cURL / Mailing Lists / curl-library / Single Mail

curl-library

Potential problem with the new pinned public key feature

From: Patrick Monnerat <Patrick.Monnerat_at_datasphere.ch>
Date: Wed, 8 Oct 2014 14:39:43 +0200

I haven't experienced it, but by reading the new code, this will fail if
the given DER key contains a null byte: DER format is binary and
setstropt() works on null-terminated string.
IMHO, it would be preferable to use PEM format: no length to give and
real text data, although SSL backends may have to convert to DER.
 
Cheers,
Patrick

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-10-08