Hi, On 08-07-14 10:16, Kalnozols, Andris wrote: > Thanks, Steffan, for the comments and code cleanup. Your method > is definitely safer and has less clutter. I tested your version > and it works as intended.
Great, let's get the patch into git then. > Regarding the "ext:" argument prefix, I had submitted an enhanced > version of extract_x509_extension() mainly for more helpful log > messages. If it doesn't pass muster, then I would suggest that > this function be at least changed as follows: > > } > break; > default: > - msg (D_TLS_ERRORS, "ASN1 ERROR: can not handle field > type %i", > + msg (D_TLS_DEBUG, "Ignoring name field type %i", > name->type); > break; > } > > I don't see the need for alarm if an extension field has additional > GeneralName field types other than "email". Yeah, I simply didn't yet get to reviewing the extract_x509_extension() patch, but I will get to that. I'm all in favour of more helpful log messages. Just pushed it forward because it wasn't needed to fix a bug :) I'll get back to you! -Steffan
