[Finally have a little bit of downtime, can turn my attention back to this...]
On 2010-03-25, at 2:34 PM, Juan Lang wrote: >> I don't have any password-protected certificates to test with, so I can't >> add such a test (it was not required for our implementation). > > You can if you create one (on Windows.) I do not know how to do that. The motivation behind this patch is to get something of value inside WineHQ so that the implementation of this function can be started. It is possible that we may implement password-protection and private key extraction in the future, or someone else may do it. This would be great for the community. But it's not something that I can do right now. >> So what you want is to import two new functions (sk_X509_new_null() and >> sk_X509_free()) and use them to create a STACK_OF(X509) whose sole purpose >> is to detect if there are more certificates, and then ERR or TRACE if there >> are, and then dispose? > > No, I suppose not. A test marked todo_wine would be better. I don't disagree that this implementation is incomplete. It is, however, much less incomplete than what was there before in the sense of > >> Ah. In that case, it does not really matter what the string is, right? I can >> remove it if you don't want it. > > Please do ;) Unnecessary strings will be removed in the next submission. The motivation behind this patch is/was to get *something* into WineHQ so that the next time we or someone else needs to work on this, there is a basic skeleton in place. As a bonus, this skeleton actually does something useful (get the certificate using OpenSSL). We know it works and is useful because a now-shipping game is using it. If the WineHQ community feels that an incomplete implementation is not good enough for a patch submission, that is entirely their prerogative. I would obviously prefer that my patch be (eventually) incorporated, but I understand the reasoning. Philippe Casgrain [Again, apologies for the delay, things are just crazy-busy around here...]
