gnuTLS issues

Simon Josefsson simon at josefsson.org
Tue Aug 26 21:36:14 CEST 2008


Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

> Please don't remove the code. It is perfectly correct. It seems at some
> point the initialization of tmp was removed (or maybe was never commited
> correctly?). Anyway I've corrected it and it can now parse pkcs7 structures.

I looked at the history here, and the code was broken in a patch
installed on 2003-02-09:

http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=e25325c312e339bd1a3624de4b877c73960b58c7#patch17

That means it has been broken since v0.9.0 and nobody has missed it.  I
think we should remove the code, it seems nobody needs the feature and
removing code decreases complexity.

People can use 'certtool --p7-info' to convert PKCS#7 blobs into lists
of PEM certificates.  I tried it and it works fine on the OpenSSL file.

/Simon





More information about the Gnutls-devel mailing list