[gnutls-dev] Problem with subject names. (Ändrat av Pelle Johansson)

Pelle Johansson morth at morth.org
Fri Oct 29 00:30:24 CEST 2004


[Tried to join and send this to help-gnutls but it seems to be broken?]

I'm having some problem with the subject name extraction functions. I 
want to extract the common name from a certificate using 
gnutls_x509_crt_get_dn_by_oid(), but I'm always getting a 
GNUTLS_E_SHORT_MEMORY_BUFFER. This is regardless if I call with a NULL 
buf argument or with buf_sizeof set to 10000.

So to investigate some more I tried the gnutls_x509_crt_get_dn_oid() 
functions. These do set the size, but the buffer isn't filled out (it 
keeps it previous value). gnutls_x509_crt_get_dn() works as expected 
though.

Am I doing something wrong here or is there a bug?

Code:
const char *tls_get_cn (gnutls_x509_crt cert)
{
   size_t sz = 0;
   char *buf;
   int i;

   buf = malloc (10000);
   sz = 10000;
   if (!gnutls_x509_crt_get_dn (cert, buf, &sz))
     fprintf (stderr, "DN: %s\n", buf);
   sz = 10000;
   buf[0] = 0;
   for (i = 0; !gnutls_x509_crt_get_dn_oid (cert, i, buf, &sz); i++)
   {
     fprintf (stderr, "%d size %lu: %s\n", i, sz, buf);
     sz = 10000;
     buf[0] = 0;
   }

   sz = 10000;
   i = gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_COMMON_NAME, 
0, 0, NULL, &sz);
   fprintf (stderr, "res = %d, sz = %lu\n", i, sz);
   i = gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_COMMON_NAME, 
0, 0, buf, &sz);
   fprintf (stderr, "res = %d, sz = %lu\n", i, sz);
   if (i)
     return NULL;
   return buf;
}

Output:
DN: C=SE,L=Linköping,O=morth.org,CN=ftp.morth.org,EMAIL=root at morth.org
0 size 7:
1 size 7:
2 size 8:
3 size 7:
4 size 20:
res = -51, sz = 0
res = -51, sz = 0
-- 
Pelle Johansson
<morth at morth.org>





More information about the Gnutls-devel mailing list