[gnutls-devel] GnuTLS | Provide a less restrictive PKCS#11 search of certificates (!757)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Sep 24 12:44:21 CEST 2018

Nikos Mavrogiannopoulos commented on a discussion on lib/x509/common.c:

>  unsigned
>  _gnutls_check_valid_key_id(gnutls_datum_t *key_id,
> -			   gnutls_x509_crt_t cert, time_t now)
> +			   gnutls_x509_crt_t cert, time_t now,
> +			   unsigned *has_ski)
>  {
>  	uint8_t id[MAX_KEY_ID_SIZE];
>  	size_t id_size;
>  	unsigned result = 0;
> +	if (has_ski)

The reason for this check is to allow callers not setting that variable (by setting it as NULL), when they don't require that info.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/757#note_103812907
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180924/be1cc257/attachment-0001.html>

More information about the Gnutls-devel mailing list