From 1f4fb79d2e9d40fb1468681044d39f03d5bef273 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 22 Dec 2021 15:32:04 +0100
Subject: util.x509: Fix to include wildcard identity

---
 util/x509.lua | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'util')

diff --git a/util/x509.lua b/util/x509.lua
index 342dafde..76b50076 100644
--- a/util/x509.lua
+++ b/util/x509.lua
@@ -232,8 +232,11 @@ local function get_identities(cert) --> map of names to sets of services
 	if sans then
 		if sans["dNSName"] then -- Valid for any service
 			for _, name in ipairs(sans["dNSName"]) do
+				local is_wildcard = name:sub(1, 2) == "*.";
+				if is_wildcard then name = name:sub(3); end
 				name = idna_to_unicode(nameprep(name));
 				if name then
+					if is_wildcard then name = "*." .. name; end
 					names:set(name, "*", true);
 				end
 			end
-- 
cgit v1.2.3