update_peerid() does not accept %any as a certificate's subjectAltName
authorAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 9 Jul 2008 22:13:39 +0000 (22:13 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 9 Jul 2008 22:13:39 +0000 (22:13 -0000)
src/charon/plugins/stroke/stroke_config.c

index 0069191..374ae09 100644 (file)
@@ -209,7 +209,7 @@ static peer_cfg_t *get_peer_cfg_by_name(private_stroke_config_t *this, char *nam
  */
 static identification_t *update_peerid(certificate_t *cert, identification_t *id)
 {
-       if (!cert->has_subject(cert, id))
+       if (id->get_type(id) == ID_ANY || !cert->has_subject(cert, id))
        {
                DBG1(DBG_CFG, "  peerid %D not confirmed by certificate, "
                         "defaulting to subject DN", id);