Thank you. That clarifies things. -----Original Message----- From: Stephen Henson via RT [mailto:r...@openssl.org] Sent: Tuesday, December 03, 2013 3:51 PM To: Andrew Felsher (afelsher) Cc: openssl-dev@openssl.org Subject: [openssl.org #3188] Bug Report Null bytes in SubjectAltName mishandled in GENERAL_NAME_print() Importance: High
On Tue Dec 03 21:35:13 2013, afels...@cisco.com wrote: > However, I'm uncertain as to how appropriate is this use of > GENERAL_NAME_print(). Is the intent of this function to be used for > purposes like this, or is it intended more for human-readable output, > or something else entirely? > The outputs of several functions, including X509_print, GENERAL_NAME_print etc are primarily designed to produce human readable output. They are NOT guaranteed to produce a completely unambiguous textual representation and should NOT be machine parsed. Their output format MAY change in future. Applications which want to (for example) parse extensions should use functions such as X509_get_ext_d2i() and analyse the returned structures instead. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org