Search from the beginning for altname. Closes #1946

author Alan T. DeKok <aland@freeradius.org>

Mon, 20 Mar 2017 15:24:11 +0000 (11:24 -0400)

committer Alan T. DeKok <aland@freeradius.org>

Mon, 20 Mar 2017 15:24:11 +0000 (11:24 -0400)
author Alan T. DeKok <aland@freeradius.org>
Mon, 20 Mar 2017 15:24:11 +0000 (11:24 -0400)
committer Alan T. DeKok <aland@freeradius.org>
Mon, 20 Mar 2017 15:24:11 +0000 (11:24 -0400)
diff --git a/src/main/tls.c b/src/main/tls.c

index f6c210c..820f27f 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -2149,7 +2149,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
         /*
          *      Get the RFC822 Subject Alternative Name
          */
-       loc = X509_get_ext_by_NID(client_cert, NID_subject_alt_name, 0);
+       loc = X509_get_ext_by_NID(client_cert, NID_subject_alt_name, -1);
         if (certs && (lookup <= 1) && (loc >= 0)) {
                 X509_EXTENSION *ext = NULL;
                 GENERAL_NAMES *names = NULL;
author	Alan T. DeKok <aland@freeradius.org>
	Mon, 20 Mar 2017 15:24:11 +0000 (11:24 -0400)
committer	Alan T. DeKok <aland@freeradius.org>
	Mon, 20 Mar 2017 15:24:11 +0000 (11:24 -0400)