From bf23dee70af4756186855665b2845666f06913d2 Mon Sep 17 00:00:00 2001
From: Dennis Potman <dennis.potman@adlinktech.com>
Date: Tue, 24 Mar 2020 21:24:16 +0100
Subject: [PATCH] Fix in access control identity subject compare

Fixed a bug in the subject compare function for identity subjects, that
could cause using the incorrect permission grant in case multiple grants
are provided in the permissions configuration of the access control plugin.

Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
---
 .../builtin_plugins/access_control/src/access_control_utils.c   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/security/builtin_plugins/access_control/src/access_control_utils.c b/src/security/builtin_plugins/access_control/src/access_control_utils.c
index 6c56d9e..ca80d77 100644
--- a/src/security/builtin_plugins/access_control/src/access_control_utils.c
+++ b/src/security/builtin_plugins/access_control/src/access_control_utils.c
@@ -282,7 +282,7 @@ bool ac_check_subjects_are_equal(const char *permissions_sn, const char *identit
     if (name_idsn == NULL || tok_idsn == NULL)
       goto check_subj_equal_failed;
     value_pmsn = DDS_Security_Property_get_value(&prop_pmsn, name_idsn);
-    if (value_pmsn == NULL || strcmp(value_pmsn, value_pmsn) != 0)
+    if (value_pmsn == NULL || strcmp(tok_idsn, value_pmsn) != 0)
     {
       ddsrt_free(value_pmsn);
       goto check_subj_equal_failed;