aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/charon/encoding/payloads/certreq_payload.c18
-rw-r--r--src/charon/sa/transactions/ike_auth.c21
2 files changed, 28 insertions, 11 deletions
diff --git a/src/charon/encoding/payloads/certreq_payload.c b/src/charon/encoding/payloads/certreq_payload.c
index 07d3ce2bc..86f2e3524 100644
--- a/src/charon/encoding/payloads/certreq_payload.c
+++ b/src/charon/encoding/payloads/certreq_payload.c
@@ -268,11 +268,21 @@ certreq_payload_t *certreq_payload_create()
*/
certreq_payload_t *certreq_payload_create_from_cacert(identification_t *id)
{
- x509_t *cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
- rsa_public_key_t *pubkey = cacert->get_public_key(cacert);
- chunk_t keyid = pubkey->get_keyid(pubkey);
+ x509_t *cacert;
+ rsa_public_key_t *pubkey;
+ chunk_t keyid;
+ certreq_payload_t *this;
+
+ cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
+ if (cacert == NULL)
+ {
+ /* no such CA cert */
+ return NULL;
+ }
- certreq_payload_t *this = certreq_payload_create();
+ this = certreq_payload_create();
+ pubkey = cacert->get_public_key(cacert);
+ keyid = pubkey->get_keyid(pubkey);
DBG2(DBG_IKE, "requesting certificate issued by '%D'", id);
DBG2(DBG_IKE, " with keyid %#B", &keyid);
diff --git a/src/charon/sa/transactions/ike_auth.c b/src/charon/sa/transactions/ike_auth.c
index 3ab4d8ae4..5d137f6c6 100644
--- a/src/charon/sa/transactions/ike_auth.c
+++ b/src/charon/sa/transactions/ike_auth.c
@@ -255,14 +255,21 @@ static status_t get_request(private_ike_auth_t *this, message_t **result)
{
certreq_payload_t *certreq_payload;
identification_t *other_ca = this->policy->get_other_ca(this->policy);
-
- certreq_payload = (other_ca->get_type(other_ca) == ID_ANY)
- ? certreq_payload_create_from_cacerts()
- : certreq_payload_create_from_cacert(other_ca);
-
- if (certreq_payload != NULL)
+
+ if (other_ca)
{
- request->add_payload(request, (payload_t*)certreq_payload);
+ if (other_ca->get_type(other_ca) == ID_ANY)
+ {
+ certreq_payload = certreq_payload_create_from_cacerts();
+ }
+ else
+ {
+ certreq_payload = certreq_payload_create_from_cacert(other_ca);
+ }
+ if (certreq_payload != NULL)
+ {
+ request->add_payload(request, (payload_t*)certreq_payload);
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-03 18:27:01 +0000