On Sun, 2010-05-09 at 12:12 +0100, David Woodhouse wrote:
> Although that's OK for my purposes, I think it's actually a bug. The man
> page for PKCS12_parse() says that *ca can be a valid stack, in which
> case additional certificates are appended to *ca.
>
> It _doesn't_ say "oh, but if parsing f
On Fri, 2010-05-07 at 23:37 +0200, Dr. Stephen Henson wrote:
>
>
> If you pass a NULL for the final argument in PKCS12_parse() extra CA
> certificates are ignored as it has nowhere to put them.
>
> If you pass a pointer to a NULL STACK_OF(X509) i.e do:
>
> STACK_OF(X509) *ca = NULL;
>
> and pa
On Fri, May 07, 2010, David Woodhouse wrote:
> On Fri, 2010-05-07 at 19:24 +0200, Dr. Stephen Henson wrote:
> > Setting ca to NULL if it fails should work. That should be done in
> > PKCS12_parse() on error.
>
> AIUI I don't want it to be NULL; I need it to be an empty stack. I need
> the return
On Fri, 2010-05-07 at 19:24 +0200, Dr. Stephen Henson wrote:
> Setting ca to NULL if it fails should work. That should be done in
> PKCS12_parse() on error.
AIUI I don't want it to be NULL; I need it to be an empty stack. I need
the returned 'extra' certs so that I can work around RT#1942 on the
On Fri, May 07, 2010, David Woodhouse wrote:
> With OpenSSL 0.9.8n this test program segfaults the second time it tries
> to parse the PKCS#12 file. It was fixed for OpenSSL 1.0.0 by this
> commit: http://cvs.openssl.org/chngview?cn=17957
>
> Starting program: /home/dwmw2/p12test .cert/certificat
With OpenSSL 0.9.8n this test program segfaults the second time it tries
to parse the PKCS#12 file. It was fixed for OpenSSL 1.0.0 by this
commit: http://cvs.openssl.org/chngview?cn=17957
Starting program: /home/dwmw2/p12test .cert/certificate.p12
Enter PKCS#12 passphrase:
140737353934504:error:23