From f24ef7dda918c182924f536cf2859a9fa551b575 Mon Sep 17 00:00:00 2001
From: Hugues Bruant <hugues@aerofs.com>
Date: Sat, 20 Jun 2015 13:55:43 -0400
Subject: [PATCH] XmppHostnameVerifier: check subject CommonName

---
 .../smack/java7/XmppHostnameVerifier.java     | 22 ++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/smack-java7/src/main/java/org/jivesoftware/smack/java7/XmppHostnameVerifier.java b/smack-java7/src/main/java/org/jivesoftware/smack/java7/XmppHostnameVerifier.java
index 2935618d3..d9aba87f1 100644
--- a/smack-java7/src/main/java/org/jivesoftware/smack/java7/XmppHostnameVerifier.java
+++ b/smack-java7/src/main/java/org/jivesoftware/smack/java7/XmppHostnameVerifier.java
@@ -30,6 +30,9 @@ import java.util.Locale;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import javax.naming.InvalidNameException;
+import javax.naming.ldap.LdapName;
+import javax.naming.ldap.Rdn;
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSession;
@@ -133,7 +136,24 @@ public class XmppHostnameVerifier implements HostnameVerifier {
                 throw new CertificateException(sb.toString());
             }
         }
-        // TODO SubjectX500Name
+
+        LdapName dn = null;
+        try {
+            dn = new LdapName(cert.getSubjectX500Principal().getName());
+        } catch (InvalidNameException e) {
+            LOGGER.warning("Invalid DN: " + e.getMessage());
+        }
+        if (dn != null) {
+            for (Rdn rdn : dn.getRdns()) {
+                if (rdn.getType().equalsIgnoreCase("CN")) {
+                    if (matchesPerRfc2818(name, rdn.getValue().toString())) {
+                        return;
+                    }
+                    break;
+                }
+            }
+        }
+
         throw new CertificateException("No name matching " + name + " found");
     }