git commit: https://issues.apache.org/jira/browse/AMQCPP-530

Thu, 16 Jan 2014 11:40:33 -0800 

Updated Branches:
  refs/heads/trunk 15cb77921 -> 854482bf3


https://issues.apache.org/jira/browse/AMQCPP-530

Search all common name entries for the matching host name field. 

Project: http://git-wip-us.apache.org/repos/asf/activemq-cpp/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-cpp/commit/854482bf
Tree: http://git-wip-us.apache.org/repos/asf/activemq-cpp/tree/854482bf
Diff: http://git-wip-us.apache.org/repos/asf/activemq-cpp/diff/854482bf

Branch: refs/heads/trunk
Commit: 854482bf3c930e0bbc9d35bbee72d4598639f8d1
Parents: 15cb779
Author: Timothy Bish <[email protected]>
Authored: Thu Jan 16 14:39:35 2014 -0500
Committer: Timothy Bish <[email protected]>
Committed: Thu Jan 16 14:39:35 2014 -0500

----------------------------------------------------------------------
 .../internal/net/ssl/openssl/OpenSSLSocket.cpp  | 22 +++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-cpp/blob/854482bf/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
----------------------------------------------------------------------
diff --git 
a/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp 
b/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
index e52f8e3..aedd2d4 100644
--- a/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
+++ b/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
@@ -684,13 +684,21 @@ void OpenSSLSocket::verifyServerCert(const std::string& 
serverName) {
     }
 
     X509_NAME* subject = X509_get_subject_name(cert);
-    char buffer[256];
-
-    if (subject != NULL && X509_NAME_get_text_by_NID(subject, NID_commonName, 
buffer, 256) > 0) {
-        buffer[255] = 0;
-        if (StringUtils::compare(buffer, serverName.c_str()) == 0) {
-            return;
-        }
+    X509_NAME_ENTRY *entry;
+    int lastpos = -1;
+
+    if (subject != NULL) {
+       for (;;) {
+           lastpos = X509_NAME_get_index_by_NID(subject, NID_commonName, 
lastpos);
+           if (lastpos == -1) {
+               break;
+           }
+           entry = X509_NAME_get_entry(subject, lastpos);
+           const char * entryText = (const char *) 
ASN1_STRING_data(X509_NAME_ENTRY_get_data(entry));
+            if (StringUtils::compare(entryText , serverName.c_str()) == 0) {
+                return;
+            }
+       }
     }
 
     // We got here so no match to serverName in the Certificate

Reply via email to