Avoid enumerating certificates with non-matching key type
authorSophieK <35367649+suishixingkong@users.noreply.github.com>
Tue, 21 May 2019 01:28:21 +0000 (09:28 +0800)
committerTobias Brunner <tobias@strongswan.org>
Tue, 21 May 2019 08:22:30 +0000 (10:22 +0200)
commit3aa7b2dc3a39b85a371acc133427b26570dbc69d
tree37795af9e78ae154aef86056c4c5bcfd2dc0f732
parent55dd0361b8cfa770466a57353147d739fab937b6
Avoid enumerating certificates with non-matching key type

If the key type was specified but the ID was NULL or matched a subject, it
was possible that a certificate was returned that didn't actually match
the requested key type.

Closes strongswan/strongswan#141.
src/libcharon/plugins/stroke/stroke_ca.c
src/libstrongswan/credentials/sets/mem_cred.c