Merge branch 'mbb-reauth-online-revocation'

With these changes initiators of make-before-break reauthentications suspend online revocation checks until after the new IKE_SA and all CHILD_SAs are established. See f1cbacc5d1be for details why that's necessary.
author: Tobias Brunner <tobias@strongswan.org> 2016-03-10 11:48:12 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2016-03-10 11:50:57 +0100
commit: f893b47e3d854f4051b8d1549cdc0d6d661aa235 (patch)
tree: 9d3cf491012ee2cce5426c219e9f07d187316f3f /src/libtls/tls_server.c
parent: 819da83fccf99acf7af1ed2bf61a498425c375e1 (diff)
parent: b4337c5b027871d6bb076b85d9a8699f86a74fa6 (diff)
download: strongswan-f893b47e3d854f4051b8d1549cdc0d6d661aa235.tar.bz2
strongswan-f893b47e3d854f4051b8d1549cdc0d6d661aa235.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index f9295a160..cfbe02037 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -548,7 +548,7 @@ static status_t process_cert_verify(private_tls_server_t *this,
 	bio_reader_t *sig;
 
 	enumerator = lib->credmgr->create_public_enumerator(lib->credmgr,
-										KEY_ANY, this->peer, this->peer_auth);
+									KEY_ANY, this->peer, this->peer_auth, TRUE);
 	while (enumerator->enumerate(enumerator, &public, &auth))
 	{
 		sig = bio_reader_create(reader->peek(reader));
author	Tobias Brunner <tobias@strongswan.org>	2016-03-10 11:48:12 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2016-03-10 11:50:57 +0100
commit	f893b47e3d854f4051b8d1549cdc0d6d661aa235 (patch)
tree	9d3cf491012ee2cce5426c219e9f07d187316f3f /src/libtls/tls_server.c
parent	819da83fccf99acf7af1ed2bf61a498425c375e1 (diff)
parent	b4337c5b027871d6bb076b85d9a8699f86a74fa6 (diff)
download	strongswan-f893b47e3d854f4051b8d1549cdc0d6d661aa235.tar.bz2 strongswan-f893b47e3d854f4051b8d1549cdc0d6d661aa235.tar.xz