Hi,
Matthias Andree wrote:
NAK on the patch:
1. unsafe use of strncpy (remember that strncpy does not NUL terminate if
there's no room!), and
You are right, I just noticed the existence of strcpynt for this purpose.
2. without reading ASN1_STRING_to_UTF8() docs, I do not believe that the
Am 30.11.2010 16:50, schrieb Matthias Andree:
> Make sure that the extraction reports failure (aka "return false;") and the
> caller deals with that in case there are embedded NULs, IOW strlen() !=
> ia5.size.
That ia5.size should be read as "ia5->length". Sorry for the confusion.
--
Matthias
Am 24.11.2010 16:00, schrieb Markus Koetter:
> Hi,
>
> attached is a patch which allows using the extv3 extension of a
> certificate as common name with email address.
> Email addresses are more likely to be unique than the common name, and
> the environment forced me to use the subjectAltName