From 9593b57ca34ddfc03001fff473c31ee325033772 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Thu, 11 Jun 2015 17:43:49 +0200 Subject: [PATCH] identification: Use UTF8String instead of the legacy T61String to encode DNs When strings in RDNs contain characters outside the character set for PrintableString use UTF8String as the passed string is most likely in that encoding (RFC 5280 actually recommends to use only those two string types). --- src/libstrongswan/utils/identification.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c index cd3f1ce176..7c8a4bb79a 100644 --- a/src/libstrongswan/utils/identification.c +++ b/src/libstrongswan/utils/identification.c @@ -478,7 +478,7 @@ static status_t atodn(char *src, chunk_t *dn) name.len -= whitespace; rdn_type = (x501rdns[i].type == ASN1_PRINTABLESTRING && !asn1_is_printablestring(name)) - ? ASN1_T61STRING : x501rdns[i].type; + ? ASN1_UTF8STRING : x501rdns[i].type; if (rdn_count < RDN_MAX) { -- 2.47.2