Werner Koch wk at
Wed Aug 5 09:03:27 CEST 2009

On Tue,  4 Aug 2009 13:56, simon at said:

> function is passed the OID for CN, it has to return the information,
> otherwise you'll get other problems if you return an error saying that
> there is no CN field.

Better an error than doing something not intended.

> But if we use the RFC 2253 formatting, all things are safe.

Just make sure that parsing the BER of all arcs is fine and does not
overflow.  I consider an arc which can't be represented by a 32 bit
value as fishy and return an error (i.e. the mentioned special OID).



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnutls-devel mailing list