handle case where subject = NULL but keyid is set 4.6.2
authorAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 20 Feb 2012 11:12:31 +0000 (12:12 +0100)
src/pluto/ca.c

index 175c0b0..827b981 100644 (file)
@@ -219,7 +219,8 @@ cert_t* get_authcert(identification_t *subject, chunk_t keyid,
                }
 
                /* compare the subjectDistinguishedNames */
-               if (!certificate->has_subject(certificate, subject))
+               if (!(subject && certificate->has_subject(certificate, subject)) &&
+                        (subject || !keyid.ptr))
                {
                        continue;
                }