#3899: mutt_ssl's interactive_check_cert() has several issues -----------------------+---------------------- Reporter: kevin8t8 | Owner: mutt-dev Type: defect | Status: closed Priority: major | Milestone: Component: crypto | Version: Resolution: fixed | Keywords: -----------------------+---------------------- Changes (by Kevin McCarthy <kevin@…>):
* status: new => closed * resolution: => fixed Comment: In [changeset:"1a2dc7b21b5b93806f6e63447e5014f009e98a54" 6876:1a2dc7b21b5b]: {{{ #!CommitTicketReference repository="" revision="1a2dc7b21b5b93806f6e63447e5014f009e98a54" Improve openssl interactive_check_cert. (closes #3899) Don't use X509_NAME_oneline() with a fixed size buffer, which could truncate the string, perhaps leaving off the CN field entirely. Instead, work directly off the X509_NAME. Rather than use strstr to tokenize it, call X509_NAME_get_text_by_NID() with the nid types. Although X509_NAME_get_text_by_NID() is "legacy", it is the most directly useful for mutt in this simple interactive prompt. The function was set up to include the ST and C fields in the prompt, but the loop limit was too low. I believe this was an oversight, so increase the loop to include those two fields. }}} -- Ticket URL: <https://dev.mutt.org/trac/ticket/3899#comment:8> Mutt <http://www.mutt.org/> The Mutt mail user agent