if ( ret >= 0 ) {
ret = LDAP_SUCCESS;
} else {
- altnamesize = sizeof(altname);
- ret = gnutls_x509_crt_get_dn_by_oid( cert, CN_OID,
- 0, 0, altname, &altnamesize );
+ /* find the last CN */
+ i=0;
+ do {
+ altnamesize = 0;
+ ret = gnutls_x509_crt_get_dn_by_oid( cert, CN_OID,
+ i, 1, altname, &altnamesize );
+ if ( ret == GNUTLS_E_SHORT_MEMORY_BUFFER )
+ i++;
+ else
+ break;
+ } while ( 1 );
+
+ if ( i ) {
+ altnamesize = sizeof(altname);
+ ret = gnutls_x509_crt_get_dn_by_oid( cert, CN_OID,
+ i-1, 0, altname, &altnamesize );
+ }
+
if ( ret < 0 ) {
Debug( LDAP_DEBUG_ANY,
"TLS: unable to get common name from peer certificate.\n",