From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 15 Oct 2009 15:30:04 +0000 (+0200)
Subject: cleaned out some bugs in refactoring of ac.c
X-Git-Tag: 4.3.5rc1~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff1ca9a8a30b5f9299bacdbc0584200b2d838505;p=thirdparty%2Fstrongswan.git

cleaned out some bugs in refactoring of ac.c
---

diff --git a/src/pluto/ac.c b/src/pluto/ac.c
index 608453923a..3b9f9f2e0d 100644
--- a/src/pluto/ac.c
+++ b/src/pluto/ac.c
@@ -47,7 +47,6 @@ void ac_initialize(void)
 void ac_finalize(void)
 {
 	acerts->destroy_offset(acerts, offsetof(certificate_t, destroy));
-	free(acerts);
 }
 
 /**
@@ -64,7 +63,7 @@ certificate_t* ac_get_cert(identification_t *issuer, chunk_t serial)
 		ac_t *ac = (ac_t*)cert;
 
 		if (issuer->equals(issuer, ac->get_holderIssuer(ac)) &&
-			chunk_equals(serial, ac->get_holderSerial(ac)))
+			  chunk_equals(serial, ac->get_holderSerial(ac)))
 		{
 			found = cert;
 			break;
@@ -81,7 +80,7 @@ bool ac_verify_cert(certificate_t *cert, bool strict)
 {
 	ac_t *ac = (ac_t*)cert;
 	identification_t *subject = cert->get_subject(cert);
-	identification_t *issuer = cert->get_issuer(cert);
+	identification_t *issuer  = cert->get_issuer(cert);
 	chunk_t authKeyID = ac->get_authKeyIdentifier(ac);
 	x509cert_t *aacert;
 	time_t notBefore, valid_until;
@@ -124,8 +123,8 @@ bool ac_verify_cert(certificate_t *cert, bool strict)
 static void ac_add_cert(certificate_t *cert)
 {
 	ac_t *ac = (ac_t*)cert;
-	identification_t *issuer = ac->get_holderIssuer(ac);
-	chunk_t serial = ac->get_serial(ac);
+	identification_t *hIssuer = ac->get_holderIssuer(ac);
+	chunk_t hSerial = ac->get_holderSerial(ac);
 
 	enumerator_t *enumerator;
 	certificate_t *cert_old;
@@ -135,18 +134,16 @@ static void ac_add_cert(certificate_t *cert)
 	{
 		ac_t *ac_old = (ac_t*)cert_old;
 
-		if (issuer->equals(issuer, ac_old->get_holderIssuer(ac_old)) &&
-			chunk_equals(serial, ac_old->get_serial(ac_old)))
+		if (hIssuer->equals(hIssuer, ac_old->get_holderIssuer(ac_old)) &&
+			   chunk_equals(hSerial, ac_old->get_holderSerial(ac_old)))
 		{
 			if (cert->is_newer(cert, cert_old))
 			{
-				DBG1("  attribute cert is newer - existing cert deleted");
 				acerts->remove_at(acerts, enumerator);
 				cert_old->destroy(cert_old);
 			}
 			else
 			{
-				DBG1("  attribute cert is not newer - existing cert kept");
 				cert->destroy(cert);
 				cert = NULL;
 			}
@@ -191,7 +188,7 @@ void ac_load_certs(void)
 	struct stat st;
 	char *file;
 
-	DBG1("Loading attribute certificates:");
+	DBG1("loading attribute certificates from '%s'", A_CERT_PATH);
 
 	enumerator = enumerator_create_directory(A_CERT_PATH);
 	if (!enumerator)