diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-20 09:23:13 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-20 09:23:13 +0000 |
| commit | aa3fda413b5f2eaaa1a9a36c5c774c49b38ef56b (patch) | |
| tree | 34a1d91499b92ff56d111892f4bf60ceb12755c5 | |
| parent | 3a1567bb57c54d95067bd7aea8351f3606b968d0 (diff) | |
| download | gnutls-aa3fda413b5f2eaaa1a9a36c5c774c49b38ef56b.tar.gz | |
* The diffie Hellman ciphersuites are now of higher priority than
the plain RSA.
* Added the new libtasn1.
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | lib/gnutls_priority.c | 13 | ||||
| -rw-r--r-- | lib/minitasn1/coding.c | 14 | ||||
| -rw-r--r-- | lib/minitasn1/decoding.c | 7 | ||||
| -rw-r--r-- | lib/minitasn1/element.c | 62 | ||||
| -rw-r--r-- | lib/minitasn1/errors.c | 1 | ||||
| -rw-r--r-- | lib/minitasn1/errors_int.h | 9 | ||||
| -rw-r--r-- | lib/minitasn1/int.h | 2 | ||||
| -rw-r--r-- | lib/minitasn1/libtasn1.h | 19 | ||||
| -rw-r--r-- | lib/minitasn1/structure.c | 22 | ||||
| -rw-r--r-- | lib/x509/dn.c | 9 |
11 files changed, 82 insertions, 78 deletions
@@ -4,6 +4,8 @@ Version 0.9.3 The rest was moved to the libgnutls-x509. - Improved the error logging functions, by adding a level, and by allowing debugging messages just by increasing the level. +- The diffie Hellman ciphersuites are now of higher priority than + the plain RSA. Version 0.9.2 (15/03/2003) - Some corrections in the memory mapping code (file is unmapped after diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index 166d5fc207..6158140473 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -256,7 +256,8 @@ int gnutls_certificate_type_set_priority(gnutls_session session, * the appropriate functions. * * The order is TLS1, SSL3 for protocols. - * GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA for key exchange algorithms. + * GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA for key exchange + * algorithms. * GNUTLS_MAC_SHA, GNUTLS_MAC_MD5 for MAC algorithms. * GNUTLS_CIPHER_RIJNDAEL_256_CBC, * GNUTLS_CIPHER_RIJNDAEL_128_CBC, @@ -269,7 +270,7 @@ int gnutls_set_default_priority(gnutls_session session) static const int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; static const int kx_priority[16] = - { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, 0 }; + { GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA, 0 }; static const int cipher_priority[16] = { GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, 0 @@ -294,8 +295,8 @@ int gnutls_set_default_priority(gnutls_session session) * Sets some default priority on the ciphers, key exchange methods, macs * and compression methods. This is to avoid using the gnutls_*_priority() functions, if * these defaults are ok. This function also includes weak algorithms. - * The order is TLS1, SSL3 for protocols, GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, - * GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA_EXPORT for key exchange algorithms. + * The order is TLS1, SSL3 for protocols, GNUTLS_KX_DHE_DSS, + * GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA, GNUTLS_KX_RSA_EXPORT for key exchange algorithms. * GNUTLS_MAC_SHA, GNUTLS_MAC_MD5 for MAC algorithms, * GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC, * and GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, @@ -308,8 +309,8 @@ int gnutls_set_default_export_priority(gnutls_session session) GNUTLS_TLS1, GNUTLS_SSL3, 0 }; static const int kx_priority[16] = { - GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, - GNUTLS_KX_RSA_EXPORT, 0 + GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, + GNUTLS_KX_RSA, GNUTLS_KX_RSA_EXPORT, 0 }; static const int cipher_priority[16] = { GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC, diff --git a/lib/minitasn1/coding.c b/lib/minitasn1/coding.c index ea211410a3..a4e307f2d1 100644 --- a/lib/minitasn1/coding.c +++ b/lib/minitasn1/coding.c @@ -175,9 +175,9 @@ _asn1_time_der(unsigned char *str,unsigned char *der,int *der_len) max_len=*der_len; - if(der==NULL) return ASN1_SUCCESS; - _asn1_length_der(strlen(str),der,&len_len); - if((len_len+strlen(str))<=max_len) + _asn1_length_der(strlen(str),(max_len>0)?der:NULL,&len_len); + + if((len_len+(int)strlen(str))<=max_len) memcpy(der+len_len,str,strlen(str)); *der_len=len_len+strlen(str); @@ -244,11 +244,10 @@ _asn1_objectid_der(unsigned char *str,unsigned char *der,int *der_len) unsigned char bit7; unsigned long val,val1=0; - if(der==NULL) return ASN1_SUCCESS; - max_len=*der_len; - temp=(char *) malloc(strlen(str)+2); + temp=(char *) _asn1_alloca(strlen(str)+2); + if(temp==NULL) return ASN1_MEM_ALLOC_ERROR; strcpy(temp, str); strcat(temp, "."); @@ -290,7 +289,7 @@ _asn1_objectid_der(unsigned char *str,unsigned char *der,int *der_len) } *der_len+=len_len; - free(temp); + _asn1_afree(temp); if(max_len<(*der_len)) return ASN1_MEM_ERROR; @@ -812,6 +811,7 @@ asn1_der_coding(ASN1_TYPE element,const char *name,unsigned char *der,int *len, } len2=max_len; ris=_asn1_objectid_der(p->value,der+counter,&len2); + if(ris==ASN1_MEM_ALLOC_ERROR) return ris; max_len-=len2; counter+=len2; move=RIGHT; diff --git a/lib/minitasn1/decoding.c b/lib/minitasn1/decoding.c index 00013881ad..29dc9c9e31 100644 --- a/lib/minitasn1/decoding.c +++ b/lib/minitasn1/decoding.c @@ -602,7 +602,7 @@ asn1_der_decoding(ASN1_TYPE *element,const unsigned char *der,int len, temp2=(unsigned char *)_asn1_alloca(len2+len3+len4); if (temp2==NULL){ asn1_delete_structure(element); - return ASN1_MEM_ERROR; + return ASN1_MEM_ALLOC_ERROR; } _asn1_octet_der(der+counter,len2+len3,temp2,&len4); @@ -669,6 +669,7 @@ asn1_der_decoding(ASN1_TYPE *element,const unsigned char *der,int len, * ASN1_ELEMENT_NOT_FOUND\: ELEMENT is ASN1_TYPE_EMPTY or elementName == NULL. * * ASN1_TAG_ERROR,ASN1_DER_ERROR\: the der encoding doesn't match the structure STRUCTURE. *ELEMENT deleted. + * **/ asn1_retCode asn1_der_decoding_element(ASN1_TYPE *structure,const char *elementName, @@ -700,7 +701,7 @@ asn1_der_decoding_element(ASN1_TYPE *structure,const char *elementName, if(nameLen>0) strcpy(currentName,(*structure)->name); else{ asn1_delete_structure(structure); - return ASN1_MEM_ERROR; + return ASN1_MEM_ERROR; } if(!(strcmp(currentName,elementName))){ state=FOUND; @@ -1000,7 +1001,7 @@ asn1_der_decoding_element(ASN1_TYPE *structure,const char *elementName, temp2=(unsigned char *)_asn1_alloca(len2+len3+len4); if (temp2==NULL){ asn1_delete_structure(structure); - return ASN1_MEM_ERROR; + return ASN1_MEM_ALLOC_ERROR; } _asn1_octet_der(der+counter,len2+len3,temp2,&len4); diff --git a/lib/minitasn1/element.c b/lib/minitasn1/element.c index 8b71d05ddf..ff1ac0f122 100644 --- a/lib/minitasn1/element.c +++ b/lib/minitasn1/element.c @@ -294,7 +294,7 @@ asn1_write_value(node_asn *node_root,const char *name, if(len==0){ if((isdigit(value[0])) || (value[0]=='-')){ value_temp=(unsigned char *)_asn1_alloca(SIZEOF_UNSIGNED_LONG_INT); - if (value_temp==NULL) return ASN1_MEM_ERROR; + if (value_temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_convert_integer(value,value_temp,SIZEOF_UNSIGNED_LONG_INT, &len); } @@ -305,7 +305,7 @@ asn1_write_value(node_asn *node_root,const char *name, if(type_field(p->type)==TYPE_CONSTANT){ if((p->name) && (!strcmp(p->name,value))){ value_temp=(unsigned char *)_asn1_alloca(SIZEOF_UNSIGNED_LONG_INT); - if (value_temp==NULL) return ASN1_MEM_ERROR; + if (value_temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_convert_integer(p->value,value_temp,SIZEOF_UNSIGNED_LONG_INT, &len); break; @@ -318,7 +318,7 @@ asn1_write_value(node_asn *node_root,const char *name, } else{ /* len != 0 */ value_temp=(unsigned char *)_asn1_alloca(len); - if (value_temp==NULL) return ASN1_MEM_ERROR; + if (value_temp==NULL) return ASN1_MEM_ALLOC_ERROR; memcpy(value_temp,value,len); } @@ -338,7 +338,7 @@ asn1_write_value(node_asn *node_root,const char *name, _asn1_length_der(len-k,NULL,&len2); temp=(unsigned char *)_asn1_alloca(len-k+len2); - if (temp==NULL) return ASN1_MEM_ERROR; + if (temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_octet_der(value_temp+k,len-k,temp,&len2); _asn1_set_value(node,temp,len2); @@ -351,7 +351,7 @@ asn1_write_value(node_asn *node_root,const char *name, while(type_field(p->type)!=TYPE_DEFAULT) p=p->right; if((isdigit(p->value[0])) || (p->value[0]=='-')){ default_temp=(unsigned char *)_asn1_alloca(SIZEOF_UNSIGNED_LONG_INT); - if (default_temp==NULL) return ASN1_MEM_ERROR; + if (default_temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_convert_integer(p->value,default_temp,SIZEOF_UNSIGNED_LONG_INT,&len2); } @@ -362,7 +362,7 @@ asn1_write_value(node_asn *node_root,const char *name, if(type_field(p2->type)==TYPE_CONSTANT){ if((p2->name) && (!strcmp(p2->name,p->value))){ default_temp=(unsigned char *)_asn1_alloca(SIZEOF_UNSIGNED_LONG_INT); - if (default_temp==NULL) return ASN1_MEM_ERROR; + if (default_temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_convert_integer(p2->value,default_temp,SIZEOF_UNSIGNED_LONG_INT,&len2); break; @@ -430,7 +430,7 @@ asn1_write_value(node_asn *node_root,const char *name, len=strlen(value); _asn1_length_der(len,NULL,&len2); temp=(unsigned char *)_asn1_alloca(len+len2); - if (temp==NULL) return ASN1_MEM_ERROR; + if (temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_octet_der(value,len,temp,&len2); _asn1_set_value(node,temp,len2); @@ -441,7 +441,7 @@ asn1_write_value(node_asn *node_root,const char *name, len=strlen(value); _asn1_length_der(len,NULL,&len2); temp=(unsigned char *)_asn1_alloca(len+len2); - if (temp==NULL) return ASN1_MEM_ERROR; + if (temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_octet_der(value,len,temp,&len2); _asn1_set_value(node,temp,len2); @@ -452,7 +452,7 @@ asn1_write_value(node_asn *node_root,const char *name, len=strlen(value); _asn1_length_der((len>>3)+2,NULL,&len2); temp=(unsigned char *)_asn1_alloca((len>>3)+2+len2); - if (temp==NULL) return ASN1_MEM_ERROR; + if (temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_bit_der(value,len,temp,&len2); _asn1_set_value(node,temp,len2); @@ -476,7 +476,7 @@ asn1_write_value(node_asn *node_root,const char *name, case TYPE_ANY: _asn1_length_der(len,NULL,&len2); temp=(unsigned char *)_asn1_alloca(len+len2); - if (temp==NULL) return ASN1_MEM_ERROR; + if (temp==NULL) return ASN1_MEM_ALLOC_ERROR; _asn1_octet_der(value,len,temp,&len2); _asn1_set_value(node,temp,len2); @@ -704,8 +704,8 @@ asn1_read_value(node_asn *root,const char *name,unsigned char *value, int *len) * asn1_read_tag - Returns the TAG of one element inside a structure * @root: pointer to a structure * @name: the name of the element inside a structure. - * @tag: variable that will contain the TAG value. - * @class: variable that will specify the TAG type. + * @tagValue: variable that will contain the TAG value. + * @classValue: variable that will specify the TAG type. * * Description: * @@ -721,7 +721,7 @@ asn1_read_value(node_asn *root,const char *name,unsigned char *value, int *len) * **/ asn1_retCode -asn1_read_tag(node_asn *root,const char *name,int *tag, int *class) +asn1_read_tag(node_asn *root,const char *name,int *tagValue, int *classValue) { node_asn *node,*p,*pTag; @@ -745,43 +745,43 @@ asn1_read_tag(node_asn *root,const char *name,int *tag, int *class) } if(pTag){ - *tag=strtoul(pTag->value,NULL,10); + *tagValue=strtoul(pTag->value,NULL,10); - if(pTag->type&CONST_APPLICATION) *class=ASN1_CLASS_APPLICATION; - else if(pTag->type&CONST_UNIVERSAL) *class=ASN1_CLASS_UNIVERSAL; - else if(pTag->type&CONST_PRIVATE) *class=ASN1_CLASS_PRIVATE; - else *class=ASN1_CLASS_CONTEXT_SPECIFIC; + if(pTag->type&CONST_APPLICATION) *classValue=ASN1_CLASS_APPLICATION; + else if(pTag->type&CONST_UNIVERSAL) *classValue=ASN1_CLASS_UNIVERSAL; + else if(pTag->type&CONST_PRIVATE) *classValue=ASN1_CLASS_PRIVATE; + else *classValue=ASN1_CLASS_CONTEXT_SPECIFIC; } else{ - *class=ASN1_CLASS_UNIVERSAL; + *classValue=ASN1_CLASS_UNIVERSAL; switch(type_field(node->type)){ case TYPE_NULL: - *tag=ASN1_TAG_NULL;break; + *tagValue=ASN1_TAG_NULL;break; case TYPE_BOOLEAN: - *tag=ASN1_TAG_BOOLEAN;break; + *tagValue=ASN1_TAG_BOOLEAN;break; case TYPE_INTEGER: - *tag=ASN1_TAG_INTEGER;break; + *tagValue=ASN1_TAG_INTEGER;break; case TYPE_ENUMERATED: - *tag=ASN1_TAG_ENUMERATED;break; + *tagValue=ASN1_TAG_ENUMERATED;break; case TYPE_OBJECT_ID: - *tag=ASN1_TAG_OBJECT_ID;break; + *tagValue=ASN1_TAG_OBJECT_ID;break; case TYPE_TIME: if(node->type&CONST_UTC){ - *tag=ASN1_TAG_UTCTime; + *tagValue=ASN1_TAG_UTCTime; } - else *tag=ASN1_TAG_GENERALIZEDTime; + else *tagValue=ASN1_TAG_GENERALIZEDTime; break; case TYPE_OCTET_STRING: - *tag=ASN1_TAG_OCTET_STRING;break; + *tagValue=ASN1_TAG_OCTET_STRING;break; case TYPE_GENERALSTRING: - *tag=ASN1_TAG_GENERALSTRING;break; + *tagValue=ASN1_TAG_GENERALSTRING;break; case TYPE_BIT_STRING: - *tag=ASN1_TAG_BIT_STRING;break; + *tagValue=ASN1_TAG_BIT_STRING;break; case TYPE_SEQUENCE: case TYPE_SEQUENCE_OF: - *tag=ASN1_TAG_SEQUENCE;break; + *tagValue=ASN1_TAG_SEQUENCE;break; case TYPE_SET: case TYPE_SET_OF: - *tag=ASN1_TAG_SET;break; + *tagValue=ASN1_TAG_SET;break; case TYPE_TAG: case TYPE_CHOICE: case TYPE_ANY: diff --git a/lib/minitasn1/errors.c b/lib/minitasn1/errors.c index bc51e9fe86..70f38cb3a8 100644 --- a/lib/minitasn1/errors.c +++ b/lib/minitasn1/errors.c @@ -47,6 +47,7 @@ static libtasn1_error_entry error_algorithms[] = { LIBTASN1_ERROR_ENTRY( ASN1_ERROR_TYPE_ANY ), LIBTASN1_ERROR_ENTRY( ASN1_SYNTAX_ERROR ), LIBTASN1_ERROR_ENTRY( ASN1_MEM_ERROR ), + LIBTASN1_ERROR_ENTRY( ASN1_MEM_ALLOC_ERROR ), LIBTASN1_ERROR_ENTRY( ASN1_DER_OVERFLOW ), LIBTASN1_ERROR_ENTRY( ASN1_NAME_TOO_LONG ), LIBTASN1_ERROR_ENTRY( ASN1_ARRAY_ERROR ), diff --git a/lib/minitasn1/errors_int.h b/lib/minitasn1/errors_int.h index 351dd26d4a..6d2706f088 100644 --- a/lib/minitasn1/errors_int.h +++ b/lib/minitasn1/errors_int.h @@ -15,9 +15,10 @@ #define ASN1_ERROR_TYPE_ANY 10 #define ASN1_SYNTAX_ERROR 11 #define ASN1_MEM_ERROR 12 -#define ASN1_DER_OVERFLOW 13 -#define ASN1_NAME_TOO_LONG 14 -#define ASN1_ARRAY_ERROR 15 -#define ASN1_ELEMENT_NOT_EMPTY 16 +#define ASN1_MEM_ALLOC_ERROR 13 +#define ASN1_DER_OVERFLOW 14 +#define ASN1_NAME_TOO_LONG 15 +#define ASN1_ARRAY_ERROR 16 +#define ASN1_ELEMENT_NOT_EMPTY 17 diff --git a/lib/minitasn1/int.h b/lib/minitasn1/int.h index 2c37e27c00..cd2220414f 100644 --- a/lib/minitasn1/int.h +++ b/lib/minitasn1/int.h @@ -32,7 +32,7 @@ #include <mem.h> -#define LIBTASN1_VERSION "0.2.2" +#define LIBTASN1_VERSION "0.2.3" #define MAX32 4294967295 #define MAX24 16777215 diff --git a/lib/minitasn1/libtasn1.h b/lib/minitasn1/libtasn1.h index b687ecee98..bcbb84f440 100644 --- a/lib/minitasn1/libtasn1.h +++ b/lib/minitasn1/libtasn1.h @@ -28,7 +28,7 @@ extern "C" { #endif -#define LIBTASN1_VERSION "0.2.2" +#define LIBTASN1_VERSION "0.2.3" #include <sys/types.h> #include <time.h> @@ -58,10 +58,11 @@ typedef int asn1_retCode; /* type returned by libasn1 functions */ #define ASN1_ERROR_TYPE_ANY 10 #define ASN1_SYNTAX_ERROR 11 #define ASN1_MEM_ERROR 12 -#define ASN1_DER_OVERFLOW 13 -#define ASN1_NAME_TOO_LONG 14 -#define ASN1_ARRAY_ERROR 15 -#define ASN1_ELEMENT_NOT_EMPTY 16 +#define ASN1_MEM_ALLOC_ERROR 13 +#define ASN1_DER_OVERFLOW 14 +#define ASN1_NAME_TOO_LONG 15 +#define ASN1_ARRAY_ERROR 16 +#define ASN1_ELEMENT_NOT_EMPTY 17 /*************************************/ /* Constants used in asn1_visit_tree */ @@ -170,11 +171,11 @@ asn1_retCode asn1_expand_any_defined_by(ASN1_TYPE definitions, asn1_retCode asn1_expand_octet_string(ASN1_TYPE definitions,ASN1_TYPE *element, const char *octetName,const char *objectName); -asn1_retCode asn1_read_tag(node_asn *root,const char *name,int *tag, - int *class); +asn1_retCode asn1_read_tag(node_asn *root,const char *name,int *tagValue, + int *classValue); -asn1_retCode asn1_find_structure_from_oid(ASN1_TYPE definitions, - const char *oidValue,char *structureName); +const char* asn1_find_structure_from_oid(ASN1_TYPE definitions, + const char *oidValue); const char *asn1_check_version( const char *req_version ); diff --git a/lib/minitasn1/structure.c b/lib/minitasn1/structure.c index 7eb6fdec05..1291a00981 100644 --- a/lib/minitasn1/structure.c +++ b/lib/minitasn1/structure.c @@ -860,24 +860,21 @@ asn1_number_of_elements(ASN1_TYPE element,const char *name,int *num) * after an OID definition. * @definitions: ASN1 definitions * @oidValue: value of the OID to search (e.g. "1.2.3.4"). - * @structureName: name returned by the function, that is the structure - * defined just after the OID of value equal to OIDVALUE. - * It must be an array of MAX_NAME_SIZE char elements. - * * Description: * * Search the structure that is defined just after an OID definition. * * Returns: * - * ASN1_SUCCESS\: structure found. + * NULL when OIDVALUE not found, * - * ASN1_ELEMENT_NOT_FOUND\: OID equal to OIDVALUE not found. + * otherwise the pointer to a constant string that contains the element + * name defined just after the OID. * **/ -asn1_retCode +const char* asn1_find_structure_from_oid(ASN1_TYPE definitions, - const char *oidValue,char *structureName) + const char *oidValue) { char definitionsName[MAX_NAME_SIZE],name[2*MAX_NAME_SIZE+1]; char value[MAX_NAME_SIZE]; @@ -886,7 +883,7 @@ asn1_find_structure_from_oid(ASN1_TYPE definitions, asn1_retCode result; if((definitions==ASN1_TYPE_EMPTY) || (oidValue==NULL)) - return ASN1_ELEMENT_NOT_FOUND; + return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ strcpy(definitionsName,definitions->name); @@ -906,16 +903,15 @@ asn1_find_structure_from_oid(ASN1_TYPE definitions, if((result == ASN1_SUCCESS) && (!strcmp(oidValue,value))){ p=p->right; if(p==NULL) /* reach the end of ASN1 definitions */ - return ASN1_ELEMENT_NOT_FOUND; + return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ - strcpy(structureName,p->name); - return ASN1_SUCCESS; + return p->name; } } p=p->right; } - return ASN1_ELEMENT_NOT_FOUND; + return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ } diff --git a/lib/x509/dn.c b/lib/x509/dn.c index e471dea70b..c962ad33a9 100644 --- a/lib/x509/dn.c +++ b/lib/x509/dn.c @@ -488,7 +488,8 @@ int _gnutls_x509_parse_dn_oid(ASN1_TYPE asn1_struct, int _gnutls_x509_encode_and_write_attribute( const char* given_oid, ASN1_TYPE asn1_struct, const char* where, const unsigned char* data, int sizeof_data, int multi) { -char val_name[MAX_NAME_SIZE], tmp[128]; +const char *val_name; +char tmp[128]; ASN1_TYPE c2; opaque *der; int der_len, result; @@ -496,10 +497,10 @@ int der_len, result; /* Find how to encode the data. */ - result = asn1_find_structure_from_oid( _gnutls_get_pkix(), given_oid, val_name); - if (result != ASN1_SUCCESS) { + val_name = asn1_find_structure_from_oid( _gnutls_get_pkix(), given_oid); + if (val_name == NULL) { gnutls_assert(); - return _gnutls_asn2err(result); + return GNUTLS_E_ASN1_GENERIC_ERROR; } _gnutls_str_cpy( tmp, sizeof(tmp), "PKIX1."); |