MDEV-7859 SSL hostname verification fails for long subject names

Don't use a fixed buffer for X509_NAME_oneline() in the client.
Do as the server does - allocate it dynamically.

For a test - regenerate certificates to have the server cert with
a long subject.

1 files changed, 10 insertions, 2 deletions

diff --git a/sql-common/client.c b/sql-common/client.c
index 7117c12e529..ac372a437ba 100644
--- a/sql-common/client.c
+++ b/sql-common/client.c
@@ -1885,7 +1885,7 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
   SSL *ssl;
   X509 *server_cert;
   char *cp1, *cp2;
-  char buf[256];
+  char *buf;
   DBUG_ENTER("ssl_verify_server_cert");
   DBUG_PRINT("enter", ("server_hostname: %s", server_hostname));
 
@@ -1919,9 +1919,15 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
     are what we expect.
   */
 
-  X509_NAME_oneline(X509_get_subject_name(server_cert), buf, sizeof(buf));
+  buf= X509_NAME_oneline(X509_get_subject_name(server_cert), 0, 0);
   X509_free (server_cert);
 
+  if (!buf)
+  {
+    *errptr= "Out of memory";
+    DBUG_RETURN(1);
+  }
+
   DBUG_PRINT("info", ("hostname in cert: %s", buf));
   cp1= strstr(buf, "/CN=");
   if (cp1)
@@ -1934,11 +1940,13 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
     DBUG_PRINT("info", ("Server hostname in cert: %s", cp1));
     if (!strcmp(cp1, server_hostname))
     {
+      free(buf);
       /* Success */
       DBUG_RETURN(0);
     }
   }
   *errptr= "SSL certificate validation failure";
+  free(buf);
   DBUG_RETURN(1);
 }