diff options
| author | Martin Willi <martin@strongswan.org> | 2008-08-22 10:44:51 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2008-08-22 10:44:51 +0000 |
| commit | 822901061beb899947f22288c2dc7eb5a13eeb87 (patch) | |
| tree | b3f8e84bba26bd24a8c4d3ba26ad4bf4fc03ec01 /src/starter | |
| parent | 7c112a12c06c0320ee3945cd593c2beafe6b56dc (diff) | |
| download | strongswan-822901061beb899947f22288c2dc7eb5a13eeb87.tar.bz2 strongswan-822901061beb899947f22288c2dc7eb5a13eeb87.tar.xz | |
ported parts of two-sim branch
eap_identity parameter to exchange in eap_identity
some auth_info/peer_cfg refactorings
fixed some bugs, introduced new ones
Diffstat (limited to 'src/starter')
| -rw-r--r-- | src/starter/args.c | 1 | ||||
| -rw-r--r-- | src/starter/confread.h | 1 | ||||
| -rw-r--r-- | src/starter/ipsec.conf.5 | 8 | ||||
| -rw-r--r-- | src/starter/keywords.h | 1 | ||||
| -rw-r--r-- | src/starter/keywords.txt | 1 | ||||
| -rw-r--r-- | src/starter/starterstroke.c | 1 |
6 files changed, 13 insertions, 0 deletions
diff --git a/src/starter/args.c b/src/starter/args.c index fb3587eb2..b373be97c 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -202,6 +202,7 @@ static const token_info_t token_info[] = { ARG_MISC, 0, NULL /* KW_AUTH */ }, { ARG_MISC, 0, NULL /* KW_AUTHBY */ }, { ARG_MISC, 0, NULL /* KW_EAP */ }, + { ARG_STR, offsetof(starter_conn_t, eap_identity), NULL }, { ARG_MISC, 0, NULL /* KW_MOBIKE */ }, { ARG_MISC, 0, NULL /* KW_FORCEENCAPS */ }, { ARG_TIME, offsetof(starter_conn_t, sa_ike_life_seconds), NULL }, diff --git a/src/starter/confread.h b/src/starter/confread.h index 90f729d64..8e1584526 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -105,6 +105,7 @@ struct starter_conn { keyexchange_t keyexchange; u_int32_t eap_type; u_int32_t eap_vendor; + char *eap_identity; lset_t policy; time_t sa_ike_life_seconds; time_t sa_ipsec_life_seconds; diff --git a/src/starter/ipsec.conf.5 b/src/starter/ipsec.conf.5 index 796b6aa0e..afbf547ba 100644 --- a/src/starter/ipsec.conf.5 +++ b/src/starter/ipsec.conf.5 @@ -366,6 +366,14 @@ in the form .B eap=7-12345 ) can be used to specify vendor specific EAP types. .TP +.B eap_identity +defines the identity the client uses to reply to a EAP Identity request. +If defined on the EAP server, the defined identity will be used as peer +identity during EAP authentication. The special value +.B %identity +uses the EAP Identity method to ask the client for a EAP identity. If not +defined, the IKEv2 identity will be used as EAP identity. +.TP .B esp ESP encryption/authentication algorithm to be used for the connection, e.g. diff --git a/src/starter/keywords.h b/src/starter/keywords.h index b893cf52d..9470c75e5 100644 --- a/src/starter/keywords.h +++ b/src/starter/keywords.h @@ -71,6 +71,7 @@ typedef enum { KW_AUTH, KW_AUTHBY, KW_EAP, + KW_EAP_IDENTITY, KW_MOBIKE, KW_FORCEENCAPS, KW_IKELIFETIME, diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt index 7e414fb9f..b54da8ca8 100644 --- a/src/starter/keywords.txt +++ b/src/starter/keywords.txt @@ -50,6 +50,7 @@ keep_alive, KW_KEEP_ALIVE force_keepalive, KW_FORCE_KEEPALIVE virtual_private, KW_VIRTUAL_PRIVATE eap, KW_EAP +eap_identity, KW_EAP_IDENTITY mobike, KW_MOBIKE forceencaps, KW_FORCEENCAPS pkcs11module, KW_PKCS11MODULE diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 6f2fb40ac..8fbfc0bdb 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -227,6 +227,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn) } msg.add_conn.eap_type = conn->eap_type; msg.add_conn.eap_vendor = conn->eap_vendor; + msg.add_conn.eap_identity = push_string(&msg, conn->eap_identity); if (conn->policy & POLICY_TUNNEL) { |