Added a left/rightcertpolicy keyword to specify certificatePolicy requirements

author: Martin Willi <martin@revosec.ch> 2011-01-07 15:14:41 +0100
committer: Martin Willi <martin@revosec.ch> 2011-01-07 15:51:35 +0100
commit: 6367de28ad9b21cc8f145c7154cb29f5acca366a (patch)
tree: af534c2db6f1a17143b154c98e803478e26eeb57 /src/libcharon/plugins/stroke/stroke_config.c
parent: 1ed482d808dfa188e091363a6701e1947566396a (diff)
download: strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.bz2
strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.xz
1 files changed, 14 insertions, 0 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index 4f2f58e86..dc2c57e9c 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -429,6 +429,20 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
 		enumerator->destroy(enumerator);
 	}
 
+	/* certificatePolicies */
+	if (end->cert_policy)
+	{
+		enumerator_t *enumerator;
+		char *policy;
+
+		enumerator = enumerator_create_token(end->cert_policy, ",", " ");
+		while (enumerator->enumerate(enumerator, &policy))
+		{
+			cfg->add(cfg, AUTH_RULE_CERT_POLICY, strdup(policy));
+		}
+		enumerator->destroy(enumerator);
+	}
+
 	/* authentication metod (class, actually) */
 	if (streq(auth, "pubkey") ||
 		streq(auth, "rsasig") || streq(auth, "rsa") ||
author	Martin Willi <martin@revosec.ch>	2011-01-07 15:14:41 +0100
committer	Martin Willi <martin@revosec.ch>	2011-01-07 15:51:35 +0100
commit	6367de28ad9b21cc8f145c7154cb29f5acca366a (patch)
tree	af534c2db6f1a17143b154c98e803478e26eeb57 /src/libcharon/plugins/stroke/stroke_config.c
parent	1ed482d808dfa188e091363a6701e1947566396a (diff)
download	strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.bz2 strongswan-6367de28ad9b21cc8f145c7154cb29f5acca366a.tar.xz