identification: Use UTF8String instead of the legacy T61String to encode DNs

When strings in RDNs contain characters outside the character set for
PrintableString use UTF8String as the passed string is most likely in
that encoding (RFC 5280 actually recommends to use only those two
string types).

diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index cd3f1ce176c2ccd207399e5efc173a83ed5b1608..7c8a4bb79a2229119eeeabde9d80b57b2b488380 100644 (file)
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -478,7 +478,7 @@ static status_t atodn(char *src, chunk_t *dn)
                                        name.len -= whitespace;
                                        rdn_type = (x501rdns[i].type == ASN1_PRINTABLESTRING
                                                                && !asn1_is_printablestring(name))
-                                                               ? ASN1_T61STRING : x501rdns[i].type;
+                                                               ? ASN1_UTF8STRING : x501rdns[i].type;
 
                                        if (rdn_count < RDN_MAX)
                                        {