Closed Bug 294537 Opened 16 years ago Closed 14 years ago

ssltap should display ASCII CA names from cert request message

Categories

(NSS :: Tools, enhancement, P2)

3.10
enhancement

Tracking

(Not tracked)

RESOLVED FIXED
3.11.3

People

(Reporter: nelson, Assigned: nelson)

Details

Attachments

(1 file, 1 obsolete file)

An SSL Certificate Request message includes a list of DER-encoded CA names,
names exactly as they would appear in the "IssuerName" field of a certificate.
ssltap dumps these in hex.  It should convert them to ASCII string form names
and print those.  The NSS function CERT_DerNameToAscii exists for this purpose.
QA Contact: bishakhabanerjee → jason.m.reid
Assignee: wtchang → nobody
QA Contact: jason.m.reid → tools
Attached patch patch v1 (obsolete) — Splinter Review
First stab.

Unfotrunately, to use the function that turns a DER Distinguished Name 
into an Ascii string, NSS must be initialized.  So I added calls to 
NSS_NoDB_Init and NSS_Shutdown.  I have the deja-vu feeling that we've
done this before, and repented of it before.  :(
Assignee: nobody → nelson
Status: NEW → ASSIGNED
Steve, I'd like your advice on whether or not it is advisable
to add that NSS_NoDB_Init call to ssltap again, or not.
Also, a review would be nice. :)
Attachment #218935 - Attachment is obsolete: true
Attachment #218937 - Flags: review?(sparkins)
I see that code for message type 0 is also missing.  
I'd propose to handle it with a one-line case, as I did for case 14.
Priority: -- → P2
Target Milestone: --- → 3.11.1
Attachment #218937 - Flags: review?(alexei.volkov.bugs)
Attachment #218937 - Flags: review?(alexei.volkov.bugs) → review+
Checked in on trunk.
Checking in cmd/ssltap/ssltap.c; new revision: 1.9; previous revision: 1.8
Attachment #218937 - Flags: review?(sparkins)
r=sparkins@redhat.com

Apologies for missing this - my bugmail was getting filtered into somewhere
I don't normally look.

About NSS_NoDBInit - Initially, ssltap didn't have any dependencies on the NSS libraries, so there were no calls into NSS itself.  However, that is no longer the case. So, if you need to initialize NSS, go right ahead.
Back ported to NSS 3.11 branch for NSS 3.11.3
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Target Milestone: 3.11.1 → 3.11.3
You need to log in before you can comment on or make changes to this bug.