[gnutls-devel] GnuTLS | Prevent misuses of gnutls_x509_trust_list_set_getissuer_function callback (#1100)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Oct 5 07:52:48 CEST 2020

Daiki Ueno created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1100

The callback set by `gnutls_x509_trust_list_set_getissuer_function` is currently expected to (1) inspect the downloaded certificates are trusted and (2) inject it to the trust list with `gnutls_x509_trust_list_add_cas`. This process is error-prone and we should provide a better interface to prevent misuses.

The proposal is to change the callback type to return the downloaded certificates as an output parameter.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1100
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20201005/aba0d273/attachment.html>

More information about the Gnutls-devel mailing list