add support for wildcard certificate

[kazuho]

This PR adds support for wildcard certificates (note: only supports CN/dNSName that starts with *.).

It also

• stops using strcasecmp to avoid locale-related issues
• stops using str* functions for testing ASN1 strings (not guranteed to be terminated, see https://www.openssl.org/docs/man1.0.2/crypto/ASN1_STRING_length.html)
• ignores . at the end of the supplied hostname if exists, so that for example supplied hostname www.example.com. matches against a certificate with CN=www.example.com

relates to #10

[nabla-c0d3]

Hi,
Thanks for the pull request! Quick question before I look into this: OpenSSL (since 1.0.2) now provides its own function for validating hostnames (https://wiki.openssl.org/index.php/Hostname_validation ).
Any reason why you're not using it directly within h2o?
Thanks!

[kazuho]

@nabla-c0d3 Thank you for the response.

Thanks for the pull request! Quick question before I look into this: OpenSSL (since 1.0.2) now provides its own function for validating hostnames (https://wiki.openssl.org/index.php/Hostname_validation ).
Any reason why you're not using it directly within h2o?

That is a good question. While OpenSSL 1.0.2 has the function, libressl does not, since it was forked before the function was added. In H2O, we recommend using libressl due to the fact that it supports CHAHA20-POLY1305; therefore we end up in having the need to have hostname verification implemented in some other way.