[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gnuTLS issues
From: |
Christian Grothoff |
Subject: |
Re: gnuTLS issues |
Date: |
Mon, 25 Aug 2008 07:35:49 -0600 |
User-agent: |
KMail/1.9.9 |
I found the problem by reading the code -- not by running any particular test.
What we want to do is HTTPS supporting mostly only canonical features,
certainly nothing exotic. I was trying to understand the code and figure out
what code could / should be removed since we're concerned about code size for
libmicrohttpd.
Is GnuTLS usually compiled with ENABLE_PKI set to 1? When Amir imported the
GnuTLS code, he made sure that this flag was always set -- what does it do?
Christian
On Monday 25 August 2008 06:02:48 am Simon Josefsson wrote:
> Christian Grothoff <address@hidden> writes:
> > Hi Simon,
> >
> > I've just stumbled over a problem in the GNUtls codebase (dereferencing
> > of uninitialized pointer) and I cannot even figure out how the code was
> > supposed to work. I've filed a report in *our* bugtracking system at:
> >
> > https://gnunet.org/mantis/view.php?id=1417
> >
> > I would appreciate any insight you may have to offer.
>
> Hi Christian!
>
> I agree the code looks broken.
>
> Do you have, or can generate, a test-PKCS#7 blob that can be used to
> test this code? As far as I can see, GnuTLS's certtool cannot generate
> a degenerate PKCS#7 blob with multiple certificates in it. I can't seem
> to see how to generate it using OpenSSL either.
>
> Nikos, do you have any insight to this code? The logic seems broken.
> Finally, do you think anyone will ever need the functionality to load
> certificates from a PKCS#7 blob? It isn't working right now, and nobody
> has complained (well, at least not until now), so maybe we could just
> remove the code.
>
> Christian, how did you find this problem? Do you want to store
> certificate lists in PKCS#7 blobs?
>
> Thanks,
> /Simon
- Re: gnuTLS issues, Simon Josefsson, 2008/08/25
- Re: gnuTLS issues, Simon Josefsson, 2008/08/25
- Re: gnuTLS issues, Nikos Mavrogiannopoulos, 2008/08/25
- Re: gnuTLS issues, Nikos Mavrogiannopoulos, 2008/08/25
- Re: gnuTLS issues, Simon Josefsson, 2008/08/26
- Re: gnuTLS issues, Simon Josefsson, 2008/08/26
- Re: gnuTLS issues, Nikos Mavrogiannopoulos, 2008/08/27
- Re: gnuTLS issues, Simon Josefsson, 2008/08/27
- Re: gnuTLS issues, Nikos Mavrogiannopoulos, 2008/08/27
- Re: gnuTLS issues, Simon Josefsson, 2008/08/28
Re: gnuTLS issues,
Christian Grothoff <=