- memset(buf,0,sizeof(buf));
- if (X509_NAME_get_text_by_NID(subject,NID_commonName,buf,255)>0) {
+
+ // Fetch the last CN RDN.
+ char* peer_CN = NULL;\r
+ int j,i = -1;\r
+ while ((j=X509_NAME_get_index_by_NID(subject, NID_commonName, i)) >= 0)\r
+ i = j;\r
+ if (i >= 0) {\r
+ ASN1_STRING* tmp = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(subject, i));\r
+ // Copied in from libcurl.\r
+ /* In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input\r
+ is already UTF-8 encoded. We check for this case and copy the raw\r
+ string manually to avoid the problem. */\r
+ if(tmp && ASN1_STRING_type(tmp) == V_ASN1_UTF8STRING) {\r
+ j = ASN1_STRING_length(tmp);\r
+ if(j >= 0) {\r
+ peer_CN = (char*)OPENSSL_malloc(j + 1);\r
+ memcpy(peer_CN, ASN1_STRING_data(tmp), j);\r
+ peer_CN[j] = '\0';\r
+ }\r
+ }\r
+ else /* not a UTF8 name */ {\r
+ j = ASN1_STRING_to_UTF8(reinterpret_cast<unsigned char**>(&peer_CN), tmp);\r
+ }\r
+\r