[patch] Request for review - X509 Issuer Altname handling

Brad Hards bradh at frogmouth.net
Tue Sep 8 12:30:03 CEST 2009

On Tuesday 08 September 2009 01:59:09 Simon Josefsson wrote:
> Brad Hards <bradh at frogmouth.net> writes:
> > I've updated the patch to include the self-test. It is otherwise
> > unchanged.
> Thank you!  It looks fine except one nit:
> The code duplication between print_san and print_ian worries me, and the
> print_san code has been changed since you made the patch so they are not
> in sync with your patch.  Could you instead generalize print_san into a
> print_an function that takes an additional parameter indicating whether
> it is printing a SAN or IAN?
> With that change, it is ready to go in.
It isn't an easy refactoring, but I'm working on it. 

During the review, I note that the altname is sanitised if the type is 

Should we also sanitise GNUTLS_SAN_DN ?


More information about the Gnutls-devel mailing list