diff options
| author | Martin Willi <martin@revosec.ch> | 2010-09-09 17:40:16 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2010-09-09 17:46:20 +0200 |
| commit | 663e7355539eb2bd423a29401f5e49a62ca93727 (patch) | |
| tree | 66cefb71be8d3cd6912362267ecfd17cbcc5b3a4 /src/libstrongswan/plugins/openssl/openssl_x509.c | |
| parent | f85f0c27954bb0501d2edf0802bbceb4e21be791 (diff) | |
| download | strongswan-663e7355539eb2bd423a29401f5e49a62ca93727.tar.bz2 strongswan-663e7355539eb2bd423a29401f5e49a62ca93727.tar.xz | |
Compare subject against all key identifiers in has_subject()
Diffstat (limited to 'src/libstrongswan/plugins/openssl/openssl_x509.c')
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_x509.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c index 4cc935625..aa39bc93d 100644 --- a/src/libstrongswan/plugins/openssl/openssl_x509.c +++ b/src/libstrongswan/plugins/openssl/openssl_x509.c @@ -295,10 +295,23 @@ METHOD(certificate_t, has_subject, id_match_t, identification_t *current; enumerator_t *enumerator; id_match_t match, best; + chunk_t encoding; if (subject->get_type(subject) == ID_KEY_ID) { - if (chunk_equals(this->hash, subject->get_encoding(subject))) + encoding = subject->get_encoding(subject); + + if (chunk_equals(this->hash, encoding)) + { + return ID_MATCH_PERFECT; + } + if (this->subjectKeyIdentifier.len && + chunk_equals(this->subjectKeyIdentifier, encoding)) + { + return ID_MATCH_PERFECT; + } + if (this->pubkey && + this->pubkey->has_fingerprint(this->pubkey, encoding)) { return ID_MATCH_PERFECT; } |