[Help-gnutls] Re: Really I can not understand nothing of SSL...

Simon Josefsson jas at extundo.com
Mon Aug 8 15:41:24 CEST 2005

Andrew Suffield <asuffield at suffields.me.uk> writes:

> On Mon, Aug 08, 2005 at 02:34:04PM +0200, Simon Josefsson wrote:
>> > Why certtool request for a int number for serial?, if I think that
>> > should be >= unsigned long long (64 bit):
>> Hello.  'Unsigned long long' is a non-standard C extension, is it not?
>> We want the code to work with standard compilers.
> No, it's C99. If you'd rather have POSIX, use uint64_t.

I believe the goal is for GnuTLS to work on C89 platforms.  'long
long' isn't used by GnuTLS today.  Further, according to:


uint64_t is not required by POSIX, it is optional.  uint64_t is also
not used by GnuTLS today.  So I don't think neither is a good solution

X.509 serials are frequently larger than 64 and even 128 bits, so the
real solution would be to make get_serial return a hex string instead.
Then we won't have arbitrary limits, be them 32, 64 or 128 bits.
Fixing that look rather simple; patches welcome.


More information about the Gnutls-help mailing list