trustchain->add_item(trustchain, AUTHZ_SUBJECT_CERT, subject);
return trustchain;
}
-
current = subject->get_ref(subject);
while (TRUE)
{
}
this->mutex->lock(this->mutex);
- /* get all available end entity certificates for ourself */
+ /* try to build a trustchain for each certificate found */
enumerator = create_cert_enumerator(this, CERT_ANY, type, id, FALSE);
while (enumerator->enumerate(enumerator, &cert))
- {
+ {
private = get_private_by_cert(this, cert, type);
if (private)
{
break;
}
private->destroy(private);
+ private = NULL;
}
}
enumerator->destroy(enumerator);
+ /* if no valid trustchain was found, fall back to the first usable cert */
+ if (!private)
+ {
+ enumerator = create_cert_enumerator(this, CERT_ANY, type, id, FALSE);
+ while (enumerator->enumerate(enumerator, &cert))
+ {
+ private = get_private_by_cert(this, cert, type);
+ if (private)
+ {
+ auth->add_item(auth, AUTHZ_SUBJECT_CERT, cert);
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ }
this->mutex->unlock(this->mutex);
return private;
}
projects / thirdparty / strongswan.git / commitdiff
