auth-cfg: Prefer merged rules over existing ones when moving them
authorTobias Brunner <tobias@strongswan.org>
Wed, 28 Oct 2015 17:53:15 +0000 (18:53 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 12 Nov 2015 13:21:06 +0000 (14:21 +0100)
This is particularly important for single valued rules (e.g.
identities).  When copying values this is already handled correctly
by the enumerator and add().

src/libstrongswan/credentials/auth_cfg.c

index 1e93f02..9988d80 100644 (file)
@@ -951,9 +951,9 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
        {
                entry_t entry;
 
-               while (array_remove(other->entries, ARRAY_HEAD, &entry))
-               {
-                       array_insert(this->entries, ARRAY_TAIL, &entry);
+               while (array_remove(other->entries, ARRAY_TAIL, &entry))
+               {       /* keep order but prefer new values (esp. for single valued ones) */
+                       array_insert(this->entries, ARRAY_HEAD, &entry);
                }
                array_compress(other->entries);
        }