Skip to content

Commit

Permalink
Set default global mask to UTF8 only.
Browse files Browse the repository at this point in the history
  • Loading branch information
snhenson committed Jun 1, 2014
1 parent 92d81ba commit 3009244
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion crypto/asn1/a_strnid.c
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
* certain software (e.g. Netscape) has problems with them.
*/

static unsigned long global_mask = 0xFFFFFFFFL;
static unsigned long global_mask = B_ASN1_UTF8STRING;

void ASN1_STRING_set_default_mask(unsigned long mask)
{
Expand Down

2 comments on commit 3009244

@Vadiml1024
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This breaks stuff.
The CSR's generated after this patch contains fields encoded as UTF8
where in previous versions the same fields were Printable. This cause problems with CA's which are running older versions of openssl - they complains that generated certificate fields
values are different from CSR values

@bbanks
Copy link

@bbanks bbanks commented on 3009244 Jul 24, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I ran into the same problem noted by Vadiml1024. This can be worked around by calling the following:

ASN1_STRING_set_default_mask_asc("default");

This will set the mask back to the old Printable value.

Please sign in to comment.