aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Willi <martin@strongswan.org>2007-01-08 13:40:36 +0000
committerMartin Willi <martin@strongswan.org>2007-01-08 13:40:36 +0000
commita622c992408bfc939f6f68a8b766e12624fbab0e (patch)
tree9f28b97374e335723bea68f7f76ee34ede31538c
parente3f83e738da0973ec693d09998b5997ff470de2e (diff)
downloadstrongswan-a622c992408bfc939f6f68a8b766e12624fbab0e.tar.bz2
strongswan-a622c992408bfc939f6f68a8b766e12624fbab0e.tar.xz
fixed crash when CA for certrequest not found
Diffstat
-rw-r--r--src/charon/encoding/payloads/certreq_payload.c18
-rw-r--r--src/charon/sa/transactions/ike_auth.c21
2 files changed, 28 insertions, 11 deletions
diff --git a/src/charon/encoding/payloads/certreq_payload.c b/src/charon/encoding/payloads/certreq_payload.c
index 07d3ce2bc..86f2e3524 100644
--- a/src/charon/encoding/payloads/certreq_payload.c
+++ b/src/charon/encoding/payloads/certreq_payload.c
@@ -268,11 +268,21 @@ certreq_payload_t *certreq_payload_create()
*/
certreq_payload_t *certreq_payload_create_from_cacert(identification_t *id)
{
- x509_t *cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
- rsa_public_key_t *pubkey = cacert->get_public_key(cacert);
- chunk_t keyid = pubkey->get_keyid(pubkey);
+ x509_t *cacert;
+ rsa_public_key_t *pubkey;
+ chunk_t keyid;
+ certreq_payload_t *this;
+
+ cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
+ if (cacert == NULL)
+ {
+ /* no such CA cert */
+ return NULL;
+ }
- certreq_payload_t *this = certreq_payload_create();
+ this = certreq_payload_create();
+ pubkey = cacert->get_public_key(cacert);
+ keyid = pubkey->get_keyid(pubkey);
DBG2(DBG_IKE, "requesting certificate issued by '%D'", id);
DBG2(DBG_IKE, " with keyid %#B", &keyid);
diff --git a/src/charon/sa/transactions/ike_auth.c b/src/charon/sa/transactions/ike_auth.c
index 3ab4d8ae4..5d137f6c6 100644
--- a/src/charon/sa/transactions/ike_auth.c
+++ b/src/charon/sa/transactions/ike_auth.c
@@ -255,14 +255,21 @@ static status_t get_request(private_ike_auth_t *this, message_t **result)
{
certreq_payload_t *certreq_payload;
identification_t *other_ca = this->policy->get_other_ca(this->policy);
-
- certreq_payload = (other_ca->get_type(other_ca) == ID_ANY)
- ? certreq_payload_create_from_cacerts()
- : certreq_payload_create_from_cacert(other_ca);
-
- if (certreq_payload != NULL)
+
+ if (other_ca)
{
- request->add_payload(request, (payload_t*)certreq_payload);
+ if (other_ca->get_type(other_ca) == ID_ANY)
+ {
+ certreq_payload = certreq_payload_create_from_cacerts();
+ }
+ else
+ {
+ certreq_payload = certreq_payload_create_from_cacert(other_ca);
+ }
+ if (certreq_payload != NULL)
+ {
+ request->add_payload(request, (payload_t*)certreq_payload);
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 15:48:54 +0000