diff options
| author | Yves-Alexis Perez <corsac@corsac.net> | 2018-02-19 18:17:21 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@corsac.net> | 2018-02-19 18:17:21 +0100 |
| commit | 7793611ee71b576dd9c66dee327349fa64e38740 (patch) | |
| tree | f1379ec1aed52a3c772874d4ed690b90975b9623 /src/libstrongswan/plugins/revocation | |
| parent | e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (diff) | |
| download | vyos-strongswan-7793611ee71b576dd9c66dee327349fa64e38740.tar.gz vyos-strongswan-7793611ee71b576dd9c66dee327349fa64e38740.zip | |
New upstream version 5.6.2
Diffstat (limited to 'src/libstrongswan/plugins/revocation')
| -rw-r--r-- | src/libstrongswan/plugins/revocation/revocation_validator.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c index 16ee0ecc7..1b68320df 100644 --- a/src/libstrongswan/plugins/revocation/revocation_validator.c +++ b/src/libstrongswan/plugins/revocation/revocation_validator.c @@ -444,7 +444,7 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, enumerator_t *enumerator; time_t revocation; crl_reason_t reason; - chunk_t serial; + chunk_t subject_serial, serial; crl_t *crl = (crl_t*)cand; if (base) @@ -473,10 +473,11 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, return best; } + subject_serial = chunk_skip_zero(subject->get_serial(subject)); enumerator = crl->create_enumerator(crl); while (enumerator->enumerate(enumerator, &serial, &revocation, &reason)) { - if (chunk_equals(serial, subject->get_serial(subject))) + if (chunk_equals(subject_serial, chunk_skip_zero(serial))) { if (reason != CRL_REASON_CERTIFICATE_HOLD) { |