[openssl-dev] [openssl.org #4602] Missing accessors
Kurt Roeckx via RT
rt at openssl.org
Thu Jul 7 22:42:30 UTC 2016
On Thu, Jul 07, 2016 at 09:40:24PM +0000, Richard Levitte via RT wrote:
> On Sat Jul 02 10:59:38 2016, kurt at roeckx.be wrote:
> > /* Add to include/openssl/x509v3.h */
> >
> > void X509_set_extension_flags(X509 *x, uint32_t ex_flags);
> > void X509_clear_extension_flags(X509 *x, uint32_t ex_flags);
> >
> >
> > /* Add to crypto/x509v3/v3_purp.c */
> >
> > void X509_set_extension_flags(X509 *x, uint32_t ex_flags)
> > {
> > x->ex_flags |= ex_flags;
> > }
> >
> > void X509_clear_extension_flags(X509 *x, uint32_t ex_flags)
> > {
> > x->ex_flags &= ~ex_flags;
> > }
>
> This gives me the heebie jeebies. ex_flags is used a lot internally, and I
> can't begin to imagine the consequences of letting external code manipulate
> this. I understand that in some cases, it seems easy and quick, but...
>
> So, if someone else wants to have a go at this and can make something sensible,
> please be my guest. Me, I'm backing off from this particular idea.
Mattias,
Can you explain why this is needed, what the code is trying to do?
Kurt
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4602
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list