diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2015-11-10 15:24:07 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2015-11-12 14:45:43 +0100 |
| commit | 176c24b8e156111411aa7c0ed7204050f6ab4581 (patch) | |
| tree | 2ad7124bf7b1730fb09a6dea221e8a3256a08e7b | |
| parent | e5e352e631ff8ea5941a09c64977e1a394cbe3b3 (diff) | |
| download | strongswan-176c24b8e156111411aa7c0ed7204050f6ab4581.tar.bz2 strongswan-176c24b8e156111411aa7c0ed7204050f6ab4581.tar.xz | |
vici: Attribute certificates are not trusted
| -rw-r--r-- | src/libcharon/plugins/vici/vici_cred.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/libcharon/plugins/vici/vici_cred.c b/src/libcharon/plugins/vici/vici_cred.c index ce3ed78c1..6631184b5 100644 --- a/src/libcharon/plugins/vici/vici_cred.c +++ b/src/libcharon/plugins/vici/vici_cred.c @@ -71,6 +71,7 @@ CALLBACK(load_cert, vici_message_t*, certificate_t *cert; x509_t *x509; chunk_t data; + bool trusted = TRUE; char *str; str = message->get_str(message, NULL, "type"); @@ -99,6 +100,7 @@ CALLBACK(load_cert, vici_message_t*, else if (strcaseeq(str, "x509ac")) { type = CERT_X509_AC; + trusted = FALSE; } else { @@ -137,7 +139,7 @@ CALLBACK(load_cert, vici_message_t*, } else { - this->creds->add_cert(this->creds, TRUE, cert); + this->creds->add_cert(this->creds, trusted, cert); } return create_reply(NULL); } |