From: Martin Willi <martin@revosec.ch>
Date: Thu, 29 Jan 2015 10:12:28 +0000 (+0100)
Subject: libtls: Merge trustchain auth verification details done during TLS handhsake
X-Git-Tag: 5.3.0dr1~46^2~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aba5b76ce170deb486f7a1eb36282b3458545fba;p=thirdparty%2Fstrongswan.git

libtls: Merge trustchain auth verification details done during TLS handhsake
---

diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index a95b40f55f..1bee436c4a 100644
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -324,6 +324,7 @@ static public_key_t *find_public_key(private_tls_peer_t *this)
 		while (enumerator->enumerate(enumerator, &current, &auth))
 		{
 			public = current->get_ref(current);
+			this->server_auth->merge(this->server_auth, auth, FALSE);
 			break;
 		}
 		enumerator->destroy(enumerator);
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index aeb5a714f9..a861a267a1 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -551,6 +551,7 @@ static status_t process_cert_verify(private_tls_server_t *this,
 		sig->destroy(sig);
 		if (verified)
 		{
+			this->peer_auth->merge(this->peer_auth, auth, FALSE);
 			break;
 		}
 		DBG1(DBG_TLS, "signature verification failed, trying another key");