From morth at morth.org  Mon Nov  1 18:13:53 2004
From: morth at morth.org (Pelle Johansson)
Date: Mon, 01 Nov 2004 18:13:53 +0100
Subject: =?ISO-8859-1?Q?Re=3A_=5Bgnutls-dev=5D_Problem_with_subje?=
	=?ISO-8859-1?Q?ct_names=2E_=28=C4ndrat_av_Pelle_Johansson=29?=
In-Reply-To: <200410311119.13213.nmav@gnutls.org>
References: <38F10BF6-29A1-11D9-971B-000D93B08F9A@morth.org>
	<200410311119.13213.nmav@gnutls.org>
Message-ID: <41866ED1.4010204@morth.org>

Seems I replied privately only...

Nikos Mavrogiannopoulos wrote:

>On Friday 29 October 2004 00:30, Pelle Johansson wrote:
>
>  
>
>>I'm having some problem with the subject name extraction functions. I
>>want to extract the common name from a certificate using
>>gnutls_x509_crt_get_dn_by_oid(), but I'm always getting a
>>GNUTLS_E_SHORT_MEMORY_BUFFER. This is regardless if I call with a NULL
>>buf argument or with buf_sizeof set to 10000.
>>    
>>
>Does this happen with the latest gnutls? (that is 1.0.22)
>
Yes, same symptom (tried on .21 and .22).

I'm suspecting perhaps an endian problem? I'm on PPC and they're far
from uncommon...
I guess I could make a library I can descend into to see if I find the
problem.
-- 
Pelle Johansson
<morth at morth.org>





From jas at extundo.com  Mon Nov  1 21:26:29 2004
From: jas at extundo.com (Simon Josefsson)
Date: Mon, 01 Nov 2004 21:26:29 +0100
Subject: [gnutls-dev] Re: Problem with subject names.
 =?iso-8859-1?q?=28=C4ndrat?= av  Pelle Johansson)
References: <38F10BF6-29A1-11D9-971B-000D93B08F9A@morth.org>
	<200410311119.13213.nmav@gnutls.org> <41866ED1.4010204@morth.org>
Message-ID: <ilu1xfd1fka.fsf@latte.josefsson.org>

Pelle Johansson <morth at morth.org> writes:

> Seems I replied privately only...
>
> Nikos Mavrogiannopoulos wrote:
>
>>On Friday 29 October 2004 00:30, Pelle Johansson wrote:
>>
>>  
>>
>>>I'm having some problem with the subject name extraction functions. I
>>>want to extract the common name from a certificate using
>>>gnutls_x509_crt_get_dn_by_oid(), but I'm always getting a
>>>GNUTLS_E_SHORT_MEMORY_BUFFER. This is regardless if I call with a NULL
>>>buf argument or with buf_sizeof set to 10000.
>>>    
>>>
>>Does this happen with the latest gnutls? (that is 1.0.22)
>>
> Yes, same symptom (tried on .21 and .22).
>
> I'm suspecting perhaps an endian problem? I'm on PPC and they're far
> from uncommon...
> I guess I could make a library I can descend into to see if I find the
> problem.

Single-stepping through the function to see what trigger the error
would indeed be useful.

Thanks in advance,
Simon




From jas at extundo.com  Thu Nov  4 22:52:02 2004
From: jas at extundo.com (Simon Josefsson)
Date: Thu, 04 Nov 2004 22:52:02 +0100
Subject: [gnutls-dev] GnuTLS 1.1.22
Message-ID: <ilu8y9hwad9.fsf@latte.josefsson.org>

Hello.  I just wanted to get this release out.  There are some build
related changes that might break compilation on some platforms,
although I tried to build it on a few before the release, see logs at:

http://josefsson.org/gnutls/devel-autobuild.html#gnutls-1.1.22

Btw, if someone wants to see their platform be one of the above
platforms on which releases are tested automatically, consider setting
up a remotely usable machine and send some information on how to use
your system with <http://josefsson.org/autobuild/>.

Enjoy,
Simon

The project page of the library is available at:
  http://www.gnutls.org/
  http://www.gnu.org/software/gnutls/
  http://josefsson.org/gnutls/ (updated fastest)

Here are the compressed sources:
  ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.1.22.tar.bz2 (2.2MB)
  http://josefsson.org/gnutls/releases/gnutls-1.1.22.tar.bz2 (2.2MB)

Here are GPG detached signatures using key 0xB565716F:
  ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.1.22.tar.bz2.sig
  http://josefsson.org/gnutls/releases/gnutls-1.1.22.tar.bz2.sig

Here are the build reports for various platforms:
  http://josefsson.org/autobuild-logs/gnutls.html

Here are the MD5/SHA1 checksums:

b317aef4c9eb78effc39191f5770c664  gnutls-1.1.22.tar.bz2
6a2ceceea47b281fdfcf27036c818883  gnutls-1.1.22.tar.bz2.sig
a6b3d90cf1955a1d492dfc4f8c0775c66cbe87bb  gnutls-1.1.22.tar.bz2
5eaa01933e9783e13a3622b3d4d591d5cb81ba43  gnutls-1.1.22.tar.bz2.sig

Noteworthy changes since the last release:

- Replace GNU LD version script with Libtool -export-symbols-regex,
  from Joe Orton <joe at manyfish.co.uk>.
- Documentation improvements.
- Code indented using 'indent -i4 -kr'.
- The API manual is included in Devhelp format.  (Was in last release too,
  but the NEWS entry was forgotten.)
- The OpenSSL compatibility code now use the internal crypto interface.
- Added simple self test of OpenSSL compatibility library.
- Internally, libtool convenience libraries are used.
- Cleanups to configure.ac.




From jas at extundo.com  Sun Nov 14 18:42:39 2004
From: jas at extundo.com (Simon Josefsson)
Date: Sun, 14 Nov 2004 18:42:39 +0100
Subject: [gnutls-dev] Re: gnutls 1.0.23
In-Reply-To: <ilumzxlbc7e.fsf@latte.josefsson.org> (Simon Josefsson's message
	of "Sat, 13 Nov 2004 23:45:09 +0100")
References: <ilumzxlbc7e.fsf@latte.josefsson.org>
Message-ID: <ilupt2gz5rk.fsf@latte.josefsson.org>

This is a repost because a disk was full on lists.gnupg.org.
Incidentally, I removed the GnuTLS mirror on that machine to make the
disk less full, in case you have problems getting the file from the
ftp.gnupg.org mirror.  I'm not sure the original post will arrive, but
in case it doesn't, here is the original post again:

GnuTLS 1.0.23 is released!

GnuTLS is an implementation of the Transport Layer Security (TLS)
protocol.  GnuTLS is used to authenticate and protect data sent over
insecure networks.  TLS is used to protect common Internet protocols,
such as HTTP and SMTP.

GnuTLS is written in C to be portable to embedded and otherwise
limited platforms.

The core library is licensed under the GNU Lesser General Public
License.  The "extra" library (containing the OpenPGP support and the
OpenSSL compatibility layer), command-line tools, self-tests and
examples are licensed under the GNU General Public License.

The project page of the library is available at:
  http://www.gnutls.org/
  http://www.gnu.org/software/gnutls/
  http://josefsson.org/gnutls/

Here are the compressed sources:
  ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.0.23.tar.gz (1.6MB)
  http://josefsson.org/gnutls/releases/gnutls-1.0.23.tar.gz (1.6MB)

Here are GPG detached signatures using key 0xB565716F:
  ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.0.23.tar.gz.sig
  http://josefsson.org/gnutls/releases/gnutls-1.0.23.tar.gz.sig

Here are the build reports for various platforms:
  http://josefsson.org/autobuild-logs/gnutls.html

Here are the MD5/SHA1 checksums:

949a2c86fec16216213a4582ef6a5d71  gnutls-1.0.23.tar.gz
fb7222bf1610e3af5410def2beb34e00  gnutls-1.0.23.tar.gz.sig
4fa06b07263ba8fb5fe31482374629d20c2e4aa6 gnutls-1.0.23.tar.gz
0ec7ba426f16c15d2d5ec50aadb4afe94556337e gnutls-1.0.23.tar.gz.sig

Noteworthy changes since the last release:

- Replace GNU LD version script with Libtool -export-symbols-regex,
  from Joe Orton <joe at manyfish.co.uk>.
- Copy libtasn1 has been updated to version 0.2.11.
- Corrected the write of CRL distribution points.
- It is now possible to generate PKCS#12 structures without private
  keys using "certtool --to-p12", suggested by Fabian Fagerholm
  <fabbe at paniq.net>.



From morth at morth.org  Wed Nov 24 12:47:17 2004
From: morth at morth.org (Pelle Johansson)
Date: Wed, 24 Nov 2004 12:47:17 +0100
Subject: =?ISO-8859-1?Q?Re:_[gnutls-dev]_Re:_Problem_with_subject_names._?=
	=?ISO-8859-1?Q?=28=C4ndrat_av__Pelle_Johansson=29?=
In-Reply-To: <ilu1xfd1fka.fsf@latte.josefsson.org>
References: <38F10BF6-29A1-11D9-971B-000D93B08F9A@morth.org>
	<200410311119.13213.nmav@gnutls.org> <41866ED1.4010204@morth.org>
	<ilu1xfd1fka.fsf@latte.josefsson.org>
Message-ID: <97B457C4-3E0E-11D9-8D7D-000D93B08F9A@morth.org>


2004-11-01 kl. 21.26 skrev Simon Josefsson:

> Single-stepping through the function to see what trigger the error
> would indeed be useful.

Sorry took me a while, spare time project... Also partly due to that 
configure wouldn't obey my CFLAGS completely, you should probably only 
add optimisation flags if the user didn't give a specific CFLAGS.

Anyway it was an easy fix. Not completely sure why it fixes all the 
problems I was having, but it does. Here's the patch:
--- lib/x509/dn.c.orig  Wed Nov 24 12:31:18 2004
+++ lib/x509/dn.c       Wed Nov 24 12:31:31 2004
@@ -466,6 +466,7 @@

                                 if (result != ASN1_SUCCESS) {
                                         gnutls_assert();
+                                       *sizeof_buf = len;
                                         result = 
_gnutls_asn2err(result);
                                         goto cleanup;
                                 }

-- 
Pelle Johansson
<morth at morth.org>




From nmav at gnutls.org  Thu Nov 25 13:38:22 2004
From: nmav at gnutls.org (Nikos Mavrogiannopoulos)
Date: Thu, 25 Nov 2004 13:38:22 +0100
Subject: [gnutls-dev] Re: Problem with subject names.
	(=?iso-8859-1?q?=C4ndrat_av__Pelle?= Johansson)
In-Reply-To: <97B457C4-3E0E-11D9-8D7D-000D93B08F9A@morth.org>
References: <38F10BF6-29A1-11D9-971B-000D93B08F9A@morth.org>
	<ilu1xfd1fka.fsf@latte.josefsson.org>
	<97B457C4-3E0E-11D9-8D7D-000D93B08F9A@morth.org>
Message-ID: <200411251338.22511.nmav@gnutls.org>

On Wednesday 24 November 2004 12:47, Pelle Johansson wrote:

> > Single-stepping through the function to see what trigger the error
> > would indeed be useful.
> Sorry took me a while, spare time project... Also partly due to that
> configure wouldn't obey my CFLAGS completely, you should probably only
> add optimisation flags if the user didn't give a specific CFLAGS.

It seems correct so I've commited it. However I don't have the time to check 
it well.


-- 
Nikos Mavrogiannopoulos