Fix openssl cert peer validation

[marcioapm]

This is for 0.7.32 and is important due to the imminent european GDPR deadline...
The same bug is also present in master.

[wilzbach]

lastpos should initially be set to -1. If there are no more entries -1 is returned.

From https://linux.die.net/man/3/x509_name_get_index_by_nid

So shouldn't the while loop in general be kept?

[s-ludwig]

Think so, too. AFAICT the mistake is that i is not initialized to -1.

[marcioapm]

Fixed!

[s-ludwig]

Thanks! I'll merge it to master, too.

[marcioapm]

This is quite important for GDPR compliance... are you able to do another 0.7.x release?

[s-ludwig]

are you able to do another 0.7.x release?

Yes, I can do that. If you see any fixes in the change log for the 0.8.2 or 0.8.3 releases that look important, I could possibly merge those, too, to make the release more valuable.

[marcioapm]

I will have a look and let you know! Thanks Sönke! :)

[wilzbach]

I guess this should be tagged as 0.8.4 or 0.8.3-1 then too?

[marcioapm]

@s-ludwig I found the following commits that would be immediately valuable for us.
I also hope it compiles with latest DMD - we are still on 0.76.1 but thinking about upgrading soon.

important
fix leakage of connections
ab5ebe9

Fix support for outbound SSL w/ SSL1.1.x
4b0466e

good to have
throw useful error message on MongoDB query failures
31281f2

Properly handle TLS disconnects in OpenSSLStream.leastSize.
1c55fb0

Use non-GC memory for MatchGraphBuilder.
e7a0f30

Use small integer types for MatchGraph(Builder) to reduce memory usage.
396400b

good if compatible
Fix closing of user-triggered non-keepalive connections.
2a768b2

Thanks Sönke.

[s-ludwig]

Opened corresponding PRs: #2125, #2126, #2127, #2128, #2129