handle case where subject = NULL but keyid is set

author Andreas Steffen <andreas.steffen@strongswan.org>

Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)
author Andreas Steffen <andreas.steffen@strongswan.org>
Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)
diff --git a/src/pluto/ca.c b/src/pluto/ca.c

index 175c0b022bfe446a1d5fc5e6f076326ce09f4b90..827b981216a2c86ea7efe1685f11385d1e05fcc0 100644 (file)
--- a/src/pluto/ca.c
+++ b/src/pluto/ca.c
@@ -219,7 +219,8 @@ cert_t* get_authcert(identification_t *subject, chunk_t keyid,
                 }
  
                 /* compare the subjectDistinguishedNames */
-               if (!certificate->has_subject(certificate, subject))
+               if (!(subject && certificate->has_subject(certificate, subject)) &&
+                        (subject || !keyid.ptr))
                 {
                         continue;
                 }
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)