Skip to content

openssl: make CURLINFO_CERTINFO not truncate x509v3 fields#4841

Closed
bagder wants to merge 1 commit intomasterfrom
bagder/openssl-certinfo-trunc
Closed

openssl: make CURLINFO_CERTINFO not truncate x509v3 fields#4841
bagder wants to merge 1 commit intomasterfrom
bagder/openssl-certinfo-trunc

Conversation

@bagder
Copy link
Copy Markdown
Member

@bagder bagder commented Jan 22, 2020

Avoid "reparsing" the content and instead deliver more exactly what is
provided in the certificate and avoid truncating the data after 512
bytes as done previously. This no longer removes embedded newlines.

Fixes #4837
Reported-by: bnfp on github

Avoid "reparsing" the content and instead deliver more exactly what is
provided in the certificate and avoid truncating the data after 512
bytes as done previously. This no longer removes embedded newlines.

Fixes #4837
Reported-by: bnfp on github
@bagder bagder added the TLS label Jan 22, 2020
@bagder bagder closed this in 3ecdfb1 Jan 23, 2020
@bagder bagder deleted the bagder/openssl-certinfo-trunc branch January 23, 2020 08:26
@sjadhavar
Copy link
Copy Markdown
Contributor

After this change, I am not able to get the Subject Alternate Names (SAN) from certificate.

@bagder
Copy link
Copy Markdown
Member Author

bagder commented Mar 16, 2020

Please submit an issue if you have an issue...

@malhotrag
Copy link
Copy Markdown
Contributor

Leaving this comment just for information. This commit introduced a small change in the representation of the certinfo data.

Prior to this commit, the "X509v3 Subject Alternative Name" data in the slist was stored as
X509v3 Subject Alternative Name:DNS:github.com,DNS:www.github.com

After this commit, the data is stored as
X509v3 Subject Alternative Name:DNS:github.com, DNS:www.github.com

Note the additional space after the comma in the new representation.

@sjadhavar
Copy link
Copy Markdown
Contributor

Thanks! I will change my consumer code to handle the extra space in SAN.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Development

Successfully merging this pull request may close these issues.

[libcurl] certificate field get truncated

3 participants