#3899: mutt_ssl's interactive_check_cert() has several issues
-----------------------+----------------------
  Reporter:  kevin8t8  |      Owner:  mutt-dev
      Type:  defect    |     Status:  closed
  Priority:  major     |  Milestone:
 Component:  crypto    |    Version:
Resolution:  fixed     |   Keywords:
-----------------------+----------------------
Changes (by Kevin McCarthy <kevin@…>):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 In [changeset:"1a2dc7b21b5b93806f6e63447e5014f009e98a54"
 6876:1a2dc7b21b5b]:
 {{{
 #!CommitTicketReference repository=""
 revision="1a2dc7b21b5b93806f6e63447e5014f009e98a54"
 Improve openssl interactive_check_cert. (closes #3899)

 Don't use X509_NAME_oneline() with a fixed size buffer, which could
 truncate the string, perhaps leaving off the CN field entirely.
 Instead, work directly off the X509_NAME.

 Rather than use strstr to tokenize it, call
 X509_NAME_get_text_by_NID() with the nid types.  Although
 X509_NAME_get_text_by_NID() is "legacy", it is the most directly
 useful for mutt in this simple interactive prompt.

 The function was set up to include the ST and C fields in the prompt,
 but the loop limit was too low.  I believe this was an oversight, so
 increase the loop to include those two fields.
 }}}

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3899#comment:8>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

Reply via email to