bug report / asn1 parse error
Nikos Mavroyanopoulos
nmav@hellug.gr
Sun Oct 7 14:47:02 2001
On Sat, 6 Oct 2001 17:16:07 -0700 Neil Spring <nspring@saavie.org> wrote:
> Hi;
> I sent the messages below to bug-gnutls@gnu.org as
> recommended on the gnutls web page, but had them rejected
> from being forwarded to gnutls-dev@gnupg.org because it
> is automatically bcc'd (or some such lackluster sendmail
> magic).
I'll look at it.
> In order for a gnutls-linked program to interoperate with a
> server using an openssl generated certificate (eg. those
> ssl daemons currently in Debian) the asn1 parser has to be
> modified to use a larger buffer when processing extensions.
> More robust solutions than simply increasing the size of
> the stack-allocated buffer would be to ignore extensions
> that are too long, or allocate space to store them
> dynamically.
I've modified the extension parsing function to ignore (non-critical),
extensions that are too long. Currently this is enough since the
extensions we support should not be that long.
> I'd appreciate it if such a change can be made before
> the next release.
I've done the change, and it is on the cvs. Thank you for debugging and
reporting this.
The next version will be available when I add the DHE_RSA
ciphersuite (that will be soon).
> thanks,
> -neil
--
Nikos Mavroyanopoulos
mailto:nmav@hellug.gr