Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Usage of X509_NAME_oneline is ``strongly discouraged'' #745

Open
jcrowgey opened this issue Mar 28, 2018 · 0 comments
Open

Usage of X509_NAME_oneline is ``strongly discouraged'' #745

jcrowgey opened this issue Mar 28, 2018 · 0 comments
Labels
beginner-friendly enhancement waiting-for-bindings

Comments

@jcrowgey
Copy link

From the openssl 1.1.0f manual page for X509_NAME_PRINT_EX(3SSL)

NOTES
       The functions X509_NAME_oneline() and X509_NAME_print() are legacy functions which produce a non standard output form, they don't handle multi character fields and
       have various quirks and inconsistencies. Their use is strongly discouraged in new applications.

I noticed that pyopenssl.crypto.X509Name.repr uses X509_NAME_oneline to generate part of the repr:

pyopenssl/src/OpenSSL/crypto.py

Line 647 in 57c2f03

format_result = _lib.X509_NAME_oneline(

@jcrowgey jcrowgey mentioned this issue Mar 28, 2018
Merged
@alex alex modified the milestones: 17.3.0, 18.0.0 Mar 28, 2018
jcrowgey pushed a commit to jcrowgey/pyopenssl that referenced this issue Mar 28, 2018
Change X509_NAME_oneline for X509_NAME_print_ex [Fixes pyca#745]
e7d62e2 
Additionally, makes stringified part conformant to RFC2253
@reaperhulk reaperhulk removed this from the 18.0.0 milestone May 16, 2018
@pyca pyca deleted a comment Jun 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
beginner-friendly enhancement waiting-for-bindings
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alex @reaperhulk @jcrowgey