[gnutls-dev] [PATCH] Authority key ID bug in certtool

Dale Sedivec dale-keyword-gnutls.5670f1 at codefu.org
Sun Dec 17 20:26:05 CET 2006


On Sun, Dec 17, 2006 at 12:15:43PM -0500, Dale Sedivec wrote:
> +	if (result < 0) {
> +		fprintf(stderr,
> +		        "generate_certificate: can't read CA subject key ID\n");
> +		exit(1);
> +	}
>  	if (result >= 0) {

	Sorry, that's obviously silly.  "Improved" patch below.

Dale


--- src/certtool.c.orig	2006-12-17 14:18:53.000000000 -0500
+++ src/certtool.c	2006-12-17 14:20:10.000000000 -0500
@@ -524,10 +524,13 @@
      */
     if (ca_crt != NULL) {
 	size = sizeof(buffer);
-	result = gnutls_x509_crt_get_key_id(ca_crt, 0, buffer, &size);
-	if (result >= 0) {
-	    result =
-		gnutls_x509_crt_set_authority_key_id(crt, buffer, size);
+	result = gnutls_x509_crt_get_subject_key_id(ca_crt, buffer, &size, NULL);
+	if (result < 0) {
+		fprintf(stderr,
+		        "generate_certificate: can't read CA subject key ID\n");
+		exit(1);
+	} else {
+	    result = gnutls_x509_crt_set_authority_key_id(crt, buffer, size);
 	    if (result < 0) {
 		fprintf(stderr, "set_authority_key_id: %s\n",
 			gnutls_strerror(result));



More information about the Gnutls-dev mailing list