New upstream version 5.5.1

2 files changed, 17 insertions, 16 deletions

diff --git a/src/libcharon/plugins/ipseckey/Makefile.in b/src/libcharon/plugins/ipseckey/Makefile.in
index 38a63ea02..971b72cc3 100644
--- a/src/libcharon/plugins/ipseckey/Makefile.in
+++ b/src/libcharon/plugins/ipseckey/Makefile.in
@@ -353,7 +353,6 @@ clearsilver_LIBS = @clearsilver_LIBS@
 cmd_plugins = @cmd_plugins@
 datadir = @datadir@
 datarootdir = @datarootdir@
-dbusservicedir = @dbusservicedir@
 dev_headers = @dev_headers@
 docdir = @docdir@
 dvidir = @dvidir@
@@ -387,8 +386,6 @@ libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
 localedir = @localedir@
 localstatedir = @localstatedir@
-maemo_CFLAGS = @maemo_CFLAGS@
-maemo_LIBS = @maemo_LIBS@
 manager_plugins = @manager_plugins@
 mandir = @mandir@
 medsrv_plugins = @medsrv_plugins@
@@ -442,6 +439,8 @@ target_alias = @target_alias@
 top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
+tss2_CFLAGS = @tss2_CFLAGS@
+tss2_LIBS = @tss2_LIBS@
 urandom_device = @urandom_device@
 xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
diff --git a/src/libcharon/plugins/ipseckey/ipseckey_cred.c b/src/libcharon/plugins/ipseckey/ipseckey_cred.c
index 6c041ce26..ff50d8a17 100644
--- a/src/libcharon/plugins/ipseckey/ipseckey_cred.c
+++ b/src/libcharon/plugins/ipseckey/ipseckey_cred.c
@@ -57,6 +57,8 @@ typedef struct {
 	time_t notAfter;
 	/* identity to which the IPSECKEY belongs */
 	identification_t *identity;
+	/** most recently enumerated certificate */
+	certificate_t *cert;
 } cert_enumerator_t;
 
 METHOD(enumerator_t, cert_enumerator_enumerate, bool,
@@ -91,28 +93,27 @@ METHOD(enumerator_t, cert_enumerator_enumerate, bool,
 		public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
 									BUILD_BLOB_DNSKEY, key,
 									BUILD_END);
+		cur_ipseckey->destroy(cur_ipseckey);
 		if (!public)
 		{
 			DBG1(DBG_CFG, "  failed to create public key from IPSECKEY");
-			cur_ipseckey->destroy(cur_ipseckey);
 			continue;
 		}
-
-		*cert = lib->creds->create(lib->creds, CRED_CERTIFICATE,
-								   CERT_TRUSTED_PUBKEY,
-								   BUILD_PUBLIC_KEY, public,
-								   BUILD_SUBJECT, this->identity,
-								   BUILD_NOT_BEFORE_TIME, this->notBefore,
-								   BUILD_NOT_AFTER_TIME, this->notAfter,
-								   BUILD_END);
-		if (*cert == NULL)
+		DESTROY_IF(this->cert);
+		this->cert = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+										CERT_TRUSTED_PUBKEY,
+										BUILD_PUBLIC_KEY, public,
+										BUILD_SUBJECT, this->identity,
+										BUILD_NOT_BEFORE_TIME, this->notBefore,
+										BUILD_NOT_AFTER_TIME, this->notAfter,
+										BUILD_END);
+		public->destroy(public);
+		if (!this->cert)
 		{
 			DBG1(DBG_CFG, "  failed to create certificate from IPSECKEY");
-			cur_ipseckey->destroy(cur_ipseckey);
-			public->destroy(public);
 			continue;
 		}
-		cur_ipseckey->destroy(cur_ipseckey);
+		*cert = this->cert;
 		return TRUE;
 	}
 	return FALSE;
@@ -121,6 +122,7 @@ METHOD(enumerator_t, cert_enumerator_enumerate, bool,
 METHOD(enumerator_t, cert_enumerator_destroy, void,
 	cert_enumerator_t *this)
 {
+	DESTROY_IF(this->cert);
 	this->inner->destroy(this->inner);
 	this->response->destroy(this->response);
 	free(this);