$NetBSD: patch-ag,v 1.1.2.2 2006/08/02 13:59:02 salo Exp $

--- ext/openssl/lib/openssl/ssl.rb.orig	2005-05-22 19:16:56.000000000 +0900
+++ ext/openssl/lib/openssl/ssl.rb
@@ -82,8 +82,9 @@ module OpenSSL
         }
         if check_common_name
           cert.subject.to_a.each{|oid, value|
-            if oid == "CN" && value.casecmp(hostname) == 0
-              return true
+            if oid == "CN"
+              reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
+              return true if /\A#{reg}\z/i =~ hostname
             end
           }
         end
