Axeman also includes non-website certs (Code signing) and does not escape them. #12
Comments
smiba
changed the title
smiba
added a commit
to smiba/Axeman
that referenced
this issue
Jan 24, 2020
|
Please ignore commit, as this is meant for issue 13 |
smiba
added a commit
to smiba/Axeman
that referenced
this issue
Jan 24, 2020
Encapsulate the fields in " characters, on the domain field escape any " characters that might appear.
|
Escaping fields is one thing, but still splitting domains on a space (' ') character will cause issues with code signing certs, as common name these will usually have the company name which most of the time contain spaces. My current fix is to use a different character for splitting, but I'm not sure if this wouldn't break importing this into google or databases. Need some feedback on this (For example, I use '|' instead of ' ', but there might be an even better character thats not allowed in the common name field?): |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
While running a custom wrapper around axeman that inserts records into a custom database format, I've found out that every now and then a special certificate comes along, example being this certificate (id 17395 on ct.googleapis.com/logs/argon2022) being a Code Signing certificate given to "SOOSAN INT CO., Ltd"
This gives multiple issues, not only does axeman not properly escape the "," character in this name but it also ends up in the all_domains field. Although the last might be wanted behaviour, the non escaped "," character isn't.
The text was updated successfully, but these errors were encountered: