summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls13_record_layer.c
diff options
context:
space:
mode:
authortb <>2025-01-26 20:18:26 +0000
committertb <>2025-01-26 20:18:26 +0000
commit80844e02467bab7374b1966f0854a9ca8614e43d (patch)
tree0aeec67dcf3be4c7ea52ab8ca0e1028737c810d0 /src/lib/libssl/tls13_record_layer.c
parente60d2433001c7f994093f7d221eb54810da52846 (diff)
downloadopenbsd-80844e02467bab7374b1966f0854a9ca8614e43d.tar.gz
openbsd-80844e02467bab7374b1966f0854a9ca8614e43d.tar.bz2
openbsd-80844e02467bab7374b1966f0854a9ca8614e43d.zip
Rework X509_NAME_print()
This is legacy API that we can unexport since nothing uses it directly. Unfortunately we need to keep the functions because there are plenty of things that use it indirectly by passing XN_FLAG_COMPAT to X509_print_ex(). The old implementation parsed the X509_NAME_oneline() output in order to remove the / preceding the (one or two-uppercase letters) name and to insert ", " afterward. This is just stupid in so many ways, not least because there's basically no limit to the garbage that you can stuff into an X.500 name. So rework this and only include the name entries whose short names are one or two letters long. This way, this becomes slightly saner and less fragile. ok jsing
Diffstat (limited to 'src/lib/libssl/tls13_record_layer.c')
0 files changed, 0 insertions, 0 deletions