fixed crash when CA for certrequest not found

src/charon/encoding/payloads/certreq_payload.c

@@ -268,11 +268,21 @@ certreq_payload_t *certreq_payload_create()
  */
 certreq_payload_t *certreq_payload_create_from_cacert(identification_t *id)
 {
-	x509_t *cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
+	x509_t *cacert;
-	rsa_public_key_t *pubkey = cacert->get_public_key(cacert);
+	rsa_public_key_t *pubkey;
-	chunk_t keyid = pubkey->get_keyid(pubkey);
+	chunk_t keyid;
+	certreq_payload_t *this;
 	
-	certreq_payload_t *this = certreq_payload_create();
+	cacert = charon->credentials->get_ca_certificate(charon->credentials, id);
+	if (cacert == NULL)
+	{
+		/* no such CA cert */
+		return NULL;
+	}
+
+	this = certreq_payload_create();
+	pubkey = cacert->get_public_key(cacert);
+	keyid = pubkey->get_keyid(pubkey);
 
 	DBG2(DBG_IKE, "requesting certificate issued by '%D'", id);
 	DBG2(DBG_IKE, "  with keyid %#B", &keyid);

src/charon/sa/transactions/ike_auth.c

@@ -256,15 +256,22 @@ static status_t get_request(private_ike_auth_t *this, message_t **result)
 		certreq_payload_t *certreq_payload;
 		identification_t *other_ca = this->policy->get_other_ca(this->policy);
 		
-		certreq_payload = (other_ca->get_type(other_ca) == ID_ANY)
+		if (other_ca)
-			? certreq_payload_create_from_cacerts()
+		{
-			: certreq_payload_create_from_cacert(other_ca);
+			if (other_ca->get_type(other_ca) == ID_ANY)
-
+			{
+				certreq_payload = certreq_payload_create_from_cacerts();
+			}
+			else
+			{
+				certreq_payload = certreq_payload_create_from_cacert(other_ca);
+			}
 			if (certreq_payload != NULL)
 			{
 				request->add_payload(request, (payload_t*)certreq_payload);
 			}
 		}
+	}
 	
 	/* build certificate payload. TODO: Handle certreq from init_ike_sa. */
 	if (this->policy->get_auth_method(this->policy) == AUTH_RSA