solutions
Werner Koch
wk at gnupg.org
Wed Aug 5 09:03:27 CEST 2009
On Tue, 4 Aug 2009 13:56, simon at josefsson.org said:
> function is passed the OID for CN, it has to return the information,
> otherwise you'll get other problems if you return an error saying that
> there is no CN field.
Better an error than doing something not intended.
> But if we use the RFC 2253 formatting, all things are safe.
Just make sure that parsing the BER of all arcs is fine and does not
overflow. I consider an arc which can't be represented by a 32 bit
value as fishy and return an error (i.e. the mentioned special OID).
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnutls-devel
mailing list