diff --git a/src/charon/credentials/credential_manager.c b/src/charon/credentials/credential_manager.c index 543aca5e3..251194ba8 100644 --- a/src/charon/credentials/credential_manager.c +++ b/src/charon/credentials/credential_manager.c @@ -447,7 +447,6 @@ static certificate_t *fetch_ocsp(private_credential_manager_t *this, char *url, request->destroy(request); DBG1(DBG_CFG, " requesting ocsp status from '%s' ...", url); - /* TODO: unlock manager while fetching? */ if (lib->fetcher->fetch(lib->fetcher, url, &receive, FETCH_REQUEST_DATA, send, FETCH_REQUEST_TYPE, "application/ocsp-request", @@ -682,7 +681,6 @@ static certificate_t* fetch_crl(private_credential_manager_t *this, char *url) certificate_t *crl; chunk_t chunk; - /* TODO: unlock the manager while fetching? */ DBG1(DBG_CFG, " fetching crl from '%s' ...", url); if (lib->fetcher->fetch(lib->fetcher, url, &chunk, FETCH_END) != SUCCESS) { @@ -1424,6 +1422,7 @@ static private_key_t *get_private(private_credential_manager_t *this, { case ID_PUBKEY_SHA1: case ID_PUBKEY_INFO_SHA1: + case ID_KEY_ID: return get_private_by_keyid(this, type, id); default: break; diff --git a/src/charon/plugins/stroke/stroke_cred.c b/src/charon/plugins/stroke/stroke_cred.c index 9467248f0..52140cb9c 100644 --- a/src/charon/plugins/stroke/stroke_cred.c +++ b/src/charon/plugins/stroke/stroke_cred.c @@ -104,14 +104,22 @@ static bool private_filter(id_data_t *data, private_key_t **in, private_key_t **out) { identification_t *candidate; + id_type_t type; if (data->id == NULL) { *out = *in; return TRUE; } - candidate = (*in)->get_id(*in, data->id->get_type(data->id)); - if (candidate && data->id->equals(data->id, candidate)) + type = data->id->get_type(data->id); + if (type == ID_KEY_ID) + { /* handle ID_KEY_ID as a ID_PUBKEY_SHA1 */ + type = ID_PUBKEY_SHA1; + } + candidate = (*in)->get_id(*in, type); + if (candidate && + chunk_equals(candidate->get_encoding(candidate), + data->id->get_encoding(data->id))) { *out = *in; return TRUE;