From: Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>
Date: Fri, 28 Jul 2023 16:40:45 +0000 (+0000)
Subject: Pull request #3934: ssl: remove wildcard character from common name string extracted... 
X-Git-Tag: 3.1.67.0~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=359e1e2ca6b95e8bcdd8b73923a0337e5aeaa1c5;p=thirdparty%2Fsnort3.git

Pull request #3934: ssl: remove wildcard character from common name string extracted from ssl certificate

Merge in SNORT/snort3 from ~SATHIRKA/snort3:cname_wildcard to master

Squashed commit of the following:

commit 0e8f3ab6fede768ff8acd8697ce9690082a9f417
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date:   Tue Jul 25 16:41:38 2023 -0400

    ssl: remove wildcard character from common name string extracted from ssl certificate
---

diff --git a/src/protocols/ssl.cc b/src/protocols/ssl.cc
index bc542ad70..837f38f40 100644
--- a/src/protocols/ssl.cc
+++ b/src/protocols/ssl.cc
@@ -738,11 +738,15 @@ bool parse_server_certificates(SSLV3ServerCertData* server_cert_data)
                 const unsigned char* str_data = ASN1_STRING_get0_data(X509_NAME_ENTRY_get_data(e));
                 int length = strlen((const char*)str_data);
 
+                bool wildcard = false;
+                if ((wildcard = (length > 2 and *str_data == '*' and *(str_data + 1) == '.')))
+                    length -= 2; // remove leading *.
+
                 common_name_len = length;
-                common_name = snort_strndup((const char*)str_data, common_name_len);
+                common_name = snort_strndup((const char*)(str_data + (wildcard ? 2 : 0)), common_name_len);
 
                 org_name_len = length;
-                org_name = snort_strndup((const char*)str_data, org_name_len);
+                org_name = snort_strndup((const char*)(str_data + (wildcard ? 2 : 0)), org_name_len);
             }
         }