@@ -632,24 +632,32 @@ static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)

 }

-static int get_sn(str* res, int* ires, int local, sip_msg_t* msg)

+static int get_sn(str* res, int local, sip_msg_t* msg)

 {

-	static char buf[INT2STR_MAX_LEN];

+	static char buf[80]; // > log(2^256,10)

 	X509* cert;

 	struct tcp_connection* c;

-	char* sn;

-	int num;

+	char* sn = NULL;

+	WOLFSSL_BIGNUM* bn = NULL;

 	if (get_cert(&cert, &c, msg, local) < 0) return -1;

-	num = ASN1_INTEGER_get(X509_get_serialNumber(cert));

-	sn = int2str(num, &res->len);

+	if(!(bn = wolfSSL_BN_new())) goto error;

+	if (!wolfSSL_ASN1_INTEGER_to_BN(X509_get_serialNumber(cert), bn)) goto error;

+	if (!(sn = wolfSSL_BN_bn2dec(bn)) || strlen(sn) > 80) goto error;

+	res->len = strlen(sn);

 	memcpy(buf, sn, res->len);

 	res->s = buf;

-	if (ires) *ires = num;

+

 	if (!local) X509_free(cert);

 	tcpconn_put(c);

+	wolfSSL_OPENSSL_free(sn);

+	wolfSSL_BN_free(bn);

 	return 0;

+ error:

+	if (sn) wolfSSL_OPENSSL_free(sn);

+	if (bn) wolfSSL_BN_free(bn);

+	return -1;

 }

 static int sel_sn(str* res, select_t* s, sip_msg_t* msg)

@@ -664,7 +672,7 @@ static int sel_sn(str* res, select_t* s, sip_msg_t* msg)

 		return -1;

 	}

-	return get_sn(res, NULL, local, msg);

+	return get_sn(res, local, msg);

 }

@@ -681,11 +689,11 @@ static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)

 		return pv_get_null(msg, param, res);

 	}

-	if (get_sn(&res->rs, &res->ri, local, msg) < 0) {

+	if (get_sn(&res->rs, local, msg) < 0) {

 		return pv_get_null(msg, param, res);

 	}

-	res->flags = PV_VAL_STR | PV_VAL_INT;

+	res->flags = PV_VAL_STR;

 	return 0;

 }