> From: owner-openssl-us...@openssl.org On Behalf Of shailesh durgapal > Sent: Tuesday, 16 October, 2012 17:14
> I am seeing inconsistent values returned from BIO_read for > different IP addresses. My certificate has: > X509v3 extensions: > X509v3 Subject Alternative Name: > IP Address:10.112.245.153 > > The code looks something like: > > static int sslPrintf(BIO * bio, const char * format, ...) > { > va_list args; > va_start(args, format); > BIO_vprintf(bio, format, args); > va_end(args); > } > > int getSubjectAltName(X509 * certificate) > { > GENERAL_NAMES * subjectAltNames = NULL; > GENERAL_NAME * pName = NULL; > subjectAltNames = (GENERAL_NAMES *) > (X509_get_ext_d2i(certificate, > NID_subject_alt_name, &pos_san, > NULL)); > numAltNames = sk_num((STACK *)subjectAltNames); > > for (idx = 0; idx < numAltNames; ++idx) > { > pName = (GENERAL_NAME *) sk_value((STACK *)subjectAltNames, idx); > switch (pName->type) > { > case GEN_IPADD: > { > const unsigned char* data = (pName->d.iPAddress)->data; > BIO_METHOD * bm = BIO_s_mem(); > BIO * bio = BIO_new(bm); > if (length == 4) > { > sslPrintf(bio, "%d %d %d %d", data[0], data[1], data[2], > data[3]); > } Where did length come from? You need (genname)->d.iPAddress->length . If length is a global variable, probably some/most of the time it doesn't happen to contain 4 so you don't write *anything* to the BIO > for (;;) > { > i = BIO_read(bio, buf, sizeof(buf)); > if (i < 0) break; > } in which you don't read anything back either, and just leave whatever is in buff. Did you check i here? > } //case > } //switch > } > buf, in gdb, shows 245 153 0 0 > > If I recreate the cert with IP=10.129.245.153, buf is 153 0 0 0. > For IP=10.230.245.153, the buf shows correctly as 10 230 245 153. > > This piece of code of printing the IP is based on > GENERAL_NAME_print() in v3_alt.c > My goal here is to get the IP address (v4 and v6) in a char > buf. Any ideas on what is going on? Suggestions? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org