From 07c5aacce854899adafe66f4c8e51a376045abca Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 24 Jun 2010 12:00:56 +0200
Subject: [PATCH] Select subjectAltName address family using address length in
 openssl plugin

---
 src/libstrongswan/plugins/openssl/openssl_x509.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c
index 05b3c63ecb..93264e76c9 100644
--- a/src/libstrongswan/plugins/openssl/openssl_x509.c
+++ b/src/libstrongswan/plugins/openssl/openssl_x509.c
@@ -173,8 +173,18 @@ static identification_t *general_name2id(GENERAL_NAME *name)
 			return identification_create_from_encoding(ID_DER_ASN1_GN_URI,
 					openssl_asn1_str2chunk(name->d.uniformResourceIdentifier));
 		case GEN_IPADD:
-			return identification_create_from_encoding(ID_IPV4_ADDR,
-					openssl_asn1_str2chunk(name->d.iPAddress));
+		{
+			chunk_t chunk = openssl_asn1_str2chunk(name->d.iPAddress);
+			if (chunk.len == 4)
+			{
+				return identification_create_from_encoding(ID_IPV4_ADDR, chunk);
+			}
+			if (chunk.len == 16)
+			{
+				return identification_create_from_encoding(ID_IPV6_ADDR, chunk);
+			}
+			return NULL;
+		}
 		case GEN_DIRNAME :
 			return openssl_x509_name2id(name->d.directoryName);
 		default:
-- 
2.47.3