[PATCH 1 of 2] SSL: fixed subjectAltName and commonName debug logging

Thu Aug 14 15:52:01 UTC 2025

# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1755133569 -10800
#      Thu Aug 14 04:06:09 2025 +0300
# Node ID 51d23ff6f109765f4c382d449d7ea0cea13ea220
# Parent  f7e18803d4411a20e25a0f7f33bfb7e281cc1739
SSL: fixed subjectAltName and commonName debug logging.

Previously, ASN1_STRING_length() was used as a length for "%*s" format
specifier, which is wrong, since string length is expected to be "size_t",
and ASN1_STRING_length() returns "int".

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -4957,7 +4957,8 @@ ngx_ssl_check_host(ngx_connection_t *c, 
 
             ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
                            "SSL subjectAltName: \"%*s\"",
-                           ASN1_STRING_length(str), ASN1_STRING_data(str));
+                           (size_t) ASN1_STRING_length(str),
+                           ASN1_STRING_data(str));
 
             if (ngx_ssl_check_name(name, str) == NGX_OK) {
                 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
@@ -4999,7 +5000,8 @@ ngx_ssl_check_host(ngx_connection_t *c, 
 
         ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
                        "SSL commonName: \"%*s\"",
-                       ASN1_STRING_length(str), ASN1_STRING_data(str));
+                       (size_t) ASN1_STRING_length(str),
+                       ASN1_STRING_data(str));
 
         if (ngx_ssl_check_name(name, str) == NGX_OK) {
             ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,

