYbo LL4L/R3XVBMJgWsQGWHUXK1F2b9EenOgbEQPo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=aO3B0wkpiFtKlAH1DgzSLBEhdkk5TSl10OxuclzrgauVzGlfNMAs6nNCm/kI/vhM5w ji51e05L5ne7p462tOFBXk1jLdFKZiU4eGFMxJLW5F06CkgaoJjgT1a9BoE0GKg2Q6a8 Ai4sINCn54Elx0Lt15IPrW/r0JqJEDmQzac4g= Received: by 10.110.86.3 with SMTP id j3mr7387290tib.45.1231162863573; Mon, 05 Jan 2009 05:41:03 -0800 (PST) Received: from ?192.168.2.90? ([61.246.236.149]) by mx.google.com with ESMTPS id 14sm680281tim.30.2009.01.05.05.41.00 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 05 Jan 2009 05:41:02 -0800 (PST) Message-ID: <49620E24.504@gmail.com> Date: Mon, 05 Jan 2009 19:11:56 +0530 From: ayyagarikiran User-Agent: Thunderbird 2.0.0.17 (X11/20080925) MIME-Version: 1.0 To: Apache Directory Developers List Subject: Re: About the Cert generation Extended request References: <496209D0.2030000@nextury.com> In-Reply-To: <496209D0.2030000@nextury.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org hi Emmanuel, Emmanuel Lecharny wrote: > Hi Kiran, > > you will be the first person able to add a new Extended request using > the ASN.1 codec ! > > Ok, it's really good. Just a few things > - Where do you got the ASN.1 grammar from ? Is there a reference > somwhere on the web, or is this just soemthing you defined from scratch ? yep, created on my own referring the existing code and the wiki doc > > - There are some minor issues in the grammar class : when all the fields > are mandatory (ie, the OPTIONAL keyword does not appears), then you > should insure that the TLVs are not empty. Typically, if the sequence is > empty, you will get a PDU containing 0x30 0x00. Using your current > implementation, this will be accepted. > The problem is that your first transition contains this line : > > CertGenContainer.grammarEndAllowed( true ); ah ok, I didn't get this part but assumed this as a way to tell the decoder to continue to the next transition, will fix it > which allow the PDU to e terminated immediately. > > In this case, you should just ommit this line, unless you want the > grammar to allow empty sequences. Here, I think that the only transition > where this line should appear is the last one : keyAlgorithm. > > You should also check that if all the fields are not present, then it > generates an error (ie, adding a test for each bad field). +1 > > - You are storing DN as String, but maybe it would be a better iead to > check that those DNs are valid. You can use the LdapDN.isValid( dn ) to > do so. Or you can store LdapDN instead. It's up to you. > +1, think this makes more sense and I can throw error as early as possible > - In tests, when expecting an exception, don't add a e.printStackTrace() > : it's a burden when running integration tests. Also don't use '*' in > imports. > ah, my bad, will take them out ( was lazy to add each method of Assert to the static imports ;) ) > I just commited some fixes. ah great, thanks > > Otherwise, it's pretty clean. I didn't thought someone could understand > this portion of the code :) Thanks ! > Thanks a lot for your time and comments, I appreciate them :) Kiran Ayyagari