Tho85/ssltool.patch

## ssltool.patch
From dfa54b947815fdf1ba957c64bb4e489d041bbf3e Mon Sep 17 00:00:00 2001
From: Thomas Hollstegge <thomas.hollstegge@gmail.com>
Date: Mon, 2 Sep 2013 18:07:47 +0200
Subject: [PATCH 1/2] Check all CNs when testing for domain name

---
 lib/ssltool/certificate.rb |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/ssltool/certificate.rb b/lib/ssltool/certificate.rb
index cbea63a..a8d1ef9 100644
--- a/lib/ssltool/certificate.rb
+++ b/lib/ssltool/certificate.rb
@@ -53,12 +53,16 @@ module SSLTool
       @fingerprint ||= Digest::SHA1.hexdigest(to_der)
     end

+    def common_names
+      subject.to_a.select { |k, _, _| k == "CN" }.map { |_, v, _| v }
+    end
+
     def common_name
       k, v, t = subject.to_a.find { |k, v, t| k == "CN" }; v
     end

     def for_domain_name?
-      common_name =~ RX_DOMAIN_NAME
+      common_names.find { |cn| cn =~ RX_DOMAIN_NAME }
     end

     def domain_names
--
1.7.9.5


From d15e3b3a1e1e8eb254ee28fd866f9484fd168771 Mon Sep 17 00:00:00 2001
From: Thomas Hollstegge <thomas.hollstegge@zweitag.de>
Date: Tue, 3 Sep 2013 11:05:46 +0200
Subject: [PATCH 2/2] Include subject alternative names when checking for
 domain name

---
 lib/ssltool/certificate.rb |    8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/ssltool/certificate.rb b/lib/ssltool/certificate.rb
index a8d1ef9..073e49e 100644
--- a/lib/ssltool/certificate.rb
+++ b/lib/ssltool/certificate.rb
@@ -61,12 +61,16 @@ module SSLTool
       k, v, t = subject.to_a.find { |k, v, t| k == "CN" }; v
     end

+    def domain_common_names
+      common_names.select { |cn| cn =~ RX_DOMAIN_NAME }
+    end
+
     def for_domain_name?
-      common_names.find { |cn| cn =~ RX_DOMAIN_NAME }
+      !domain_names.empty?
     end

     def domain_names
-      [ (common_name if for_domain_name?),
+      [ domain_common_names,
         map_extension_value('subjectAltName') { |s| s.scan(/\bDNS:([^\s,]+)/) },
       ].flatten.compact.sort.uniq
     end
--
1.7.9.5
	From dfa54b947815fdf1ba957c64bb4e489d041bbf3e Mon Sep 17 00:00:00 2001
	From: Thomas Hollstegge <thomas.hollstegge@gmail.com>
	Date: Mon, 2 Sep 2013 18:07:47 +0200
	Subject: [PATCH 1/2] Check all CNs when testing for domain name

	---
	lib/ssltool/certificate.rb \| 6 +++++-
	1 file changed, 5 insertions(+), 1 deletion(-)

	diff --git a/lib/ssltool/certificate.rb b/lib/ssltool/certificate.rb
	index cbea63a..a8d1ef9 100644
	--- a/lib/ssltool/certificate.rb
	+++ b/lib/ssltool/certificate.rb
	@@ -53,12 +53,16 @@ module SSLTool
	@fingerprint \|\|= Digest::SHA1.hexdigest(to_der)
	end

	+ def common_names
	+ subject.to_a.select { \|k, _, _\| k == "CN" }.map { \|_, v, _\| v }
	+ end
	+
	def common_name
	k, v, t = subject.to_a.find { \|k, v, t\| k == "CN" }; v
	end

	def for_domain_name?
	- common_name =~ RX_DOMAIN_NAME
	+ common_names.find { \|cn\| cn =~ RX_DOMAIN_NAME }
	end

	def domain_names
	--
	1.7.9.5


	From d15e3b3a1e1e8eb254ee28fd866f9484fd168771 Mon Sep 17 00:00:00 2001
	From: Thomas Hollstegge <thomas.hollstegge@zweitag.de>
	Date: Tue, 3 Sep 2013 11:05:46 +0200
	Subject: [PATCH 2/2] Include subject alternative names when checking for
	domain name

	---
	lib/ssltool/certificate.rb \| 8 ++++++--
	1 file changed, 6 insertions(+), 2 deletions(-)

	diff --git a/lib/ssltool/certificate.rb b/lib/ssltool/certificate.rb
	index a8d1ef9..073e49e 100644
	--- a/lib/ssltool/certificate.rb
	+++ b/lib/ssltool/certificate.rb
	@@ -61,12 +61,16 @@ module SSLTool
	k, v, t = subject.to_a.find { \|k, v, t\| k == "CN" }; v
	end

	+ def domain_common_names
	+ common_names.select { \|cn\| cn =~ RX_DOMAIN_NAME }
	+ end
	+
	def for_domain_name?
	- common_names.find { \|cn\| cn =~ RX_DOMAIN_NAME }
	+ !domain_names.empty?
	end

	def domain_names
	- [ (common_name if for_domain_name?),
	+ [ domain_common_names,
	map_extension_value('subjectAltName') { \|s\| s.scan(/\bDNS:([^\s,]+)/) },
	].flatten.compact.sort.uniq
	end
	--
	1.7.9.5