revocation: Set defaults if CRL/OCSP checking is disabled in config
[strongswan.git] / src / libstrongswan / plugins / revocation / revocation_validator.c
index 1a7013b..edb2f80 100644 (file)
@@ -824,6 +824,10 @@ METHOD(cert_validator_t, validate, bool,
                                        break;
                        }
                }
+               else
+               {
+                       auth->add(auth, AUTH_RULE_OCSP_VALIDATION, VALIDATION_SKIPPED);
+               }
 
                if (this->enable_crl)
                {
@@ -847,6 +851,11 @@ METHOD(cert_validator_t, validate, bool,
                                        break;
                        }
                }
+               else
+               {
+                       auth->add(auth, AUTH_RULE_CRL_VALIDATION,
+                                         auth->get(auth, AUTH_RULE_OCSP_VALIDATION));
+               }
 
                lib->credmgr->call_hook(lib->credmgr, CRED_HOOK_VALIDATION_FAILED,
                                                                subject);