whitelist: Use hash() method so DNs with different string types match

strongSwan uses PrintableString when encoding DNs from strings (if the
character set permits it, otherwise T61String is currently used) but
certificates might be encoded with UTF8String even for simple ASCII strings.
By ignoring this string type when hashing RDNs we make sure the same hash
results in this case as long as the actual string values are the same.

Fixes #991.

diff --git a/src/libcharon/plugins/whitelist/whitelist_listener.c b/src/libcharon/plugins/whitelist/whitelist_listener.c
index d0357b410db2cd4187fb718c29767d998017674b..7e5b2f4e01d99bdb6c86e69c39282176043c6d51 100644 (file)
--- a/src/libcharon/plugins/whitelist/whitelist_listener.c
+++ b/src/libcharon/plugins/whitelist/whitelist_listener.c
@@ -52,7 +52,7 @@ struct private_whitelist_listener_t {
  */
 static u_int hash(identification_t *key)
 {
-       return chunk_hash(key->get_encoding(key));
+       return key->hash(key, 0);
 }
 
 /**