[openssl-dev] PHP openssl ext port for 1.1 - cert->name
jakub.openssl at gmail.com
Tue Mar 1 22:16:36 UTC 2016
On 1 Mar 2016 21:03, "Dr. Stephen Henson" <steve at openssl.org> wrote:
> On Tue, Mar 01, 2016, Jakub Zelenka wrote:
> > Hello,
> > I'm just slowly porting PHP core openssl ext to work with OpenSSL 1.1
> > just came across one thing that I can't find a function for.
> > We have got a part in openssl_x509_parse where we display cert->name
> > is X509 struct) if it is not NULL:
> > The X509 is now opaque and I can't find any function for that which I
> > be missing because it's quite late... :)
> > I tried to find it using
> > grep -rn '>name' crypto/x509
> > but it doesn't show any function that would return a cert name
> > Not sure if it's actually useful to show that but I see that the name is
> > set in x509_cb when operation is ASN1_OP_D2I_POST
> > as X509_NAME_oneline(ret->cert_info.subject, NULL, 0) .
> > Please could you let me know if there is a function for that or what I
> > should use instead?
> It isn't really useful. It uses the ancient and quirky X509_NAME_oneline()
> function to convert the certificate subject name to an old oneline format
> (which mishandles things like multi byte characters).
> If you really want it you can create it using X509_get_subect_name() and
> X509_NAME_oneline() directly but you have to free it once you've finished
Ok great. I will probably do that for now just to keep it as it was and
then possibly take a look if we could replace it with something more useful
or if we should just remove it. That function needs closer look anyway.
Thanks a lot for letting me know!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-dev