sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-07 00:01:49 -04:00
Code Issues Projects Releases Wiki Activity

fixed crash when CA for certrequest not found

Browse Source
This commit is contained in:
Martin Willi 2007-01-08 13:40:36 +00:00
parent e3f83e738d
commit a622c99240
2 changed files with 28 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/charon/encoding/payloads/certreq_payload.c
View File

@ -268,11 +268,21 @@ certreq_payload_t *certreq_payload_create()
*/
certreq_payload_t *certreq_payload_create_from_cacert(identification_t *id)
{
x509_t *cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
rsa_public_key_t *pubkey = cacert->get_public_key(cacert);
chunk_t keyid = pubkey->get_keyid(pubkey);
x509_t *cacert;
rsa_public_key_t *pubkey;
chunk_t keyid;
certreq_payload_t *this;
cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
if (cacert == NULL)
{
/* no such CA cert */
return NULL;
}
certreq_payload_t *this = certreq_payload_create();
this = certreq_payload_create();
pubkey = cacert->get_public_key(cacert);
keyid = pubkey->get_keyid(pubkey);
DBG2(DBG_IKE, "requesting certificate issued by '%D'", id);
DBG2(DBG_IKE, " with keyid %#B", &keyid);

21
src/charon/sa/transactions/ike_auth.c
View File

@ -255,14 +255,21 @@ static status_t get_request(private_ike_auth_t *this, message_t **result)
{
certreq_payload_t *certreq_payload;
identification_t *other_ca = this->policy->get_other_ca(this->policy);
certreq_payload = (other_ca->get_type(other_ca) == ID_ANY)
? certreq_payload_create_from_cacerts()
: certreq_payload_create_from_cacert(other_ca);
if (certreq_payload != NULL)
if (other_ca)
{
request->add_payload(request, (payload_t*)certreq_payload);
if (other_ca->get_type(other_ca) == ID_ANY)
{
certreq_payload = certreq_payload_create_from_cacerts();
}
else
{
certreq_payload = certreq_payload_create_from_cacert(other_ca);
}
if (certreq_payload != NULL)
{
request->add_payload(request, (payload_t*)certreq_payload);
}
}
}