Commit a16da68872 for openssl.org

commit a16da68872bdc6d0956f3d84b375d888441909c3
Author: Bob Beck <beck@openssl.org>
Date:   Tue Feb 3 17:57:49 2026 -0700

    Add a test for using a leading . for verification of a domain name

    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
    MergeDate: Tue Feb 24 14:04:20 2026
    (Merged from https://github.com/openssl/openssl/pull/29612)

diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c
index 1420c71034..f3e431d140 100644
--- a/test/verify_extra_test.c
+++ b/test/verify_extra_test.c
@@ -364,6 +364,18 @@ static int test_multiname_selfsigned(void)
         X509_STORE_CTX_cleanup(ctx);
         if (!TEST_true(X509_VERIFY_PARAM_set1_host(vpm, NULL, 0)))
             goto err;
+        /* Try the domain with . */
+        if (!TEST_true(X509_STORE_CTX_init(ctx, store, cert, NULL)))
+            goto err;
+        if (!TEST_true(X509_VERIFY_PARAM_set1_host(vpm, ".muppetry.ca", 0)))
+            goto err;
+        if (!TEST_true(X509_verify_cert(ctx))) {
+            TEST_info("Verify failed for domain name .muppetry.ca\n");
+            fails++;
+        }
+        X509_STORE_CTX_cleanup(ctx);
+        if (!TEST_true(X509_VERIFY_PARAM_set1_host(vpm, NULL, 0)))
+            goto err;
     }

     for (size_t i = 0; multiname_emails[i] != NULL; i++) {