From: Martin Willi <martin@strongswan.org>
Date: Thu, 20 Mar 2008 09:30:02 +0000 (-0000)
Subject: fixed verification of preinstalled certificates
X-Git-Tag: 4.2.0~111
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9be0dc922e6bdbc6fdc5c0232a02ac10ac9896c4;p=thirdparty%2Fstrongswan.git

fixed verification of preinstalled certificates
---

diff --git a/src/charon/credentials/credential_manager.c b/src/charon/credentials/credential_manager.c
index 1e2ec3e114..98d965f68d 100644
--- a/src/charon/credentials/credential_manager.c
+++ b/src/charon/credentials/credential_manager.c
@@ -987,7 +987,7 @@ static certificate_t *get_trusted_cert(private_credential_manager_t *this,
 	if (subject)
 	{	/* if we find a trusted certificate, we accept it. However, to 
 		 * fullfill authorization rules, we try build the trustchain anyway. */
-		if (verify_trustchain(this, subject, auth, crl, ocsp, TRUE))
+		if (verify_trustchain(this, subject, auth, TRUE, crl, ocsp))
 		{
 			DBG1(DBG_CFG, "  using pre-trusted certificate \"%D\"",
 				 subject->get_subject(subject));