From 73ac1f2040c81a2a805adbb97db091026b97a922 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 18 Apr 2011 16:35:04 +0200
Subject: [PATCH] pluto: Avoid potential null-pointer dereference when checking
 CRLs.

---
 src/pluto/crl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/pluto/crl.c b/src/pluto/crl.c
index 932bbb977..38db0f2fd 100644
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -425,7 +425,8 @@ cert_status_t verify_by_crl(cert_t *cert, time_t *until, time_t *revocationDate,
 		lock_authcert_list("verify_by_crl");
 
 		issuer_cert = get_authcert(issuer, authKeyID, X509_CA);
-		trusted = cert_crl->issued_by(cert_crl, issuer_cert->cert);
+		trusted = issuer_cert ? cert_crl->issued_by(cert_crl, issuer_cert->cert)
+							  : FALSE;
 
 		unlock_authcert_list("verify_by_crl");