Use "CN" correctly as dns or as real name.

author Felix Dörre <felix@dogcraft.de>

Fri, 15 Aug 2014 19:40:10 +0000 (21:40 +0200)

committer Felix Dörre <felix@dogcraft.de>

Fri, 15 Aug 2014 19:40:10 +0000 (21:40 +0200)
author Felix Dörre <felix@dogcraft.de>
Fri, 15 Aug 2014 19:40:10 +0000 (21:40 +0200)
committer Felix Dörre <felix@dogcraft.de>
Fri, 15 Aug 2014 19:40:10 +0000 (21:40 +0200)
diff --git a/src/org/cacert/gigi/pages/account/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/CertificateIssueForm.java

index decda34dfc074f417b8d84df63dd007e5816886e..936ced84f52ad8e98576428bce73c85a54ca9fcc 100644 (file)
--- a/src/org/cacert/gigi/pages/account/CertificateIssueForm.java
+++ b/src/org/cacert/gigi/pages/account/CertificateIssueForm.java
@@ -51,6 +51,7 @@ import sun.security.x509.Extension;
  import sun.security.x509.GeneralName;
  import sun.security.x509.GeneralNameInterface;
  import sun.security.x509.GeneralNames;
  import sun.security.x509.GeneralName;
  import sun.security.x509.GeneralNameInterface;
  import sun.security.x509.GeneralNames;
+import sun.security.x509.PKIXExtensions;
  import sun.security.x509.RDN;
  import sun.security.x509.RFC822Name;
  import sun.security.x509.SubjectAlternativeNameExtension;
  import sun.security.x509.RDN;
  import sun.security.x509.RFC822Name;
  import sun.security.x509.SubjectAlternativeNameExtension;
@@ -121,7 +122,14 @@ public class CertificateIssueForm extends Form {
                                  if (a.getObjectIdentifier().equals((Object) PKCS9Attribute.EMAIL_ADDRESS_OID)) {
                                      SANs.add(new SubjectAlternateName(SANType.EMAIL, a.getValueString()));
                                  } else if (a.getObjectIdentifier().equals((Object) X500Name.commonName_oid)) {
                                  if (a.getObjectIdentifier().equals((Object) PKCS9Attribute.EMAIL_ADDRESS_OID)) {
                                      SANs.add(new SubjectAlternateName(SANType.EMAIL, a.getValueString()));
                                  } else if (a.getObjectIdentifier().equals((Object) X500Name.commonName_oid)) {
-                                    CN = a.getValueString();
+                                    String value = a.getValueString();
+                                    if (value.contains(".") && !value.contains(" ")) {
+                                        SANs.add(new SubjectAlternateName(SANType.DNS, value));
+                                    } else {
+                                        CN = value;
+                                    }
+                                } else if (a.getObjectIdentifier().equals((Object) PKIXExtensions.SubjectAlternativeName_Id)) {
+                                    // parse invalid SANs
                                  }
                              }
                          }
                                  }
                              }
                          }
author	Felix Dörre <felix@dogcraft.de>
	Fri, 15 Aug 2014 19:40:10 +0000 (21:40 +0200)
committer	Felix Dörre <felix@dogcraft.de>
	Fri, 15 Aug 2014 19:40:10 +0000 (21:40 +0200)