On 1 Mar 2016 21:03, "Dr. Stephen Henson" <st...@openssl.org> wrote: > > On Tue, Mar 01, 2016, Jakub Zelenka wrote: > > > Hello, > > > > I'm just slowly porting PHP core openssl ext to work with OpenSSL 1.1 and > > just came across one thing that I can't find a function for. > > > > We have got a part in openssl_x509_parse where we display cert->name (cert > > is X509 struct) if it is not NULL: > > > > https://github.com/php/php-src/blob/715a198e1f4f6f79f596963727b1a1c92e7fed1b/ext/openssl/openssl.c#L1998 > > > > The X509 is now opaque and I can't find any function for that which I might > > be missing because it's quite late... :) > > > > I tried to find it using > > > > grep -rn '>name' crypto/x509 > > > > but it doesn't show any function that would return a cert name > > > > Not sure if it's actually useful to show that but I see that the name is > > set in x509_cb when operation is ASN1_OP_D2I_POST > > as X509_NAME_oneline(ret->cert_info.subject, NULL, 0) . > > > > Please could you let me know if there is a function for that or what I > > should use instead? > > > > It isn't really useful. It uses the ancient and quirky X509_NAME_oneline() > function to convert the certificate subject name to an old oneline format > (which mishandles things like multi byte characters). > > If you really want it you can create it using X509_get_subect_name() and > X509_NAME_oneline() directly but you have to free it once you've finished with > it. >
Ok great. I will probably do that for now just to keep it as it was and then possibly take a look if we could replace it with something more useful or if we should just remove it. That function needs closer look anyway. Thanks a lot for letting me know!
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev