From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Sat, 3 Mar 2012 06:30:56 +0000 (+0200)
Subject: polish a little the latest "ssl_crtd crashes on long domain names" patch
X-Git-Tag: BumpSslServerFirst.take06~4
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0d57adf9ab677a0ebcac87c41631036b6f5444b6;p=thirdparty%2Fsquid.git

polish a little the latest "ssl_crtd crashes on long domain names" patch
---

diff --git a/src/ssl/gadgets.cc b/src/ssl/gadgets.cc
index 4d23f87d3d..01c6352c67 100644
--- a/src/ssl/gadgets.cc
+++ b/src/ssl/gadgets.cc
@@ -229,8 +229,8 @@ static bool buildCertificate(Ssl::X509_Pointer & cert, Ssl::CertificatePropertie
     // not an Ssl::X509_NAME_Pointer because X509_REQ_get_subject_name()
     // returns a pointer to the existing subject name. Nothing to clean here.
     if (properties.mimicCert.get()) {
-        X509_NAME *name = X509_get_subject_name(properties.mimicCert.get());
-        if (name) {
+        // Leave subject empty if we cannot extract it from true cert.
+        if (X509_NAME *name = X509_get_subject_name(properties.mimicCert.get())) {
             // X509_set_subject_name will call X509_dup for name 
             X509_set_subject_name(cert.get(), name);
         }