[Help-gnutls] gnutls_x509_crt_get_dn() and similar functions
Martin Lambers
marlam at web.de
Wed Jan 5 18:51:11 CET 2005
Hi!
I use gnutls 1.1.22.
I'm trying to get information about the peer's certificate and then
print it. Since I don't want to use static buffers, I try to find out
which size each buffer must have. I have two problems:
1. To get the needed buffer length for the DN, I use
size = 0;
gnutls_x509_crt_get_dn(cert, NULL, &size);
However, this seems to return the length of the string, not the
buffer size, so that I have to do
size++;
before I can do
buf = xmalloc(size);
gnutls_x509_crt_get_dn(cert, buf, &size);
The documentation talks about buffer size, not string length, which
is misleading.
As a local fix, I changed the lines 283 and 292 in lib/x509/dn.c from
*sizeof_buf = out_str.length;
to
*sizeof_buf = out_str.length + 1;
so that the function returns the buffer size, not the string length.
2. I use gnutls_x509_get_dn_by_oid() to get certain fields from the DN:
size_t size = 0;
gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_X520_COMMON_NAME,
0, 0, NULL, &size);
This does not set size to the needed value at all.
Adding a line 426 to lib/x509/dn.c
*sizeof_buf = len;
fixes this problem for me, but I'm not sure that this is the proper
solution since I'm not familiar with the asn1_* functions.
The same problems occur with the current stable version.
Best regards,
Martin Lambers
More information about the Gnutls-help
mailing list