From b542dce430d408ed1f7457a26caa1d4bfc7339c4 Mon Sep 17 00:00:00 2001
From: cinap_lenrek <cinap_lenrek@felloff.net>
Date: Thu, 8 Jul 2021 20:20:09 +0000
Subject: [PATCH] libsec: take just the CN part of Distinguished Name in
 subjectAltName

---
 sys/src/libsec/port/x509.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/sys/src/libsec/port/x509.c b/sys/src/libsec/port/x509.c
index 789bdc4ff..91f79bbae 100644
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -1906,7 +1906,8 @@ decode_cert(uchar *buf, int len)
  	el = el->tl;
  	epubkey = &el->hd;
 	if(el->tl != nil
-	&& el->tl->hd.tag.class == Context && el->tl->hd.tag.num == 3
+	&& el->tl->hd.tag.class == Context
+	&& el->tl->hd.tag.num == 3
 	&& el->tl->hd.val.tag == VOctets){
 		c->ext = el->tl->hd.val.u.octetsval;
 		el->tl->hd.val.u.octetsval = nil;	/* transfer ownership */
@@ -2700,7 +2701,7 @@ appendaltnames(char *name, int nname, Bytes *ext, int isreq)
 	Elem eext, ealt, edn;
 	Elist *el, *l;
 	Ints *oid;
-	char *alt;
+	char *alt, *e;
 	int len;
 
 	if(name == nil || ext == nil)
@@ -2758,6 +2759,9 @@ appendaltnames(char *name, int nname, Bytes *ext, int isreq)
 		}
 		if(alt == nil)
 			goto erralt;
+		/* take just CN part of Distinguished Name */
+		if((e = strchr(alt, ',')) != nil)
+			*e = '\0';
 		len = strlen(alt);
 		if(strncmp(name, alt, len) == 0 && strchr(",", name[len]) != nil){
 			free(alt);	/* same as the subject */