Hi, I tries posting this message before, but it seems to not have gotten through. If it already has, my apologies.
I came across a shortcoming in the "openssl x509" command, which caused the subjects of certificates with subjects longer than 255 characters to be truncated when printed out.. The reason is that the print_name function in apps/apps.c uses a buffer of size 256, instead of allocating a dynamic buffer. The patch to this problem is given below. Please note that because I didn't want to change the interface to the X509_NAME_oneline function, I had to resort to a non optimal method of determining the appropriate buffer size. Yuval Pemper Development Team Leader Application Servers Group Radware Ltd. http://www.radware.com diff -ur openssl-engine-0.9.6d/apps/apps.c openssl-engine-0.9.6d-patch/apps/apps.c --- openssl-engine-0.9.6d/apps/apps.c Sun Sep 17 23:37:16 2000 +++ openssl-engine-0.9.6d-patch/apps/apps.c Thu Jul 11 19:58:09 2002 @@ -757,22 +757,37 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) { - char buf[256]; - char mline = 0; - int indent = 0; - if(title) BIO_puts(out, title); - if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { - mline = 1; - indent = 4; - } - if(lflags == XN_FLAG_COMPAT) { - X509_NAME_oneline(nm,buf,256); - BIO_puts(out,buf); - BIO_puts(out, "\n"); - } else { - if(mline) BIO_puts(out, "\n"); - X509_NAME_print_ex(out, nm, indent, lflags); - BIO_puts(out, "\n"); - } + int buf_size = 256; + char* buf = (char*) OPENSSL_malloc(buf_size); + char* buf2 = (char*) OPENSSL_malloc(buf_size*2); + char mline = 0; + int indent = 0; + + *buf = '\0'; + *buf2 = '\0'; + if(title) BIO_puts(out, title); + if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { + mline = 1; + indent = 4; + } + if(lflags == XN_FLAG_COMPAT) { + while(1) { + X509_NAME_oneline(nm,buf,buf_size); + X509_NAME_oneline(nm,buf2,buf_size*2); + if(strlen(buf) == strlen(buf2)) + break; + buf_size *= 2; + buf = OPENSSL_realloc(buf, buf_size); + buf2 = OPENSSL_realloc(buf2, buf_size*2); + *buf = '\0'; + *buf2 = '\0'; + } + BIO_puts(out,buf); + BIO_puts(out, "\n"); + } else { + if(mline) BIO_puts(out, "\n"); + X509_NAME_print_ex(out, nm, indent, lflags); + BIO_puts(out, "\n"); + } } ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
