[gnutls-dev] [PATCH] Load DH Params from File
Mr Allwyn Fernandes
gtefjknerfd at stobor.net
Thu Nov 29 04:09:57 CET 2007
Hi Simon,
On Wed, 28 Nov 2007 10:27:52 pm Simon Josefsson wrote:
> Hi! Sorry about that, I think the gnutls-dev at gnupg.org list is
> subscribers-only. We will move it to gnu.org soon to solve that and
> other problems but we haven't had time yet. Sorry for slow response as
> well.
No problems... My message got through in the end, so I'm not too
concerned. :-)
My main worry is that the bugs@ address is advertised as the main way to
report bugs, but it is something of roadblock... Even after subscribing to
one mailing list (gnutls-dev), users get bounce messages from other mailing
lists which they are asked to subscribe to... Maybe having that address go to
some other mbox, so at least people can report bugs there, and have them
discussed on the dev list later?
> > I have created a trivial patch which implements an api
> > function "gnutls_dh_params_import_pkcs3_file" from a combination
> > of "gnutls_dh_params_import_pkcs3" and
> > "gnutls_certificate_set_x509_crl_file"
[...snip...]
> Your patch looks fine to me.
Cool, I'm glad to hear that. What do you think of Nikos's concerns?
On Fri, 12 Oct 2007 06:28:37 pm Nikos Mavrogiannopoulos wrote:
> Concerning your patch, first
> thank you for working on it, but it seems it is not consistent with our
> current interface. Although there are functions that load from file, the
> functions that import data to structures (like the dhparams or the x509
> certificates) do not have the ability to load from files. If we add this
> patch we will also need to modify those interfaces to act similarly. This
> involves a significant number of functions, being added and thus I think it
> requires more thought.
From my perspective, at the very least dhparams needs some sort of load
function, since it is required for every server application of gnutls. (It's
even required in the minimal examples...) If there are other structures which
can save data in DER/PEM/PKCS encodings, and they already have "load from
memory" functions, then implementing a "load from file" function should be a
trivial pair of calls, read_binary_file() followed by
gnutls_STRUCTURE_import(), as was done in this patch for dh_params. The real
requirement is to enumerate any such structures, which I haven't yet got
around to...
> To be able to install it, we will need a
> copyright assignment. I'll send this off-list to you.
I'll follow this up. :)
Cheers,
Allwyn.
More information about the Gnutls-devel
mailing list