The subject of a certificate is not optional

A certificate must have a subject, so X509_get_subject_name() cannot
return NULL on a correctly parsed certificate, even if the subject is
empty (which is allowed). So if X509_get_subject_name() returns NULL,
error instead of silently ignoring it in tls_check_common_name().

This is currently no issue. Where it matters, the match against the
common name will fail later, so we fail closed anyway.

ok jsing

0 files changed, 0 insertions, 0 deletions