[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gnuTLS issues
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: gnuTLS issues |
Date: |
Mon, 25 Aug 2008 20:02:36 +0300 |
User-agent: |
Thunderbird 2.0.0.16 (X11/20080724) |
Simon Josefsson wrote:
> Christian Grothoff <address@hidden> writes:
>
>> Hi Simon,
>>
>> I've just stumbled over a problem in the GNUtls codebase (dereferencing of
>> uninitialized pointer) and I cannot even figure out how the code was
>> supposed
>> to work. I've filed a report in *our* bugtracking system at:
>>
>> https://gnunet.org/mantis/view.php?id=1417
>>
>> I would appreciate any insight you may have to offer.
>
> Hi Christian!
>
> I agree the code looks broken.
>
> Do you have, or can generate, a test-PKCS#7 blob that can be used to
> test this code? As far as I can see, GnuTLS's certtool cannot generate
> a degenerate PKCS#7 blob with multiple certificates in it. I can't seem
> to see how to generate it using OpenSSL either.
>
> Nikos, do you have any insight to this code? The logic seems broken.
> Finally, do you think anyone will ever need the functionality to load
> certificates from a PKCS#7 blob? It isn't working right now, and nobody
> has complained (well, at least not until now), so maybe we could just
> remove the code.
Please don't remove the code. It is perfectly correct. It seems at some
point the initialization of tmp was removed (or maybe was never commited
correctly?). Anyway I've corrected it and it can now parse pkcs7 structures.
I used openssl-0.9.7c/crypto/pkcs7/t/ff to test.
regards,
Nikos
- Re: gnuTLS issues, Simon Josefsson, 2008/08/25
- Re: gnuTLS issues, Simon Josefsson, 2008/08/25
- Re: gnuTLS issues,
Nikos Mavrogiannopoulos <=
- Re: gnuTLS issues, Nikos Mavrogiannopoulos, 2008/08/25
- Re: gnuTLS issues, Simon Josefsson, 2008/08/26
- Re: gnuTLS issues, Simon Josefsson, 2008/08/26
- Re: gnuTLS issues, Nikos Mavrogiannopoulos, 2008/08/27
- Re: gnuTLS issues, Simon Josefsson, 2008/08/27
- Re: gnuTLS issues, Nikos Mavrogiannopoulos, 2008/08/27
- Re: gnuTLS issues, Simon Josefsson, 2008/08/28
Re: gnuTLS issues, Christian Grothoff, 2008/08/26