identification: Properly check length before comparing for binary DN equality

author Martin Willi <martin@revosec.ch>

Mon, 7 Oct 2013 12:21:57 +0000 (14:21 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Thu, 31 Oct 2013 20:57:07 +0000 (21:57 +0100)
author Martin Willi <martin@revosec.ch>
Mon, 7 Oct 2013 12:21:57 +0000 (14:21 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Thu, 31 Oct 2013 20:57:07 +0000 (21:57 +0100)
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c

index 5df3e5f..9c43ad5 100644 (file)
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -602,7 +602,7 @@ static bool compare_dn(chunk_t t_dn, chunk_t o_dn, int *wc)
                 }
         }
         /* try a binary compare */
-       if (memeq(t_dn.ptr, o_dn.ptr, t_dn.len))
+       if (chunk_equals(t_dn, o_dn))
         {
                 return TRUE;
         }
author	Martin Willi <martin@revosec.ch>
	Mon, 7 Oct 2013 12:21:57 +0000 (14:21 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Thu, 31 Oct 2013 20:57:07 +0000 (21:57 +0100)