fixed verification of preinstalled certificates
authorMartin Willi <martin@strongswan.org>
Thu, 20 Mar 2008 09:30:02 +0000 (09:30 -0000)
committerMartin Willi <martin@strongswan.org>
Thu, 20 Mar 2008 09:30:02 +0000 (09:30 -0000)
src/charon/credentials/credential_manager.c

index 1e2ec3e..98d965f 100644 (file)
@@ -987,7 +987,7 @@ static certificate_t *get_trusted_cert(private_credential_manager_t *this,
        if (subject)
        {       /* if we find a trusted certificate, we accept it. However, to 
                 * fullfill authorization rules, we try build the trustchain anyway. */
-               if (verify_trustchain(this, subject, auth, crl, ocsp, TRUE))
+               if (verify_trustchain(this, subject, auth, TRUE, crl, ocsp))
                {
                        DBG1(DBG_CFG, "  using pre-trusted certificate \"%D\"",
                                 subject->get_subject(subject));