auth-cfg: Don't limit subjectAltName check to received certificates

Otherwise this won't work if the certificate is only locally available.

diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index a9c8b390420be05b8453c20638299899281f75bf..07da596e4cd80ffd64dbc08598a8805592b7e7cf 100644 (file)
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -840,7 +840,7 @@ METHOD(auth_cfg_t, complies, bool,
                                        {       /* also verify identity against subjectAltNames */
                                                certificate_t *cert;
 
-                                               cert = get(this, AUTH_HELPER_SUBJECT_CERT);
+                                               cert = get(this, AUTH_RULE_SUBJECT_CERT);
                                                if (cert && cert->has_subject(cert, id1))
                                                {
                                                        break;