OCSP: in several cases OID value sizes contain null terminated byte
The APIs in
lib/x509/ocsp*.c rely on several cases on the fact that
_gnutls_x509_read_value will incorrectly include the null terminated byte into the size for object identifier strings. This is sometimes reflected to exported APIs and thus a fix in the handling of the original function cannot happen without changing assumptions by user programs. The functions that are affected are:
I recommend to fix that deficiency in
_gnutls_x509_read_value (see attached patch) in a minor release update (3.7.0), and document the change on the affected functions.