[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: GnuTLS considered harmful

To: openldap-devel@openldap.org
Subject: Re: GnuTLS considered harmful
From: Albert Chin <openldap-devel@mlists.thewrittenword.com>
Date: Thu, 21 Feb 2008 19:16:14 -0600
Content-disposition: inline
In-reply-to: <47B751BF.8010103@symas.com>
References: <47B751BF.8010103@symas.com>
User-agent: Mutt/1.5.6i

On Sat, Feb 16, 2008 at 01:12:31PM -0800, Howard Chu wrote:
> The recent trouble in ITS#5361 prompted me to look into the GnuTLS
> code a little deeper. It turns out that their corresponding
> set_subject_alt_name() API only takes a char * pointer as input,
> without a corresponding length. As such, this API will only work for
> string-form alternative names, and will typically break with IP
> addresses and other alternatives.

Has this been pointed out to the GnuTLS developers? Or is your
frustration level too high :)

We have an interest in delivering OpenLDAP w/GnuTLS so anything to
make GnuTLS better is something we'd like to see happen.

-- 
albert chin (china@thewrittenword.com)

Follow-Ups:
- Re: GnuTLS considered harmful
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

References:
- GnuTLS considered harmful
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: GnuTLS considered harmful
Next by Date: test050 failures
Index(es):
- Chronological
- Thread