ikev2: Use correct type to check for selected signature scheme

The previous code was obviously incorrect and caused strange side effects
depending on the compiler and its optimization flags (infinite looping seen
with GCC 4.8.4, segfault when destroying the private key in build() seen
with clang 4.0.0 on FreeBSD).

Fixes #2579.

diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
index 65baf877185df4678df2739a1ede7c4b75ced959..c6c4829102506dfdb300715eaed1ec7d27f142e0 100644 (file)
--- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
+++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
@@ -164,7 +164,7 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat,
                        signature_scheme_t schemes[] = {
                                SIGN_RSA_EMSA_PKCS1_SHA2_384,
                                SIGN_RSA_EMSA_PKCS1_SHA2_256,
-                       }, contained;
+                       };
                        bool found;
                        int i, j;
 
@@ -174,8 +174,8 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat,
                                found = FALSE;
                                for (j = 0; j < array_count(selected); j++)
                                {
-                                       array_get(selected, j, &contained);
-                                       if (scheme == contained)
+                                       array_get(selected, j, &config);
+                                       if (scheme == config->scheme)
                                        {
                                                found = TRUE;
                                                break;