dirkx/gist:636f0ed0efa790806116f2f10bd701bd

## gistfile1.txt
#ifdef DO_SSL
static int check_tcptls_cert_name(ASN1_STRING *cert_str, const char *hostname, const char *desc)
{
        unsigned char *str; char *dot;
        int ret;

        ret = ASN1_STRING_to_UTF8(&str, cert_str);
        if (ret < 0 || !str) {
                return -1;
        }

        if (strlen((char *) str) != ret) {
                ast_log(LOG_WARNING, "Invalid certificate %s length (contains NULL bytes?)\n", desc);

                ret = -1;
        } else if (!strcasecmp(hostname, (char *) str)) {
                ret = 0;
        // not very safe/comprehensive/tested
        } else if ((str[0] == '*') && (dot = index(hostname,'.')) && (!strcasecmp(dot, (char *) str+1))) {
                ast_log(LOG_WARNING, "Matching %s on wildcard %s\n", hostname, str);
                ret = 0;
        } else {
                ret = -1;
        }

        ast_debug(3, "SSL %s compare s1='%s' s2='%s'\n", desc, hostname, str);
        OPENSSL_free(str);

        return ret;
}
	#ifdef DO_SSL
	static int check_tcptls_cert_name(ASN1_STRING cert_str, const char hostname, const char *desc)
	{
	unsigned char str; char dot;
	int ret;

	ret = ASN1_STRING_to_UTF8(&str, cert_str);
	if (ret < 0 \|\| !str) {
	return -1;
	}

	if (strlen((char *) str) != ret) {
	ast_log(LOG_WARNING, "Invalid certificate %s length (contains NULL bytes?)\n", desc);

	ret = -1;
	} else if (!strcasecmp(hostname, (char *) str)) {
	ret = 0;
	// not very safe/comprehensive/tested
	} else if ((str[0] == '') && (dot = index(hostname,'.')) && (!strcasecmp(dot, (char ) str+1))) {
	ast_log(LOG_WARNING, "Matching %s on wildcard %s\n", hostname, str);
	ret = 0;
	} else {
	ret = -1;
	}

	ast_debug(3, "SSL %s compare s1='%s' s2='%s'\n", desc, hostname, str);
	OPENSSL_free(str);

	return ret;
	}