ITS#7051 fix GNUtls cert dn parse

diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
index 5a5cf658ed1ffdf5e7b13cdb0346f7b7297cf05f..17aca4c359a4b6214df6978beb3da1792e6db476 100644 (file)
--- a/libraries/libldap/tls_g.c
+++ b/libraries/libldap/tls_g.c
@@ -530,9 +530,11 @@ tlsg_x509_cert_dn( struct berval *cert, struct berval *dn, int get_subject )
        ber_init2( ber, cert, LBER_USE_DER );
        tag = ber_skip_tag( ber, &len );        /* Sequence */
        tag = ber_skip_tag( ber, &len );        /* Sequence */
-       tag = ber_skip_tag( ber, &len );        /* Context + Constructed (version) */
-       if ( tag == 0xa0 )      /* Version is optional */
+       tag = ber_peek_tag( ber, &len );        /* Context + Constructed (version) */
+       if ( tag == 0xa0 ) {    /* Version is optional */
+               tag = ber_skip_tag( ber, &len );
                tag = ber_get_int( ber, &i );   /* Int: Version */
+       }
        tag = ber_skip_tag( ber, &len );        /* Int: Serial (can be longer than ber_int_t) */
        ber_skip_data( ber, len );
        tag = ber_skip_tag( ber, &len );        /* Sequence: Signature */