From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Wed, 24 Aug 2022 10:01:51 +0000 (+0200)
Subject: libtls: call create_public_enumerator() with key_type
X-Git-Tag: 5.9.8dr1~2^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63fd718915b5d246dcc5560382db0c30de309040;p=thirdparty%2Fstrongswan.git

libtls: call create_public_enumerator() with key_type
---

diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index 97c4c40daf..f1119884cf 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -176,14 +176,21 @@ public_key_t *tls_find_public_key(auth_cfg_t *peer_auth, identification_t *id)
 {
 	public_key_t *public = NULL, *current;
 	certificate_t *cert, *found;
+	key_type_t key_type = KEY_ANY;
 	enumerator_t *enumerator;
 	auth_cfg_t *auth;
 
 	cert = peer_auth->get(peer_auth, AUTH_HELPER_SUBJECT_CERT);
 	if (cert)
 	{
+		public = cert->get_public_key(cert);
+		if (public)
+		{
+			key_type = public->get_type(public);
+			public->destroy(public);
+		}
 		enumerator = lib->credmgr->create_public_enumerator(lib->credmgr,
-												KEY_ANY, id, peer_auth, TRUE);
+											key_type, id, peer_auth, TRUE);
 		while (enumerator->enumerate(enumerator, &current, &auth))
 		{
 			found = auth->get(auth, AUTH_RULE_SUBJECT_CERT);