From e4f554404ec53f6498bc62d42b089bd5697ed147 Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Mon, 20 Feb 2012 12:12:31 +0100
Subject: [PATCH] handle case where subject = NULL but keyid is set

---
 src/pluto/ca.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/pluto/ca.c b/src/pluto/ca.c
index 175c0b022..827b98121 100644
--- a/src/pluto/ca.c
+++ b/src/pluto/ca.c
@@ -219,7 +219,8 @@ cert_t* get_authcert(identification_t *subject, chunk_t keyid,
 		}
 
 		/* compare the subjectDistinguishedNames */
-		if (!certificate->has_subject(certificate, subject))
+		if (!(subject && certificate->has_subject(certificate, subject)) &&
+			 (subject || !keyid.ptr))
 		{
 			continue;
 		}