[EMAIL PROTECTED] - Fri Jun 13 22:27:37 2003]: > Hello, > > I've already sent this mail to openssl-dev, and saw a little bit later > that a request tracker was set up. > So, i forward it to you. > > > Here are 2 tars including diff files to implement CRL numbers in ca's > CRL generation. > File changed are: app/ca.c, apps/openssl.cnf and > crypto/x509v3/v3_int.c > > -- > First tar includes changes applied to the 0.9.7b branch (fully tested > by myself) > -- > Second one includes changes applied to the cvs version of ca.c and > openssl.cnf taken from cvsweb. > (I've used the new save_serial() and the new rotate_serial(), much > easier !!) > As i've no access to a cvs tarball, i haven't been able to test my > changes. > I hope my changes will work without modifications. > -- > > If you have any question, suggestion or flame, don't hesitate to > contact me. > > I'd love to see crl numbers implemented in the next openssl release, > so if it needed > more work, i'll be happy to help. >
Thanks for the contribution, most of the changes seem reasonable and should certainly make it into 0.9.8. However I think that X509_CRL_set_crlnumber() should instead convert the BIGNUM to an ASN1_INTEGER then make use of the standard function X509_CRL_add1_ext_i2d() passing the ASN1_INTEGER into the value parameter. This should set the CRL number using a portable call and avoid having to access structure internals. Also if you do that the changes in v3_int.c are no longer needed. Please contact me if you want more info about how to do that. Steve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
