auth-cfg: Fix crash after several reauthentications with multiple authentication...

Due to the issue described in c641974, purge() inadvertently destroyed
CA certificates that should have been kept (while the pointer to these
objects remained in the array).  This lead to incorrect reference counts
and after a few reauthentications with multiple authentication rounds,
which cause calls to purge(TRUE), to crashes.

diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index aeeb4198fe2cc5a955dd18163d240732efe0cd27..db08c6b963ad84ec6c848d1418baba242e763d3a 100644 (file)
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -998,8 +998,8 @@ METHOD(auth_cfg_t, purge, void,
        {
                if (!keep_ca || entry->type != AUTH_RULE_CA_CERT)
                {
-                       array_remove_at(this->entries, enumerator);
                        destroy_entry_value(entry);
+                       array_remove_at(this->entries, enumerator);
                }
        }
        enumerator->destroy(enumerator);