admserv/cgi-src40/cgicommon.h | 1
admserv/cgi-src40/cgicommon.properties | 3 +-
admserv/cgi-src40/security.c | 48 ++++++++++++++++++++++++---------
admserv/cgi-src40/viewlog.c | 5 ++-
tests/security/testpost.1 | 1
tests/security/testpost.10 | 1
tests/security/testpost.11 | 1
tests/security/testpost.12 | 1
tests/security/testpost.13 | 1
tests/security/testpost.14 | 1
tests/security/testpost.15 | 1
tests/security/testpost.16 | 1
tests/security/testpost.17 | 1
tests/security/testpost.18 | 1
tests/security/testpost.19 | 1
tests/security/testpost.2 | 1
tests/security/testpost.20 | 1
tests/security/testpost.21 | 1
tests/security/testpost.3 | 1
tests/security/testpost.4 | 1
tests/security/testpost.5 | 1
tests/security/testpost.6 | 1
tests/security/testpost.7 | 1
tests/security/testpost.8 | 1
tests/security/testpost.9 | 1
25 files changed, 64 insertions(+), 14 deletions(-)
New commits:
commit 7edcc2bdbf049e93bbc8d313494ab4f277cf36ac
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Jun 30 11:49:32 2011 -0600
added tests for the security cgi
diff --git a/tests/security/testpost.1 b/tests/security/testpost.1
new file mode 100644
index 0000000..cd127cd
--- /dev/null
+++ b/tests/security/testpost.1
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&dllname=PEM&filename=libnsspem.so&formop=MODULE_OPERATION&format=dll&op_type=add
\ No newline at end of file
diff --git a/tests/security/testpost.10 b/tests/security/testpost.10
new file mode 100644
index 0000000..17696c6
--- /dev/null
+++ b/tests/security/testpost.10
@@ -0,0 +1 @@
+keypwd=88865d09e260d77c6caf9cd040c2a0fe9d182afe&sie=slapd-INSTANCE&formop=INSTALL_CERT&trust_flag=0&certtype=0&installmethod=1&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%
3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3A58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8
%3A24%3A4c%3A7d%3A63%3A06%3A93%3Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A+++++++++++
+++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A+++++++
+e1%3A00%3A43%3A29%3Ac4%3A59%3A54%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A++++++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4
X%0ADTExMDYwMjIyMDkwMVoXDTE0MDYwMTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDAJDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXT
FQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D8by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVDut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&tokenname=internal+%28software%29&certname=new+CA
\ No newline at end of file
diff --git a/tests/security/testpost.11 b/tests/security/testpost.11
new file mode 100644
index 0000000..7b8b617
--- /dev/null
+++ b/tests/security/testpost.11
@@ -0,0 +1 @@
+keypwd=password&sie=slapd-INSTANCE&formop=INSTALL_CERT&trust_flag=0&certtype=0&installmethod=1&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3A
58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8%3A24%3A4c%3A7d%3A63%3A06%3A93%3
Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalh
ost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A++++++++e1%3A00%3A43%3A29%3Ac4%3A59%3A5
4%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A++++++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4X%0ADTExMDYwMjIyMDkwMVoXDTE0MDYw
MTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDAJDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXTFQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D8
by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVDut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&tokenname=internal+%28software%29&certname=new+CA
\ No newline at end of file
diff --git a/tests/security/testpost.12 b/tests/security/testpost.12
new file mode 100644
index 0000000..917f90d
--- /dev/null
+++ b/tests/security/testpost.12
@@ -0,0 +1 @@
+keypwd=Secret123&sie=slapd-INSTANCE&formop=INSTALL_CERT&trust_flag=0&certtype=0&installmethod=1&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3
A58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8%3A24%3A4c%3A7d%3A63%3A06%3A93%
3Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocal
host.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A++++++++e1%3A00%3A43%3A29%3Ac4%3A59%3A
54%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A++++++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4X%0ADTExMDYwMjIyMDkwMVoXDTE0MDY
wMTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDAJDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXTFQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D
8by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVDut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&tokenname=internal+%28software%29&certname=new+CA
\ No newline at end of file
diff --git a/tests/security/testpost.13 b/tests/security/testpost.13
new file mode 100644
index 0000000..bc099be
--- /dev/null
+++ b/tests/security/testpost.13
@@ -0,0 +1 @@
+keypwd=secret12&sie=slapd-INSTANCE&formop=INSTALL_CERT&trust_flag=0&certtype=0&installmethod=1&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3A
58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8%3A24%3A4c%3A7d%3A63%3A06%3A93%3
Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalh
ost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A++++++++e1%3A00%3A43%3A29%3Ac4%3A59%3A5
4%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A++++++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4X%0ADTExMDYwMjIyMDkwMVoXDTE0MDYw
MTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDAJDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXTFQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D8
by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVDut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&tokenname=internal+%28software%29&certname=new+CA
\ No newline at end of file
diff --git a/tests/security/testpost.14 b/tests/security/testpost.14
new file mode 100644
index 0000000..47b9eaa
--- /dev/null
+++ b/tests/security/testpost.14
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&certtype=0&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3A58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91
%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8%3A24%3A4c%3A7d%3A63%3A06%3A93%3Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab
1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%
3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A++++++++e1%3A00%3A43%3A29%3Ac4%3A59%3A54%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A+++
+++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4X%0ADTExMDYwMjIyMDkwMVoXDTE0MDYwMTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDA
JDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXTFQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D8by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVD
ut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&trust_flag=0&formop=INSTALL_CERT&tokenname=internal+%28software%29
\ No newline at end of file
diff --git a/tests/security/testpost.15 b/tests/security/testpost.15
new file mode 100644
index 0000000..a68f237
--- /dev/null
+++ b/tests/security/testpost.15
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=LIST_CERTIFICATE&tokenname=internal+%28software%29
\ No newline at end of file
diff --git a/tests/security/testpost.16 b/tests/security/testpost.16
new file mode 100644
index 0000000..c1a6036
--- /dev/null
+++ b/tests/security/testpost.16
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&trust_flag=144&formop=CHANGE_TRUST&certfingerprint=07%3A02%3ADA%3A73%3A00%3ADD%3A5C%3A64%3A29%3A3B%3A31%3A76%3A6F%3A85%3A75%3A26&certname=internal+%28software%29%3AQE+BOSTON+CA
\ No newline at end of file
diff --git a/tests/security/testpost.17 b/tests/security/testpost.17
new file mode 100644
index 0000000..6058f5f
--- /dev/null
+++ b/tests/security/testpost.17
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&trust_flag=128&formop=CHANGE_TRUST&certfingerprint=07%3A02%3ADA%3A73%3A00%3ADD%3A5C%3A64%3A29%3A3B%3A31%3A76%3A6F%3A85%3A75%3A26&certname=internal+%28software%29%3AQE+BOSTON+CA
\ No newline at end of file
diff --git a/tests/security/testpost.18 b/tests/security/testpost.18
new file mode 100644
index 0000000..008d555
--- /dev/null
+++ b/tests/security/testpost.18
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=FIND_CERTIFICATE&certfingerprint=07%3A02%3ADA%3A73%3A00%3ADD%3A5C%3A64%3A29%3A3B%3A31%3A76%3A6F%3A85%3A75%3A26&certname=internal+%28software%29%3AQE+BOSTON+CA
\ No newline at end of file
diff --git a/tests/security/testpost.19 b/tests/security/testpost.19
new file mode 100644
index 0000000..9f5c96c
--- /dev/null
+++ b/tests/security/testpost.19
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=FIND_CERTIFICATE&certfingerprint=D7%3AB0%3A2A%3ADC%3ACF%3A97%3A30%3A6C%3A78%3A42%3A4E%3A09%3A35%3A31%3ADD%3A6D&certname=internal+%28software%29%3Aserver-cert
\ No newline at end of file
diff --git a/tests/security/testpost.2 b/tests/security/testpost.2
new file mode 100644
index 0000000..eabc662
--- /dev/null
+++ b/tests/security/testpost.2
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=LIST_MODULE
\ No newline at end of file
diff --git a/tests/security/testpost.20 b/tests/security/testpost.20
new file mode 100644
index 0000000..a68f237
--- /dev/null
+++ b/tests/security/testpost.20
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=LIST_CERTIFICATE&tokenname=internal+%28software%29
\ No newline at end of file
diff --git a/tests/security/testpost.21 b/tests/security/testpost.21
new file mode 100644
index 0000000..d55db52
--- /dev/null
+++ b/tests/security/testpost.21
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=TOKEN_INFO
\ No newline at end of file
diff --git a/tests/security/testpost.3 b/tests/security/testpost.3
new file mode 100644
index 0000000..a68f237
--- /dev/null
+++ b/tests/security/testpost.3
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=LIST_CERTIFICATE&tokenname=internal+%28software%29
\ No newline at end of file
diff --git a/tests/security/testpost.4 b/tests/security/testpost.4
new file mode 100644
index 0000000..3193dd6
--- /dev/null
+++ b/tests/security/testpost.4
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&certtype=1&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3A58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91
%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8%3A24%3A4c%3A7d%3A63%3A06%3A93%3Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab
1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%
3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A++++++++e1%3A00%3A43%3A29%3Ac4%3A59%3A54%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A+++
+++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4X%0ADTExMDYwMjIyMDkwMVoXDTE0MDYwMTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDA
JDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXTFQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D8by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVD
ut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&trust_flag=144&formop=INSTALL_CERT&installmethod=1&tokenname=internal+%28software%29&certname=CA
\ No newline at end of file
diff --git a/tests/security/testpost.5 b/tests/security/testpost.5
new file mode 100644
index 0000000..3193dd6
--- /dev/null
+++ b/tests/security/testpost.5
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&certtype=1&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3A58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91
%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8%3A24%3A4c%3A7d%3A63%3A06%3A93%3Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab
1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%
3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A++++++++e1%3A00%3A43%3A29%3Ac4%3A59%3A54%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A+++
+++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4X%0ADTExMDYwMjIyMDkwMVoXDTE0MDYwMTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDA
JDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXTFQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D8by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVD
ut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&trust_flag=144&formop=INSTALL_CERT&installmethod=1&tokenname=internal+%28software%29&certname=CA
\ No newline at end of file
diff --git a/tests/security/testpost.6 b/tests/security/testpost.6
new file mode 100644
index 0000000..a68f237
--- /dev/null
+++ b/tests/security/testpost.6
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=LIST_CERTIFICATE&tokenname=internal+%28software%29
\ No newline at end of file
diff --git a/tests/security/testpost.7 b/tests/security/testpost.7
new file mode 100644
index 0000000..a68f237
--- /dev/null
+++ b/tests/security/testpost.7
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=LIST_CERTIFICATE&tokenname=internal+%28software%29
\ No newline at end of file
diff --git a/tests/security/testpost.8 b/tests/security/testpost.8
new file mode 100644
index 0000000..d9ac7dc
--- /dev/null
+++ b/tests/security/testpost.8
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&certtype=1&dercert=Certificate%3A%0A++++Data%3A%0A++++++++Version%3A+3+%280x2%29%0A++++++++Serial+Number%3A%0A++++++++++++98%3A12%3A07%3A62%3A86%3A07%3A59%3Aec%0A++++++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++Issuer%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Validity%0A++++++++++++Not+Before%3A+Jun++2+22%3A09%3A01+2011+GMT%0A++++++++++++Not+After+%3A+Jun++1+22%3A09%3A01+2014+GMT%0A++++++++Subject%3A+C%3DUS%2C+ST%3DNM%2C+O%3DCO%2C+CN%3DCA%0A++++++++Subject+Public+Key+Info%3A%0A++++++++++++Public+Key+Algorithm%3A+rsaEncryption%0A++++++++++++++++Public-Key%3A+%282048+bit%29%0A++++++++++++++++Modulus%3A%0A++++++++++++++++++++00%3Abb%3Ac1%3Ae3%3Ac7%3Aff%3A79%3A31%3A99%3A56%3A78%3A3e%3Aa8%3Aff%3Ac1%3A%0A++++++++++++++++++++58%3Ac0%3A88%3A15%3A82%3A6c%3Ab6%3A55%3A36%3Af2%3Acd%3Aaa%3A40%3A73%3A83%3A%0A++++++++++++++++++++e4%3Ae1%3A08%3A51%3A39%3A46%3Ab4%3Abb%3A2e%3A4b%3A2d%3A58%3Ab2%3A91%3A57%3A%0A++++++++++++++++++++1b%3A83%3A57%3Ae1%3A91
%3A64%3Ac8%3Ac1%3A19%3Af2%3A18%3Af9%3A69%3A74%3A0c%3A%0A++++++++++++++++++++1d%3Aec%3A6f%3A3e%3Af2%3Ac7%3A6c%3Af7%3A06%3A9a%3Ac7%3A51%3A38%3A6f%3A1d%3A%0A++++++++++++++++++++6b%3A2e%3A8f%3Af8%3Ae0%3A3e%3Ae3%3Ab9%3Aac%3Acf%3Aac%3Aac%3Ada%3Af8%3A9c%3A%0A++++++++++++++++++++0f%3A9a%3A37%3A80%3A47%3A93%3Af0%3A1e%3A75%3A3d%3Ad1%3A69%3Ad0%3A15%3Aeb%3A%0A++++++++++++++++++++26%3Afe%3Abf%3A55%3A88%3Aca%3A0d%3Ac1%3A52%3Ae2%3A9a%3A4b%3Aa5%3Ac0%3Ae2%3A%0A++++++++++++++++++++3d%3A26%3A83%3Ab6%3A63%3Ac8%3A41%3A11%3A27%3A68%3A7d%3Ab4%3A82%3Ae4%3A6f%3A%0A++++++++++++++++++++13%3A05%3A2f%3A2f%3A08%3Ac5%3A64%3Ad6%3Aa2%3Aa5%3A61%3A92%3A67%3A15%3A95%3A%0A++++++++++++++++++++cc%3A3e%3A26%3A8d%3Ac7%3A45%3A45%3A28%3A34%3A2c%3A60%3A2f%3A19%3A94%3Abf%3A%0A++++++++++++++++++++a7%3A6a%3A62%3Ac6%3A8a%3A44%3A3a%3Ac9%3A15%3A60%3A6e%3A99%3Ac4%3A1d%3A7f%3A%0A++++++++++++++++++++bc%3Afc%3A40%3A2e%3A45%3Aa1%3Ad8%3A24%3A4c%3A7d%3A63%3A06%3A93%3Ae5%3A8b%3A%0A++++++++++++++++++++2f%3A1b%3A6c%3A79%3A2d%3A8d%3Ab
1%3A27%3A8a%3A67%3Aff%3Ace%3Ac8%3A48%3Ad7%3A%0A++++++++++++++++++++a3%3A45%3A64%3A99%3A60%3Af0%3Add%3Ab7%3A83%3Ac2%3Aea%3A23%3Ac4%3Af9%3A82%3A%0A++++++++++++++++++++8e%3Aa0%3Ae5%3Af0%3A63%3Ab1%3A0e%3A15%3Af5%3A10%3Ad2%3Aa5%3A2d%3A53%3A17%3A%0A++++++++++++++++++++20%3A00%3Aa8%3A4e%3Ad9%3A6d%3Ac2%3A11%3A68%3A3a%3A8e%3Ad1%3A3a%3A78%3Af2%3A%0A++++++++++++++++++++1e%3Ad7%0A++++++++++++++++Exponent%3A+65537+%280x10001%29%0A++++++++X509v3+extensions%3A%0A++++++++++++X509v3+Subject+Key+Identifier%3A+%0A++++++++++++++++BF%3A0F%3A9E%3AC2%3AED%3A83%3A48%3A3A%3A77%3A9C%3A46%3A11%3A96%3A02%3AB1%3A70%3AD0%3A61%3A45%3A4A%0A++++++++++++X509v3+Basic+Constraints%3A+critical%0A++++++++++++++++CA%3ATRUE%0A++++++++++++X509v3+Key+Usage%3A+%0A++++++++++++++++Digital+Signature%2C+Certificate+Sign%2C+CRL+Sign%0A++++++++++++X509v3+CRL+Distribution+Points%3A+%0A%0A++++++++++++++++Full+Name%3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++++++Full+Name%
3A%0A++++++++++++++++++URI%3Ahttp%3A%2F%2Flocalhost.localdomain%3A9831%2Fmyca.crl%0A%0A++++++++++++1.3.6.1.4.1.311.21.1%3A+%0A++++++++++++++++...%0A++++++++++++1.3.6.1.4.1.311.21.2%3A+%0A++++++++++++++++..%3B...I..n...F..2...%0A++++Signature+Algorithm%3A+sha1WithRSAEncryption%0A++++++++46%3A4c%3Aa8%3A42%3A64%3A30%3A54%3A03%3A12%3A5d%3A2b%3Adb%3A5a%3A3b%3Af5%3A58%3A23%3A0d%3A%0A++++++++d3%3A4d%3A99%3A2b%3Ab0%3A82%3Ae6%3A87%3A7e%3A1d%3A48%3A9c%3Adb%3A6d%3A42%3Ae0%3Ab6%3Aba%3A%0A++++++++1e%3Af4%3A81%3Ae1%3A3f%3A9c%3A1f%3Ab1%3A2e%3Aed%3A35%3Ae4%3A92%3Aef%3Ab6%3Aa0%3A9d%3A94%3A%0A++++++++15%3A97%3A4c%3A54%3A3f%3Ad3%3A1a%3A6e%3Ad6%3A74%3Aaa%3Ac1%3Aca%3Ac6%3A56%3Ace%3Aa0%3Aa7%3A%0A++++++++07%3Aa5%3A5d%3A47%3A4b%3Aec%3A3f%3A1b%3Acb%3Ae9%3A1a%3Afd%3A2f%3Ae7%3Afc%3A4c%3A23%3A79%3A%0A++++++++4f%3A81%3A77%3A37%3Aab%3A75%3Acc%3A8d%3A3d%3Adf%3A94%3A50%3A2f%3A15%3A2a%3A1f%3A2a%3Af4%3A%0A++++++++e1%3A00%3A43%3A29%3Ac4%3A59%3A54%3A55%3A0e%3Aeb%3A7e%3A79%3A1b%3Aaa%3A8d%3Ac6%3A6c%3A53%3A%0A+++
+++++38%3Ad9%3Af2%3A55%3Afe%3A8d%3Ad1%3A8e%3A55%3Aa8%3Afd%3A43%3A48%3A58%3Af2%3A25%3Af1%3Abf%3A%0A++++++++6b%3A8b%3A0f%3Aea%3A86%3Ab5%3Aba%3Ab6%3A8e%3A6c%3A81%3A78%3Ac2%3Aa4%3Aea%3A9e%3Ada%3A83%3A%0A++++++++32%3A15%3A7c%3Ac2%3A86%3A43%3A94%3A22%3A39%3A33%3Ae0%3A6f%3A11%3Af9%3A40%3A8f%3A0e%3A60%3A%0A++++++++5c%3A67%3A8d%3A16%3A47%3A0b%3Ab6%3Ad7%3Ae5%3A15%3A78%3A86%3Af7%3Aef%3A7b%3A52%3Aea%3Ae8%3A%0A++++++++83%3A16%3Ae0%3Afc%3A6b%3Ac2%3A26%3Ae8%3Af9%3A0c%3A37%3A60%3A9e%3A61%3Ac2%3Ae5%3A5e%3Af8%3A%0A++++++++72%3A79%3A3f%3A43%3A84%3A39%3A76%3A60%3A6a%3A1b%3A58%3A6c%3A1f%3Aaa%3A27%3Aa3%3A58%3A24%3A%0A++++++++02%3Ad9%3A34%3A53%3A46%3Ab7%3Ae5%3A6e%3A85%3A32%3A1d%3A86%3A86%3Aed%3A08%3Aa9%3Ac5%3A17%3A%0A++++++++54%3A67%3A4c%3A82%0A-----BEGIN+CERTIFICATE-----%0AMIID0DCCArigAwIBAgIJAJgSB2KGB1nsMA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJOTTELMAkGA1UECgwCQ08xCzAJBgNVBAMMAkNBMB4X%0ADTExMDYwMjIyMDkwMVoXDTE0MDYwMTIyMDkwMVowNDELMAkGA1UEBhMCVVMxCzAJ%0ABgNVBAgMAk5NMQswCQYDVQQKDA
JDTzELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQC7wePH%2F3kxmVZ4Pqj%2FwVjAiBWCbLZVNvLNqkBz%0Ag%2BThCFE5RrS7LkstWLKRVxuDV%2BGRZMjBGfIY%2BWl0DB3sbz7yx2z3BprHUThvHWsu%0Aj%2FjgPuO5rM%2BsrNr4nA%2BaN4BHk%2FAedT3RadAV6yb%2Bv1WIyg3BUuKaS6XA4j0mg7Zj%0AyEERJ2h9tILkbxMFLy8IxWTWoqVhkmcVlcw%2BJo3HRUUoNCxgLxmUv6dqYsaKRDrJ%0AFWBumcQdf7z8QC5FodgkTH1jBpPliy8bbHktjbEnimf%2FzshI16NFZJlg8N23g8Lq%0AI8T5go6g5fBjsQ4V9RDSpS1TFyAAqE7ZbcIRaDqO0Tp48h7XAgMBAAGjgeQwgeEw%0AHQYDVR0OBBYEFL8PnsLtg0g6d5xGEZYCsXDQYUVKMA8GA1UdEwEB%2FwQFMAMBAf8w%0ACwYDVR0PBAQDAgGGMG0GA1UdHwRmMGQwMKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Qu%0AbG9jYWxkb21haW46OTgzMS9teWNhLmNybDAwoC6gLIYqaHR0cDovL2xvY2FsaG9z%0AdC5sb2NhbGRvbWFpbjo5ODMxL215Y2EuY3JsMBAGCSsGAQQBgjcVAQQDAgEDMCEG%0ACSsGAQQBgjcVAgQUrcg7GeeTSRscbqD9i0bNnzLlkvwwDQYJKoZIhvcNAQEFBQAD%0AggEBAEZMqEJkMFQDEl0r21o79VgjDdNNmSuwguaHfh1InNttQuC2uh70geE%2FnB%2Bx%0ALu015JLvtqCdlBWXTFQ%2F0xpu1nSqwcrGVs6gpwelXUdL7D8by%2Bka%2FS%2Fn%2FEwjeU%2BB%0AdzerdcyNPd%2BUUC8VKh8q9OEAQynEWVRVD
ut%2BeRuqjcZsUzjZ8lX%2BjdGOVaj9Q0hY%0A8iXxv2uLD%2BqGtbq2jmyBeMKk6p7agzIVfMKGQ5QiOTPgbxH5QI8OYFxnjRZHC7bX%0A5RV4hvfve1Lq6IMW4Pxrwibo%2BQw3YJ5hwuVe%2BHJ5P0OEOXZgahtYbB%2BqJ6NYJALZ%0ANFNGt%2BVuhTIdhobtCKnFF1RnTII%3D%0A-----END+CERTIFICATE-----%0A&trust_flag=0&formop=INSTALL_CERT&tokenname=internal+%28software%29
\ No newline at end of file
diff --git a/tests/security/testpost.9 b/tests/security/testpost.9
new file mode 100644
index 0000000..a68f237
--- /dev/null
+++ b/tests/security/testpost.9
@@ -0,0 +1 @@
+sie=slapd-INSTANCE&formop=LIST_CERTIFICATE&tokenname=internal+%28software%29
\ No newline at end of file
commit d68019446b43c2b242609a2ebe2fa55cd1d4e04e
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Jun 30 11:50:22 2011 -0600
fix typo in NSS_Shutdown warning message
diff --git a/admserv/cgi-src40/cgicommon.properties b/admserv/cgi-src40/cgicommon.properties
index 2ce4b05..337f07e 100644
--- a/admserv/cgi-src40/cgicommon.properties
+++ b/admserv/cgi-src40/cgicommon.properties
@@ -29,6 +29,6 @@ root {
// messages displayed to user - these can be localized
cgicommon1 { "Could not read the Admin Server CGI config file %s/adm.conf: error code %d" }
cgicommon2 { "NSS initialization failed for security directory %s: error %d:%s" }
-cgicommon3 { "NSS shutdown failed: eror %d:%s" }
+cgicommon3 { "NSS shutdown failed: error %d:%s" }
}
commit 96fbda29ad7dfe39ad412714833f232fe5b42e86
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Wed Jun 29 19:06:49 2011 -0600
better NSS error handling - reduce memory leaks
When we get an error from NSS_Initialize or NSS_Shutdown, try to log
some more informative error messages. Errors from NSS_Initialize are
"hard" errors - we cannot/should not proceed. Errors from
NSS_Shutdown are "soft" errors - we leak NSS resources in a few of the
CGI programs and NSS_Shutdown will complain about that, but it is
really ok. Found and fixed a couple of memory leaks but there are
many, many more.
diff --git a/admserv/cgi-src40/cgicommon.h b/admserv/cgi-src40/cgicommon.h
index 71c67be..43ab38f 100644
--- a/admserv/cgi-src40/cgicommon.h
+++ b/admserv/cgi-src40/cgicommon.h
@@ -29,6 +29,7 @@
/* These are the defines to use in C code for localized messages */
#define CMN_CONFIGPROBLEM resource_key(COMMON_RESOURCE_FILE, "1")
#define CMN_SSL_INIT_ERROR resource_key(COMMON_RESOURCE_FILE, "2")
+#define CMN_NSS_SHUTDOWN_ERROR resource_key(COMMON_RESOURCE_FILE, "3")
/* These are other properties */
#define DSOBJECTCLASS "nsdirectoryserver" /* name of table in cgicommon */
diff --git a/admserv/cgi-src40/cgicommon.properties b/admserv/cgi-src40/cgicommon.properties
index 63cd3da..2ce4b05 100644
--- a/admserv/cgi-src40/cgicommon.properties
+++ b/admserv/cgi-src40/cgicommon.properties
@@ -28,6 +28,7 @@ root {
// messages displayed to user - these can be localized
cgicommon1 { "Could not read the Admin Server CGI config file %s/adm.conf: error code %d" }
-cgicommon2 { "SSL related initialization failed" }
+cgicommon2 { "NSS initialization failed for security directory %s: error %d:%s" }
+cgicommon3 { "NSS shutdown failed: eror %d:%s" }
}
diff --git a/admserv/cgi-src40/security.c b/admserv/cgi-src40/security.c
index 093655c..883c067 100644
--- a/admserv/cgi-src40/security.c
+++ b/admserv/cgi-src40/security.c
@@ -240,11 +240,21 @@ static void closeAllSecurityDB(int global) {
SSL_ClearSessionCache();
}
if (secctx) {
- NSS_ShutdownContext(secctx);
+ if (NSS_ShutdownContext(secctx)) {
+ PR_snprintf(line, sizeof(line), getResourceString(CMN_NSS_SHUTDOWN_ERROR),
+ PR_GetError(),
+ SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
+ rpt_err(GENERAL_FAILURE, line, NULL, NULL);
+ }
secctx = NULL;
}
if (global) {
- NSS_Shutdown();
+ if (NSS_Shutdown()) {
+ PR_snprintf(line, sizeof(line), getResourceString(CMN_NSS_SHUTDOWN_ERROR),
+ PR_GetError(),
+ SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
+ rpt_warning(GENERAL_FAILURE, line, NULL, NULL);
+ }
}
}
@@ -858,6 +868,7 @@ static CERTCertificate *findCertByFingerprint(char *fingerprint) {
CERTCertList *certList;
CERTCertListNode *cln;
+ CERTCertificate *cert = NULL;
certList = PK11_ListCerts(PK11CertListUnique, NULL);
if (certList == NULL) {
@@ -871,10 +882,12 @@ static CERTCertificate *findCertByFingerprint(char *fingerprint) {
/* Output the cert if it belongs to this token */
if (strcmp(fingerprint, fingerprint2) == 0) {
- return cln->cert;
+ cert = CERT_DupCertificate(cln->cert);
+ break;
}
}
- return NULL;
+ CERT_DestroyCertList(certList);
+ return cert;
}
/*
@@ -966,6 +979,7 @@ static void printCertDetail(char *certFingerprint) {
}
/* if found print it out */
printCert(cert, /*showDetail=*/PR_TRUE, NULL);
+ CERT_DestroyCertificate(cert);
}
/*
@@ -1010,6 +1024,7 @@ static void setTrust(char *certFingerprint, int trust) {
#if DEBUG
printCert(cert, /*showDetail=*/PR_FALSE, NULL);
#endif
+ CERT_DestroyCertificate(cert);
}
/*
@@ -1030,10 +1045,10 @@ static void securityInitialization(char* securitydir) {
/* init NSS */
if (!(secctx = NSS_InitContext(securitydir, NULL, NULL, SECMOD_DB, &initParams, flags))) {
- rpt_err(GENERAL_FAILURE,
- getResourceString(DBT_INTERNAL_ERROR),
- getResourceString(DBT_OPEN_CERTDB_FAIL),
- NULL);
+ PR_snprintf(line, sizeof(line), getResourceString(CMN_SSL_INIT_ERROR),
+ securitydir ? securitydir : "(null)", PR_GetError(),
+ SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
+ errorRpt(GENERAL_FAILURE, line);
}
/* Set certdb handle */
@@ -1839,6 +1854,7 @@ static void listCertsPerToken(const char *pkcs11TokenFamily, PK11SlotList* pk11S
* List all the possible tokens resides under any pkcs11 device
*/
void listToken() {
+ PK11SlotList *list;
fprintf(stdout, "<TOKENLIST>\n");
@@ -1852,8 +1868,12 @@ void listToken() {
#endif /* NS_DOMESTIC */
/*RSA token list*/
- listCertsPerToken("RSA_TOKEN", PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_FALSE, NULL));
- listCertsPerToken("FORTEZZA_TOKEN", PK11_GetAllTokens(CKM_SKIPJACK_CBC64, PR_FALSE, PR_FALSE, NULL));
+ list = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_FALSE, NULL);
+ listCertsPerToken("RSA_TOKEN", list);
+ PK11_FreeSlotList(list);
+ list = PK11_GetAllTokens(CKM_SKIPJACK_CBC64, PR_FALSE, PR_FALSE, NULL);
+ listCertsPerToken("FORTEZZA_TOKEN", list);
+ PK11_FreeSlotList(list);
fprintf(stdout, "</TOKENLIST>\n");
}
@@ -1891,7 +1911,8 @@ void tokenInfo() {
fprintf(stdout, "\t</%s>\n", PK11_GetTokenName(slot->slot));
}
- fprintf(stdout, "</TOKENINFO>\n");
+ fprintf(stdout, "</TOKENINFO>\n");
+ PK11_FreeSlotList(slotList);
}
/*
@@ -2089,7 +2110,10 @@ int main(int argc, char *argv[])
#endif
if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) {
- errorRpt(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR));
+ PR_snprintf(line, sizeof(line), getResourceString(CMN_SSL_INIT_ERROR),
+ secdir ? secdir : "(null)", PR_GetError(),
+ SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
+ errorRpt(SYSTEM_ERROR, line);
}
securitydir = getSecurityDir(ldapInfo, sie);
diff --git a/admserv/cgi-src40/viewlog.c b/admserv/cgi-src40/viewlog.c
index bda9338..a47b5cf 100644
--- a/admserv/cgi-src40/viewlog.c
+++ b/admserv/cgi-src40/viewlog.c
@@ -397,7 +397,10 @@ int main(int argc, char *argv[])
} else {
const char *secdir = util_get_security_dir();
if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) {
- rpt_err(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR), NULL, NULL);
+ PR_snprintf(line, sizeof(line), getResourceString(CMN_SSL_INIT_ERROR),
+ secdir ? secdir : "(null)", PR_GetError(),
+ SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
+ rpt_err(SYSTEM_ERROR, line, NULL, NULL);
}
logdir = getLogDir(ldapInfo, id);