[openssl-dev] [openssl.org #4274] OpenSSL 1.1 X509_NAME_der()
Howard Chu via RT
rt at openssl.org
Fri Jan 29 19:11:35 UTC 2016
Stephen Henson via RT wrote:
> On Fri Jan 29 15:08:47 2016, hyc at highlandsun.com wrote:
>> Howard Chu via RT wrote:
>>> In OpenLDAP we reference X509_NAME->bytes->data directly, we want the
>>> DER
>>> bytes which we then pass thru our own DN validator/formatter. This no
>>> longer
>>> works with OpenSSL 1.1 and I don't see any provided method to return
>>> the DER
>>> bytes. I don't want a malloc'd copy, I just want read-only access to
>>> the bytes
>>> already cached inside the X509_NAME structure.
>>>
>>> The attached patch would be sufficient to meet this requirement.
>>
>> We are tracking this here as well:
>>
>> http://www.openldap.org/its/index.cgi/Development?id=8353
>
>
> I'd rather we didn't return a pointer to the internal BUF_MEM as we might want
> to change that at some point.
>
> Would a function like:
>
> int X509_NAME_der(const X509_NAME *nm, const char **pder);
>
> be suitable for your needs?
Yes, that would be fine.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the openssl-dev
mailing list