[Help-gnutls] Re: Really I can not understand nothing of SSL...

[Simon Josefsson]

Fran <e_agf at yahoo.es> writes:

> Hello,
> Why certtool request for a int number for serial?, if I think that
> should be >= unsigned long long (64 bit):

Hello.  'Unsigned long long' is a non-standard C extension, is it not?
We want the code to work with standard compilers.

Further, it seems serial's should be allowed to be even longer than
64/128 bits, so I believe the proper solution is to make get_serial
support a hex string format too (perhaps recognized through a prefix
of '0x'?).  If this is important for you, please propose a patch for
inclusion.

Thanks,
Simon

>
>>  int size, serial, client;
>> 
>> serial = get_serial();
>> 
>> int get_serial(void)
>> {
>>     if (batch) {
>>         if (cfg.serial < 0)
>>             return 0;
>>         return cfg.serial;
>>     } else {
>>         return
>>             read_int("Enter the certificate's serial number (decimal): ");
>>     }
>> }
>> 
>>    serial = get_serial();
>>     buffer[3] = serial & 0xff;
>>     buffer[2] = (serial >> 8) & 0xff;
>>     buffer[1] = (serial >> 16) & 0xff;
>>     buffer[0] = 0;
>> 
>>     result = gnutls_x509_crt_set_serial(crt, buffer, 4);
>>     if (result < 0) {
>>         fprintf(stderr, "serial: %s\n", gnutls_strerror(result));
>>         exit(1);
>>     }
>>