From: Martin Willi <martin@revosec.ch>
Date: Thu, 24 Jun 2010 10:00:56 +0000 (+0200)
Subject: Select subjectAltName address family using address length in openssl plugin
X-Git-Tag: 4.4.1~140
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=07c5aacce854899adafe66f4c8e51a376045abca;p=thirdparty%2Fstrongswan.git

Select subjectAltName address family using address length in openssl plugin
---

diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c
index 05b3c63ecb..93264e76c9 100644
--- a/src/libstrongswan/plugins/openssl/openssl_x509.c
+++ b/src/libstrongswan/plugins/openssl/openssl_x509.c
@@ -173,8 +173,18 @@ static identification_t *general_name2id(GENERAL_NAME *name)
 			return identification_create_from_encoding(ID_DER_ASN1_GN_URI,
 					openssl_asn1_str2chunk(name->d.uniformResourceIdentifier));
 		case GEN_IPADD:
-			return identification_create_from_encoding(ID_IPV4_ADDR,
-					openssl_asn1_str2chunk(name->d.iPAddress));
+		{
+			chunk_t chunk = openssl_asn1_str2chunk(name->d.iPAddress);
+			if (chunk.len == 4)
+			{
+				return identification_create_from_encoding(ID_IPV4_ADDR, chunk);
+			}
+			if (chunk.len == 16)
+			{
+				return identification_create_from_encoding(ID_IPV6_ADDR, chunk);
+			}
+			return NULL;
+		}
 		case GEN_DIRNAME :
 			return openssl_x509_name2id(name->d.directoryName);
 		default: