auth-cfg: Classify key strengths as multi value rules
authorTobias Brunner <tobias@strongswan.org>
Tue, 23 Jan 2018 11:01:02 +0000 (12:01 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 8 Feb 2018 09:15:53 +0000 (10:15 +0100)
If that's not the case only the last value added would be considered
not all the keys of a trust chain.

Fixes #2515.

src/libstrongswan/credentials/auth_cfg.c

index d1be7b4..8b8954a 100644 (file)
@@ -73,9 +73,6 @@ static inline bool is_multi_value_rule(auth_rule_t type)
                case AUTH_RULE_AUTH_CLASS:
                case AUTH_RULE_EAP_TYPE:
                case AUTH_RULE_EAP_VENDOR:
-               case AUTH_RULE_RSA_STRENGTH:
-               case AUTH_RULE_ECDSA_STRENGTH:
-               case AUTH_RULE_BLISS_STRENGTH:
                case AUTH_RULE_IDENTITY:
                case AUTH_RULE_IDENTITY_LOOSE:
                case AUTH_RULE_EAP_IDENTITY:
@@ -94,6 +91,9 @@ static inline bool is_multi_value_rule(auth_rule_t type)
                case AUTH_RULE_CA_CERT:
                case AUTH_RULE_IM_CERT:
                case AUTH_RULE_CERT_POLICY:
+               case AUTH_RULE_RSA_STRENGTH:
+               case AUTH_RULE_ECDSA_STRENGTH:
+               case AUTH_RULE_BLISS_STRENGTH:
                case AUTH_RULE_SIGNATURE_SCHEME:
                case AUTH_RULE_IKE_SIGNATURE_SCHEME:
                case AUTH_HELPER_IM_CERT: