On 2007.12.20 at 16:55:43 +, Dr Stephen Henson wrote:
Well it depends what you want to do. A (usually) readable representation
of an X509 DN would have needed X509_NAME_oneline() back then.
A portable way of using DNs for access control could use either the DN
What do you mean under
Victor Wagner wrote:
On 2007.12.20 at 16:55:43 +, Dr Stephen Henson wrote:
And most of OpenSSL applications have same problem. I've already spend
considerable time convincing authors of various applications, that
OPENSSL_config (which is already here from 0.9.7) ought to be called.
On 2007.12.19 at 11:40:32 -0600, William A. Rowe, Jr. wrote:
Victor Wagner wrote:
On 2007.12.19 at 10:10:54 +0100, Yann wrote:
The changes regarding X509V3_EXT_print() seems more problematic since the
extensions values are used in string
comparison (strcmp and likes), hence the human
Victor Wagner wrote:
On 2007.12.19 at 11:40:32 -0600, William A. Rowe, Jr. wrote:
Victor Wagner wrote:
On 2007.12.19 at 10:10:54 +0100, Yann wrote:
The changes regarding X509V3_EXT_print() seems more problematic since the
extensions values are used in string
comparison (strcmp and
On 2007.12.20 at 13:53:12 +, Dr Stephen Henson wrote:
Yes I noticed mod_ssl uses the obsolete X509_NAME_oneline() function all
over the place.
Problem is that it was written long time ago, when no better way exist.
Someone have to go over the code and change it to more modern API.
And
Victor Wagner wrote:
On 2007.12.20 at 13:53:12 +, Dr Stephen Henson wrote:
Yes I noticed mod_ssl uses the obsolete X509_NAME_oneline() function all
over the place.
Problem is that it was written long time ago, when no better way exist.
Someone have to go over the code and change it to
Dr Stephen Henson wrote:
Yann wrote:
Hi,
The joined patch allows the use of client certificate extensions values
(by long/short name or OID) in
the mod_ssl/SSLRequire directive.
This functionnality is available in the 2.2.x and trunk branches but
hasn't been backported
in the 2.0.61, while
Yann wrote:
The changes regarding X509V3_EXT_print() seems more problematic since
the extensions values are used in string
comparison (strcmp and likes), hence the human readable version, and
the code is actually shared with the other
expressions of the SSLRequire directive.
Well the
On 2007.12.19 at 10:10:54 +0100, Yann wrote:
The changes regarding X509V3_EXT_print() seems more problematic since the
extensions values are used in string
comparison (strcmp and likes), hence the human readable version, and the
I hope that saying human readable you mean utf-8?
I'd say that
Victor Wagner wrote:
On 2007.12.19 at 10:10:54 +0100, Yann wrote:
The changes regarding X509V3_EXT_print() seems more problematic since the
extensions values are used in string
comparison (strcmp and likes), hence the human readable version, and the
I hope that saying human readable you
Hi,
The joined patch allows the use of client certificate extensions values (by
long/short name or OID) in
the mod_ssl/SSLRequire directive.
This functionnality is available in the 2.2.x and trunk branches but hasn't
been backported
in the 2.0.61, while this can be a very usefull feature (at
Yann wrote:
Hi,
The joined patch allows the use of client certificate extensions values
(by long/short name or OID) in
the mod_ssl/SSLRequire directive.
This functionnality is available in the 2.2.x and trunk branches but
hasn't been backported
in the 2.0.61, while this can be a very
12 matches
Mail list logo