ike-cert-post: Encode intermediate CA certificates as hash-and-URL if possible

author Tobias Brunner <tobias@strongswan.org>

Thu, 31 Oct 2019 08:51:42 +0000 (09:51 +0100)

committer Tobias Brunner <tobias@strongswan.org>

Tue, 26 Nov 2019 10:12:26 +0000 (11:12 +0100)
author Tobias Brunner <tobias@strongswan.org>
Thu, 31 Oct 2019 08:51:42 +0000 (09:51 +0100)
committer Tobias Brunner <tobias@strongswan.org>
Tue, 26 Nov 2019 10:12:26 +0000 (11:12 +0100)
diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c

index 26550033320357eb08a55d143980ba1854d6871d..c5164476af821d4399f70121bdbb6ca529465ae7 100644 (file)
--- a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
@@ -158,7 +158,7 @@ static void add_im_certs(private_ike_cert_post_t *this, auth_cfg_t *auth,
         {
                 if (type == AUTH_RULE_IM_CERT)
                 {
-                       payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
+                       payload = build_cert_payload(this, cert);
                         if (payload)
                         {
                                 DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 31 Oct 2019 08:51:42 +0000 (09:51 +0100)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 26 Nov 2019 10:12:26 +0000 (11:12 +0100)