tls-peer: Make sure to use the right trusted public key for peer
authorTobias Brunner <tobias@strongswan.org>
Fri, 20 Feb 2015 10:29:02 +0000 (11:29 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 9 Mar 2015 14:40:06 +0000 (15:40 +0100)
commit18597950fa305666e9040099b7bcd67dcc95da7f
tree822eb357693613db310505df9f7c7960c4a5f66b
parente5009fbb66d6856d4cae248f5a77b6651d967b58
tls-peer: Make sure to use the right trusted public key for peer

In case a CA certificate uses the same subject DN as the server the
previous code could end up trying to verify the server's signature with
the CA certificate's public key.  By comparing the certificate with the
one sent by the peer we make sure to use the right one.

Fixes #849.
src/libtls/tls_peer.c