[Help-gnutls] gnutls_x509_crt_get_dn() and similar functions

Martin Lambers marlam at web.de
Wed Jan 5 18:51:11 CET 2005


I use gnutls 1.1.22.

I'm trying to get information about the peer's certificate and then
print it. Since I don't want to use static buffers, I try to find out
which size each buffer must have. I have two problems:

1. To get the needed buffer length for the DN, I use
        size = 0;
        gnutls_x509_crt_get_dn(cert, NULL, &size);
   However, this seems to return the length of the string, not the
   buffer size, so that I have to do 
   before I can do
        buf = xmalloc(size);
        gnutls_x509_crt_get_dn(cert, buf, &size);
   The documentation talks about buffer size, not string length, which
   is misleading. 
   As a local fix, I changed the lines 283 and 292 in lib/x509/dn.c from
        *sizeof_buf = out_str.length;
        *sizeof_buf = out_str.length + 1;
   so that the function returns the buffer size, not the string length.
2. I use gnutls_x509_get_dn_by_oid() to get certain fields from the DN:
        size_t size = 0;
        gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_X520_COMMON_NAME,
                0, 0, NULL, &size);
   This does not set size to the needed value at all.
   Adding a line 426 to lib/x509/dn.c
        *sizeof_buf = len;
   fixes this problem for me, but I'm not sure that this is the proper
   solution since I'm not familiar with the asn1_* functions.

The same problems occur with the current stable version.

Best regards,
Martin Lambers

More information about the Gnutls-help mailing list