From 5a74bd7bdb7ddc181ebaf456263c9706620a6f98 Mon Sep 17 00:00:00 2001
From: Christian Hofstaedtler <christian@hofstaedtler.name>
Date: Fri, 14 Feb 2014 15:25:48 +0100
Subject: [PATCH] Fix assertion abort when no CN is present in certificate

Triggered by Windows Server 2012 Admin-Mode with MS-recommended AD CA
Certificate setup, which would cause the CN to be absent, and a single
subjectAltName to be present.
---
 libfreerdp/crypto/tls.c | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c
index 4fe93ee94..cd78e2d99 100644
--- a/libfreerdp/crypto/tls.c
+++ b/libfreerdp/crypto/tls.c
@@ -865,8 +865,7 @@ void tls_print_certificate_name_mismatch_error(char* hostname, char* common_name
 	int index;
 
 	assert(NULL != hostname);
-	assert(NULL != common_name);
-	
+
 	fprintf(stderr, "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\n");
 	fprintf(stderr, "@           WARNING: CERTIFICATE NAME MISMATCH!           @\n");
 	fprintf(stderr, "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\n");
@@ -874,17 +873,14 @@ void tls_print_certificate_name_mismatch_error(char* hostname, char* common_name
 	fprintf(stderr, "does not match %s given in the certificate:\n", alt_names_count < 1 ? "the name" : "any of the names");
 	fprintf(stderr, "Common Name (CN):\n");
 	fprintf(stderr, "\t%s\n", common_name ? common_name : "no CN found in certificate");
-	if (alt_names_count > 1)
+	if (alt_names_count > 0)
 	{
 		assert(NULL != alt_names);
 		fprintf(stderr, "Alternative names:\n");
-		if (alt_names_count > 1)
+		for (index = 0; index < alt_names_count; index++)
 		{
-			for (index = 0; index < alt_names_count; index++)
-			{
-				assert(alt_names[index]);
-				fprintf(stderr, "\t %s\n", alt_names[index]);
-			}
+			assert(alt_names[index]);
+			fprintf(stderr, "\t %s\n", alt_names[index]);
 		}
 	}
 	fprintf(stderr, "A valid certificate for the wrong name should NOT be trusted!\n");