diff options
| author | Martin Willi <martin@revosec.ch> | 2010-12-22 11:49:16 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2011-01-05 16:46:04 +0100 |
| commit | 8469625fdc6cf194c95f679c1bd5cd3960f375d0 (patch) | |
| tree | 23e10d0803b05b5a89e0efc40b41e58888efc01e | |
| parent | 5eae41c6d8d3b15ceb65c0328d98aeb74b7701dd (diff) | |
| download | strongswan-8469625fdc6cf194c95f679c1bd5cd3960f375d0.tar.bz2 strongswan-8469625fdc6cf194c95f679c1bd5cd3960f375d0.tar.xz | |
Include subject cert to temporary auth info before completing trustchain
| -rw-r--r-- | src/libstrongswan/credentials/credential_manager.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c index 3cca0b2e8..a3f9a53cb 100644 --- a/src/libstrongswan/credentials/credential_manager.c +++ b/src/libstrongswan/credentials/credential_manager.c @@ -578,6 +578,7 @@ static bool verify_trust_chain(private_credential_manager_t *this, auth = auth_cfg_create(); get_key_strength(subject, auth); current = subject->get_ref(subject); + auth->add(auth, AUTH_RULE_SUBJECT_CERT, current->get_ref(current)); for (pathlen = 0; pathlen <= MAX_TRUST_PATH_LEN; pathlen++) { @@ -702,8 +703,6 @@ METHOD(enumerator_t, trusted_enumerate, bool, verify_trust_chain(this->this, this->pretrusted, this->auth, TRUE, this->online)) { - this->auth->add(this->auth, AUTH_RULE_SUBJECT_CERT, - this->pretrusted->get_ref(this->pretrusted)); DBG1(DBG_CFG, " using trusted certificate \"%Y\"", this->pretrusted->get_subject(this->pretrusted)); *cert = this->pretrusted; @@ -729,8 +728,6 @@ METHOD(enumerator_t, trusted_enumerate, bool, if (verify_trust_chain(this->this, current, this->auth, FALSE, this->online)) { - this->auth->add(this->auth, AUTH_RULE_SUBJECT_CERT, - current->get_ref(current)); *cert = current; if (auth) { |