2 files changed, 30 insertions, 10 deletions

diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index f692a4339..b53f5a766 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -677,13 +677,23 @@ bool is_asn1(chunk_t blob)
 		DBG2("  file content is not binary ASN.1");
 		return FALSE;
 	}
+
 	len = asn1_length(&blob);
-	if (len != blob.len)
+
+	/* exact match */
+	if (len == blob.len)
 	{
-		DBG2("  file size does not match ASN.1 coded length");
-		return FALSE;
+		return TRUE;
 	}
-	return TRUE;
+
+	/* some websites append a surplus newline character to the blob */
+	if (len + 1 == blob.len && *(blob.ptr + len) == '\n')
+	{
+		return TRUE;
+	}
+
+	DBG2("  file size does not match ASN.1 coded length");
+	return FALSE;
 }
 
 /**
diff --git a/src/pluto/asn1.c b/src/pluto/asn1.c
index dafc6b19c..bcfdca15e 100644
--- a/src/pluto/asn1.c
+++ b/src/pluto/asn1.c
@@ -758,13 +758,23 @@ is_asn1(chunk_t blob)
 	)
 	return FALSE;
     }
+
     len = asn1_length(&blob);
-    if (len != blob.len)
+ 
+    /* exact match */
+    if (len == blob.len)
     {
-	DBG(DBG_PARSING,
-	    DBG_log("  file size does not match ASN.1 coded length");
-	)
-	return FALSE;
+	return TRUE;
     }
-    return TRUE;
+
+    /* some websites append a surplus newline character to the blob */
+    if (len + 1 == blob.len && *(blob.ptr + len) == '\n')
+    {
+	return TRUE;
+    }
+
+    DBG(DBG_PARSING,
+	DBG_log("  file size does not match ASN.1 coded length");
+    )
+    return FALSE;
 }