diff options
| author | Rob Austein <sra@hactrn.net> | 2006-07-28 19:34:31 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2006-07-28 19:34:31 +0000 |
| commit | fcbafa805f980748d19405b92f9b56840966d2a0 (patch) | |
| tree | 1511bdcc776e2535b5c2c749f15a064a1f484bb3 /openssl/README | |
| parent | 47f1e9584aa62dee7cbf871fdf428a0dcc4c0cbe (diff) | |
Warnings on duplicates and overlaps?
svn path=/openssl/README; revision=111
Diffstat (limited to 'openssl/README')
| -rw-r--r-- | openssl/README | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/openssl/README b/openssl/README index 3cd9b629..c21feb57 100644 --- a/openssl/README +++ b/openssl/README @@ -1,4 +1,4 @@ -$Id$ +$Id$ -*- Text -*- OpenSSL hacked to add support for the RFC 3779 X.509 v3 extensions. @@ -218,3 +218,12 @@ Random reminders and notes to myself: necessary to use inet_ntop(), as we're mostly dealing with prefixes here and thus can probably get away with a simplified IPv6 printout routine that doesn't bother with "::" except at the end of a prefix. + +- Right now the library code silently merges duplicates and overlaps. + It might useful to emit warnings when we do this. Merging all takes + place when we're whacking the extension into canonical form, so it + should be easy to do this; the only hard part is figuring out + whether the application wants it, and, if so, where the application + wants it sent. This probably requires a global variable, either a + pointer to a BIO stream or a callback (probably the latter as it's + less likely to cause surprising results running multi-threaded). |