report(stdout, GT_("Unknown Issuer CommonName\n"));
}
if ((i = X509_NAME_get_text_by_NID(subj, NID_commonName, buf, sizeof(buf))) != -1) {
- if (outlevel >= O_VERBOSE)
+ if (outlevel >= O_VERBOSE) {
report(stdout, GT_("Server CommonName: %s\n"), (tt = sdump(buf, i)));
- xfree(tt);
+ xfree(tt);
+ }
if ((size_t)i >= sizeof(buf) - 1) {
/* Possible truncation. In this case, this is a DNS name, so this
* is really bad. We do not tolerate this even in the non-strict case. */
if (gn->type == GEN_DNS) {
char *p1 = (char *)gn->d.ia5->data;
char *p2 = _ssl_server_cname;
+ if (outlevel >= O_VERBOSE) {
+ report(stdout, GT_("Subject Alternative Name: %s\n"), (tt = sdump(p1, (size_t)gn->d.ia5->length)));
+ xfree(tt);
+ }
/* Name contains embedded NUL characters, so we complain. This
* is likely a certificate spoofing attack. */
if ((size_t)gn->d.ia5->length != strlen(p1)) {
sk_GENERAL_NAME_free(gens);
return 0;
}
- if (outlevel >= O_VERBOSE) {
- report(stdout, GT_("Subject Alternative Name: %s\n"), (tt = sdump(p1, (size_t)gn->d.ia5->length)));
- xfree(tt);
- }
if (*p1 == '*') {
++p1;
n = strlen(p2) - strlen(p1);