2008/10/17 Stanislav Brabec <[EMAIL PROTECTED]>: > Stanislav Brabec wrote: >> Ludovic Rousseau wrote: >> > But I have two warnings: >> > ldap_mapper.c:874: warning: passing argument 1 of 'X509_cmp' from >> > incompatible pointer type >> > ldap_mapper.c:874: warning: passing argument 2 of 'X509_cmp' from >> > incompatible pointer type >> >> I spent a quite a lot of time to identify this problem. >> >> X509_cmp expects, that referred structure has type X509 (X509_st). >> But common/cert_st.h contains: >> #define X509 CERTCertificate > >> As these structures are completely different, it most probably does not >> work. > > Actually, it seems to be an ugly hack. The code should at use a > different string than X509 to not confuse developers and cleanly > distinguish between OpenSSL X509 and an opaque symbol representing > either OpenSSL X509 or NSS CERTCertificate. > > We have two chances: > > - Create more opaque wrappers, e. g.: > > #define CERT X509 > resp. > #define CERT CERTCertificate > > #define CERT_cmp X509_cmp > resp. > #define CERT_cmp CERT_CompareCerts
Using CERT instead of X509 would need a big number of changes. But I agree this would be better. > I found no directly corresponding NSS function for d2i_X509(). > > - Never use NSS in ldap_mapper, which seems to be actually the only > module affected by mentioned problem. "Fixed" in revision 353. http://www.opensc-project.org/pam_pkcs11/changeset/353 I still have a warning: ldap_mapper.c:874: warning: passing argument 2 of 'CERT_CompareCerts' discards qualifiers from pointer target type This is because we are passing a (const X509 *) in a (X509 *). Thanks for your debug. It is really a ugly hack. -- Dr. Ludovic Rousseau _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
