[openssl-dev] [openssl.org #4274] OpenSSL 1.1 X509_NAME_der()
Stephen Henson via RT
rt at openssl.org
Fri Jan 29 17:35:05 UTC 2016
On Fri Jan 29 15:08:47 2016, hyc at highlandsun.com wrote:
> Howard Chu via RT wrote:
> > In OpenLDAP we reference X509_NAME->bytes->data directly, we want the
> > DER
> > bytes which we then pass thru our own DN validator/formatter. This no
> > longer
> > works with OpenSSL 1.1 and I don't see any provided method to return
> > the DER
> > bytes. I don't want a malloc'd copy, I just want read-only access to
> > the bytes
> > already cached inside the X509_NAME structure.
> >
> > The attached patch would be sufficient to meet this requirement.
>
> We are tracking this here as well:
>
> http://www.openldap.org/its/index.cgi/Development?id=8353
I'd rather we didn't return a pointer to the internal BUF_MEM as we might want
to change that at some point.
Would a function like:
int X509_NAME_der(const X509_NAME *nm, const char **pder);
be suitable for your needs?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-dev
mailing list