[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAlt
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName |
Date: |
Fri, 15 Feb 2008 23:11:32 +0200 |
User-agent: |
KMail/1.9.6 (enterprise 0.20070907.709405) |
On Friday 15 February 2008, Howard Chu wrote:
> > Anyway, does the attached
> > patch solve your problem?
>
> Not really. It still returns a size one byte larger than expected for the
> strings. Even in languages where NUL-terminated strings are the norm, the
> terminating byte is not included in the length.
>
> The point is, we expect this API to return exactly the data that was in the
> certificate. If the caller wants to treat the data as a string, they can
> NUL-terminate it themselves. The manpage only says that the data will be
> returned, it does not say that it will be altered in any way.
Actually you are right. The return value shouldn't be increased (this also
happens in the other similar functions). I've corrected the patch and
commited at:
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=4cc3c6b6ed00660e55559bab148021fc077da21f
regards,
Nikos
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Howard Chu, 2008/02/11
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Joe Orton, 2008/02/14
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Nikos Mavrogiannopoulos, 2008/02/15
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Howard Chu, 2008/02/16
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Nikos Mavrogiannopoulos, 2008/02/15
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Howard Chu, 2008/02/16
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName,
Nikos Mavrogiannopoulos <=
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Howard Chu, 2008/02/16
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Andreas Metzler, 2008/02/17
- Re: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName, Nikos Mavrogiannopoulos, 2008/02/17