On 02-04-30 10:59:08 CEST, Michael Bell wrote: > Lutz Jaenicke schrieb: > > > > On Mon, Apr 29, 2002 at 10:33:10AM +0200, Michael Bell wrote: > > > > > The only problem for the future is the support of this flag in all the > > > other tools (especially ca and req have problems with their option > > > -subj). > > > > Robert Joop sent a patch last week (not applied, yet). Does it solve the > > problems you mention? > > The problem which I mean is more general. The parser of the value which > is passed to openssl -subj is not really clever. So the my comment was > only a notice for the future. It is not relevant for 0.9.7.
would you care to elaborate? what will be missing after we can give escaped characters to the -subj argument? one potential problem not far away: applications that parse index.txt run into problems because the / characters inside RDNs are not escaped. (but they could be, other characters are denoted as \xXX already, äöüß become \xE4\xF6\xFC\xDF (which reminds me of the stuff-all-8bit-charsets-into-T.61-problem, but that's another topic...).) > Another problem (which I found yesterday evening) are req and crl. Both > tools don't have the option -nameopt but they display an issuer (crl) or > a DN (req). Perhaps the new functions (to display the DN in various > formats) are not usable for them because they are x509-functions. i sent a patch for this to this list yesterday. rj ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]