vici: Properly add CRLs to the credential set
authorTobias Brunner <tobias@strongswan.org>
Tue, 10 Nov 2015 14:20:16 +0000 (15:20 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 12 Nov 2015 13:45:42 +0000 (14:45 +0100)
add_crl() ensures that old CLRs are not stored in the credential set.

src/libcharon/plugins/vici/vici_cred.c

index ffdc034..ce3ed78 100644 (file)
@@ -131,8 +131,14 @@ CALLBACK(load_cert, vici_message_t*,
 
        DBG1(DBG_CFG, "loaded certificate '%Y'", cert->get_subject(cert));
 
-       this->creds->add_cert(this->creds, TRUE, cert);
-
+       if (type == CERT_X509_CRL)
+       {
+               this->creds->add_crl(this->creds, (crl_t*)cert);
+       }
+       else
+       {
+               this->creds->add_cert(this->creds, TRUE, cert);
+       }
        return create_reply(NULL);
 }