diff options
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_config.c | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index 5970e7cf3..86f0fe431 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -485,6 +485,17 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this, identity = identity->clone(identity); } } + /* add raw RSA public key */ + pubkey = end->rsakey; + if (pubkey && !streq(pubkey, "") && !streq(pubkey, "%cert")) + { + certificate = this->cred->load_pubkey(this->cred, KEY_RSA, pubkey, + identity); + if (certificate) + { + cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate); + } + } if (identity->get_type(identity) != ID_ANY) { cfg->add(cfg, AUTH_RULE_IDENTITY, identity); @@ -498,18 +509,6 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this, identity->destroy(identity); } - /* add raw RSA public key */ - pubkey = end->rsakey; - if (pubkey && !streq(pubkey, "") && !streq(pubkey, "%cert")) - { - certificate = this->cred->load_pubkey(this->cred, KEY_RSA, pubkey, - identity); - if (certificate) - { - cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate); - } - } - /* CA constraint */ if (ca) { |