Dear OpenSSL developer team, following up on the discussion quoted below on the openssl-users ML I would like to ask your opinions on adding a OCSP_resp_get1_id() function: int OCSP_resp_get1_id(const OCSP_BASICRESP *bs, ASN1_OCTET_STRING **pid, X509_NAME **pname); to allow API users to obtain non-const values from responses to pass on to downstream functions. Please also see my commit https://github.com/satta/openssl/commit/4392b12a0caa8f8e7df0bb6e1c94de7f744407ba implementing this. Looking forward to some comments -- if you are OK with it I would be happy to file a pull request. My CLA has been signed and emailed to OpenSSL Foundation's legal team. Unfortunately I could not find any existing tests for the get0 counterpart in the OpenSSL source. Did I miss something? That's the reason why I haven't included tests yet, having read the contributor's guide. Thanks and kind regards Sascha -------- Forwarded Message -------- Subject: Re: Duplicating const X509_NAME Date: Mon, 7 Nov 2016 12:54:03 -0600 From: Benjamin Kaduk <bkaduk@xxxxxxxxxx> Reply-To: openssl-users@xxxxxxxxxxx To: openssl-users@xxxxxxxxxxx On 11/07/2016 05:42 AM, Sascha Steinbiss wrote: > Hi all, > > I was wondering how to properly make a clone of a const X509_NAME in > OpenSSL 1.1? > > In particular, I am obtaining a const X509_NAME* via OCSP_resp_get0_id() > and would like to pass it to X509_find_by_subject() which takes a > X509_NAME* (non-const). I looked into using X509_NAME_dup() to obtain a > local copy -- which looked like the obvious approach -- but that also > only takes a non-const parameter. > > Any ideas? With > Hmm, seems like there may be a need for get1-style accessors, then. Supposedly missing accessors will get backported from master to the 1.1 branch (though making it in time for 1.1.0c later this week could be tough). It might be worth filing a pull request with such things. -Ben
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users