21 Feb
2008
21 Feb
'08
5:16 p.m.
On Sat, Feb 16, 2008 at 01:12:31PM -0800, Howard Chu wrote:
The recent trouble in ITS#5361 prompted me to look into the GnuTLS code a little deeper. It turns out that their corresponding set_subject_alt_name() API only takes a char * pointer as input, without a corresponding length. As such, this API will only work for string-form alternative names, and will typically break with IP addresses and other alternatives.
Has this been pointed out to the GnuTLS developers? Or is your frustration level too high :)
We have an interest in delivering OpenLDAP w/GnuTLS so anything to make GnuTLS better is something we'd like to see happen.
--
albert chin (china@thewrittenword.com)