Always pass auth info to validate(), use pathlen to check for user certificate

author: Martin Willi <martin@revosec.ch> 2010-12-22 10:34:58 +0100
committer: Martin Willi <martin@revosec.ch> 2011-01-05 16:46:04 +0100
commit: 09e319d419a34cacc98420c1585e131362127574 (patch)
tree: 5fb711af171df5d8ca3698be8a5b2ea4c193a9f6 /src/libstrongswan/credentials/credential_manager.c
parent: 98ef286580bbd27bfd62b857098ee8c5d8acb2dc (diff)
download: strongswan-09e319d419a34cacc98420c1585e131362127574.tar.bz2
strongswan-09e319d419a34cacc98420c1585e131362127574.tar.xz
1 files changed, 1 insertions, 2 deletions
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index cc429ce68..c32eb4422 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -622,8 +622,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
 				break;
 			}
 		}
-		if (!check_certificate(this, current, issuer, online, pathlen,
-							   current == subject ? auth : NULL))
+		if (!check_certificate(this, current, issuer, online, pathlen, auth))
 		{
 			trusted = FALSE;
 			issuer->destroy(issuer);
author	Martin Willi <martin@revosec.ch>	2010-12-22 10:34:58 +0100
committer	Martin Willi <martin@revosec.ch>	2011-01-05 16:46:04 +0100
commit	09e319d419a34cacc98420c1585e131362127574 (patch)
tree	5fb711af171df5d8ca3698be8a5b2ea4c193a9f6 /src/libstrongswan/credentials/credential_manager.c
parent	98ef286580bbd27bfd62b857098ee8c5d8acb2dc (diff)
download	strongswan-09e319d419a34cacc98420c1585e131362127574.tar.bz2 strongswan-09e319d419a34cacc98420c1585e131362127574.tar.xz