[exim-dev] [Bug 1489] ${certextract} parse error (4.83 RC1)

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jeremy Harris
Datum:  
To: exim-dev
Betreff: [exim-dev] [Bug 1489] ${certextract} parse error (4.83 RC1)
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1489




--- Comment #11 from Jeremy Harris <jgh146exb@???> 2014-06-12 20:37:11 ---
Viktor commented in the mailinglist that we shouldn't parse the output of
X509_print_ex() and should return an OID rather than something human-readable.

Since the default output of these extractors is intended to be human-readable
I'm going to regard the suggestion of OID output as a feature-request for an
alternate output format, selected by a modifier, and not included in the
upcoming release.

Not "parsing" is a more serious matter. I switched to using X509_print_ex() to
get a string for the signature algorithm because that seemed to be the only
published interface (given that the previous coding just didn't work). The
coding suggested in comment 7 suffers from relying on library internal
datastructures so I didn't like it either. Perhaps the OpenSSL maintainers
will provide us with a less-decorated (but still human-readable), documented as
stable, interface for this in the future. In the meantime we're reliant, with
the current coding, of the leading part of the output from X509_print_ex() not
significantly changing in future OpenSSL versions.

The signature extractor, as amended, suffers from the same crticism. To tidy
up its output I have to rely on the detail of the pre-tidied result of
X509_print_ex().

Does anyone else wish to comment?


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email