Manual port of ed8edcac2da6f1db

author Alan T. DeKok <aland@freeradius.org>

Thu, 9 Feb 2012 12:29:09 +0000 (13:29 +0100)

committer Alan T. DeKok <aland@freeradius.org>

Thu, 9 Feb 2012 12:29:09 +0000 (13:29 +0100)
author Alan T. DeKok <aland@freeradius.org>
Thu, 9 Feb 2012 12:29:09 +0000 (13:29 +0100)
committer Alan T. DeKok <aland@freeradius.org>
Thu, 9 Feb 2012 12:29:09 +0000 (13:29 +0100)
diff --git a/src/main/tls.c b/src/main/tls.c

index cf29dd1054921b8b93ffc88a10306df1f2fca262..92dae94945ad39b5462bb7f69e695af78d1448e8 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -1405,12 +1405,12 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
         }
  
         /*
-        *      Get the Common Name
+        *      Get the Common Name, if there is a subject.
          */
         X509_NAME_get_text_by_NID(X509_get_subject_name(client_cert),
                                   NID_commonName, common_name, sizeof(common_name));
         common_name[sizeof(common_name) - 1] = '\0';
-       if (identity && (lookup <= 1) && common_name[0] &&
+       if (identity && (lookup <= 1) && common_name[0] && subject[0] &&
             (strlen(common_name) < MAX_STRING_LEN)) {
                 pairadd(certs,
                         pairmake(cert_attr_names[FR_TLS_CN][lookup], common_name, T_OP_SET));
author	Alan T. DeKok <aland@freeradius.org>
	Thu, 9 Feb 2012 12:29:09 +0000 (13:29 +0100)
committer	Alan T. DeKok <aland@freeradius.org>
	Thu, 9 Feb 2012 12:29:09 +0000 (13:29 +0100)