Stop checking once a key size constraint is not fulfilled
authorMartin Willi <martin@revosec.ch>
Thu, 15 Dec 2011 10:30:22 +0000 (11:30 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:23 +0000 (17:31 +0100)
src/libstrongswan/credentials/auth_cfg.c

index 3420e31..e2cea07 100644 (file)
@@ -537,6 +537,7 @@ METHOD(auth_cfg_t, complies, bool,
                                                                         "public keys, but %d bit key used",
                                                                         (uintptr_t)value, strength);
                                                        }
+                                                       break;
                                                }
                                        }
                                        else if (t2 == AUTH_RULE_RSA_STRENGTH)
@@ -547,6 +548,7 @@ METHOD(auth_cfg_t, complies, bool,
                                                        DBG1(DBG_CFG, "constraint requires %d bit ECDSA, "
                                                                 "but RSA used", (uintptr_t)value);
                                                }
+                                               break;
                                        }
                                        else if (t2 == AUTH_RULE_ECDSA_STRENGTH)
                                        {
@@ -556,6 +558,7 @@ METHOD(auth_cfg_t, complies, bool,
                                                        DBG1(DBG_CFG, "constraint requires %d bit RSA, "
                                                                 "but ECDSA used", (uintptr_t)value);
                                                }
+                                               break;
                                        }
                                }
                                e2->destroy(e2);