Select subjectAltName address family using address length in x509 plugin
authorMartin Willi <martin@revosec.ch>
Thu, 24 Jun 2010 09:59:20 +0000 (11:59 +0200)
committerMartin Willi <martin@revosec.ch>
Thu, 24 Jun 2010 10:01:18 +0000 (12:01 +0200)
src/libstrongswan/plugins/x509/x509_cert.c

index 7b362b9..8a164f1 100644 (file)
@@ -366,7 +366,17 @@ static identification_t *parse_generalName(chunk_t blob, int level0)
                                id_type = ID_DER_ASN1_DN;
                                break;
                        case GN_OBJ_IP_ADDRESS:
-                               id_type = ID_IPV4_ADDR;
+                               switch (object.len)
+                               {
+                                       case 4:
+                                               id_type = ID_IPV4_ADDR;
+                                               break;
+                                       case 16:
+                                               id_type = ID_IPV6_ADDR;
+                                               break;
+                                       default:
+                                               break;
+                               }
                                break;
                        case GN_OBJ_OTHER_NAME:
                                if (!parse_otherName(object, parser->get_level(parser)+1))