[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] Some problems with GnuTLS 0.9.95
From: |
Gergely Nagy |
Subject: |
[gnutls-dev] Some problems with GnuTLS 0.9.95 |
Date: |
Mon, 10 Nov 2003 17:47:51 +0100 |
User-agent: |
Wanderlust/2.11.7 (Wonderwall) Emacs/21.3 Mule/5.0 (SAKAKI) |
Hi!
While updating a project of mine to take advantage of GnuTLS 0.9, I
noticed a few glitches. The most annoying one is that the prototype
for gnutls_handshake_set_rsa_pms_check is included in gnutls/gnutls.h,
but the function itself was removed from the library. I think the
header would need an update to reflect this.
Another problem is that gnutls_x509_crt_get_dn() does not work as
documented. According to the docs, when I call gnutls_x509_crt_get_dn
(crt, NULL, &size), it should set size to the length of the
DN. However, it does not, and returns GNUTLS_E_INVALID_REQUEST (size
was set to 0 before the call, but if the buffer is NULL, I think that
gnutls_x509_crt_get_dn should ignore the initial value of size). Using
gnutls_x509_crt_get_dn (crt, &tmp_buf, &size), where tmp_buf is a
single char, and size is 1, works as expected. Well, almost. I'd
expect that this code would get me a DN:
gnutls_x509_crt cert;
char *buf;
size_t size = 0;
[...]
gnutls_x509_crt_get_dn (cert, NULL, &size);
buf = (char *)malloc (size);
gnutls_x509_crt_get_dn (cert, buf, &size);
[...]
However, I'm using something like this to work around the problems I
found:
gnutls_x509_crt cert;
char *buf, tmp_buf[3];
size_t size = 1;
[...]
gnutls_x509_crt_get_dn (cert, tmp_buf, &size);
size += 2;
buf = (char *)malloc (size);
gnutls_x509_crt_get_dn (cert, buf, &size);
[...]
I think this is horrible.
I would suggest an audit of all functions that should behave similarly
to check if they do (last I checked, gnutls_server_name_get() worked
for example).
Cheers,
--
Gergely Nagy
- [gnutls-dev] Some problems with GnuTLS 0.9.95,
Gergely Nagy <=