[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Really I can not understand nothing of SSL...
|
From: |
Simon Josefsson |
|
Subject: |
[Help-gnutls] Re: Really I can not understand nothing of SSL... |
|
Date: |
Mon, 08 Aug 2005 15:41:24 +0200 |
|
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
Andrew Suffield <address@hidden> writes:
> On Mon, Aug 08, 2005 at 02:34:04PM +0200, Simon Josefsson wrote:
>> > Why certtool request for a int number for serial?, if I think that
>> > should be >= unsigned long long (64 bit):
>>
>> Hello. 'Unsigned long long' is a non-standard C extension, is it not?
>> We want the code to work with standard compilers.
>
> No, it's C99. If you'd rather have POSIX, use uint64_t.
I believe the goal is for GnuTLS to work on C89 platforms. 'long
long' isn't used by GnuTLS today. Further, according to:
http://www.opengroup.org/onlinepubs/009695399/basedefs/stdint.h.html
uint64_t is not required by POSIX, it is optional. uint64_t is also
not used by GnuTLS today. So I don't think neither is a good solution
here.
X.509 serials are frequently larger than 64 and even 128 bits, so the
real solution would be to make get_serial return a hex string instead.
Then we won't have arbitrary limits, be them 32, 64 or 128 bits.
Fixing that look rather simple; patches welcome.
Regards,
Simon