From 60c62e045245f07798f61ef7f39e8ae84fd9c8e0 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue, 28 Feb 2012 10:00:15 +0100
Subject: [PATCH] Do not call gnutls_x509_crt_check_hostname() if hostname eq
 NULL. Reported by Matthew Hall.

---
 THANKS       |  1 +
 src/common.c | 21 ++++++++++++---------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/THANKS b/THANKS
index 32d6bc4de..123c73370 100644
--- a/THANKS
+++ b/THANKS
@@ -127,6 +127,7 @@ Joseph Graham                   *joe [at] t67.eu*
 Eli Zaretskii                   *eliz [at] gnu.org*
 Patrick Pelletier               *code [at] funwithsoftware.org*
 Sean Buckheister                *s_buckhe [at] cs.uni-kl.de*
+Matthew Hall                    *mhall [at] mhcomputing.net*
 
 ----------------------------------------------------------------------
 Copying and distribution of this file, with or without modification,
diff --git a/src/common.c b/src/common.c
index 65e9c721b..48f56bdcc 100644
--- a/src/common.c
+++ b/src/common.c
@@ -218,18 +218,21 @@ verify_x509_hostname (gnutls_session_t session, const char *hostname)
   /* Check the hostname of the first certificate if it matches
    * the name of the host we connected to.
    */
-  if (gnutls_x509_crt_check_hostname (crt, hostname) == 0)
+  if (hostname != NULL)
     {
-      printf
+      if (gnutls_x509_crt_check_hostname (crt, hostname) == 0)
+        {
+          printf
              ("- The hostname in the certificate does NOT match '%s'\n",
               hostname);
-      ret = 0;
-    }
-  else
-    {
-      printf ("- The hostname in the certificate matches '%s'.\n",
-              hostname);
-      ret = 1;
+          ret = 0;
+        }
+      else
+        {
+          printf ("- The hostname in the certificate matches '%s'.\n",
+                  hostname);
+          ret = 1;
+        }
     }
 
   gnutls_x509_crt_deinit (crt);
-- 
2.11.4.GIT