diff options
Diffstat (limited to 'qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp')
-rw-r--r-- | qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp b/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp index a328e49c13..a721918f57 100644 --- a/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp +++ b/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp @@ -336,16 +336,19 @@ std::string SslSocket::getClientAuthId() const std::string authId; CERTCertificate* cert = SSL_PeerCertificate(nssSocket); if (cert) { - authId = CERT_GetCommonName(&(cert->subject)); - /* - * The NSS function CERT_GetDomainComponentName only returns - * the last component of the domain name, so we have to parse - * the subject manually to extract the full domain. - */ - std::string domain = getDomainFromSubject(cert->subjectName); - if (!domain.empty()) { - authId += DOMAIN_SEPARATOR; - authId += domain; + char *cn = CERT_GetCommonName(&(cert->subject)); + if (cn) { + authId = std::string(cn); + /* + * The NSS function CERT_GetDomainComponentName only returns + * the last component of the domain name, so we have to parse + * the subject manually to extract the full domain. + */ + std::string domain = getDomainFromSubject(cert->subjectName); + if (!domain.empty()) { + authId += DOMAIN_SEPARATOR; + authId += domain; + } } CERT_DestroyCertificate(cert); } |