Import LibreSSL 4.1.0

1 files changed, 13 insertions, 1 deletions

diff --git a/tls_conninfo.c b/tls_conninfo.c
index bf52517..8fb56c9 100644
--- a/tls_conninfo.c
+++ b/tls_conninfo.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_conninfo.c,v 1.27 2024/03/26 06:31:22 jsing Exp $ */
+/* $OpenBSD: tls_conninfo.c,v 1.28 2024/12/10 08:40:30 tb Exp $ */
 /*
  * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
@@ -119,6 +119,14 @@ tls_get_peer_cert_subject(struct tls *ctx, char **subject)
 }
 
 static int
+tls_get_peer_cert_common_name(struct tls *ctx, char **common_name)
+{
+	if (ctx->ssl_peer_cert == NULL)
+		return (-1);
+	return tls_get_common_name(ctx, ctx->ssl_peer_cert, NULL, common_name);
+}
+
+static int
 tls_get_peer_cert_times(struct tls *ctx, time_t *notbefore,
     time_t *notafter)
 {
@@ -158,6 +166,9 @@ tls_get_peer_cert_info(struct tls *ctx)
 		goto err;
 	if (tls_get_peer_cert_issuer(ctx, &ctx->conninfo->issuer) == -1)
 		goto err;
+	if (tls_get_peer_cert_common_name(ctx,
+	    &ctx->conninfo->common_name) == -1)
+		goto err;
 	if (tls_get_peer_cert_times(ctx, &ctx->conninfo->notbefore,
 	    &ctx->conninfo->notafter) == -1)
 		goto err;
@@ -298,6 +309,7 @@ tls_conninfo_free(struct tls_conninfo *conninfo)
 	free(conninfo->servername);
 	free(conninfo->version);
 
+	free(conninfo->common_name);
 	free(conninfo->hash);
 	free(conninfo->issuer);
 	free(conninfo->subject);