Daniel Marschall wrote: > Any idea? This problem exists since 2003 and noone found an answer - > this is unbelievable.
If you're waiting for somebody else to find a bug in *your* code, you're going to be waiting a long time. Comparing the text strings for literal equality makes no logical sense whatsoever and is unlikely to ever give a sensible result. If you want to compare two things for "equality", you need to define precisely what you mean by equality and implement a test for that exact definition. The method you are using will never work right. Consider if one certificate is issued to "Jack Smith\0 Jones" (where \0 is an embedded zero byte). How can you possibly compare that to anything sensibly with a text string compare? You are expecting somebody else to magically make your senseless code work. That's just not going to happen. You have to write sensible code. Go back to the drawing board. Define *precisely* what you mean by equality. And implement a test for exactly that. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
