Pass ipsec.conf xauth_identity option via stroke to charon configurations

author: Martin Willi <martin@revosec.ch> 2011-12-15 13:12:42 +0100
committer: Martin Willi <martin@revosec.ch> 2012-03-20 17:31:23 +0100
commit: 21a4fc832ea64a6abb194a14ee64ff42ca214a44 (patch)
tree: fc9dd5f1bcbf58b5a283399137d4f58ffae39bd4 /src
parent: 10a6a5acff4a1237be0d33e9a483585e01c5e652 (diff)
download: strongswan-21a4fc832ea64a6abb194a14ee64ff42ca214a44.tar.bz2
strongswan-21a4fc832ea64a6abb194a14ee64ff42ca214a44.tar.xz
4 files changed, 9 insertions, 0 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index fec28c1ef..c4b218d1b 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -479,6 +479,11 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
 			cfg->add(cfg, AUTH_RULE_XAUTH_BACKEND, strdup(++pos));
 		}
 		cfg->add(cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_XAUTH);
+		if (msg->add_conn.xauth_identity)
+		{
+			cfg->add(cfg, AUTH_RULE_XAUTH_IDENTITY,
+				identification_create_from_string(msg->add_conn.xauth_identity));
+		}
 	}
 	else if (strneq(auth, "eap", 3))
 	{
diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
index 0f7a6040f..7a14be0cf 100644
--- a/src/libcharon/plugins/stroke/stroke_socket.c
+++ b/src/libcharon/plugins/stroke/stroke_socket.c
@@ -181,12 +181,14 @@ static void stroke_add_conn(private_stroke_socket_t *this, stroke_msg_t *msg)
 	pop_end(msg, "right", &msg->add_conn.other);
 	pop_string(msg, &msg->add_conn.eap_identity);
 	pop_string(msg, &msg->add_conn.aaa_identity);
+	pop_string(msg, &msg->add_conn.xauth_identity);
 	pop_string(msg, &msg->add_conn.algorithms.ike);
 	pop_string(msg, &msg->add_conn.algorithms.esp);
 	pop_string(msg, &msg->add_conn.ikeme.mediated_by);
 	pop_string(msg, &msg->add_conn.ikeme.peerid);
 	DBG2(DBG_CFG, "  eap_identity=%s", msg->add_conn.eap_identity);
 	DBG2(DBG_CFG, "  aaa_identity=%s", msg->add_conn.aaa_identity);
+	DBG2(DBG_CFG, "  xauth_identity=%s", msg->add_conn.xauth_identity);
 	DBG2(DBG_CFG, "  ike=%s", msg->add_conn.algorithms.ike);
 	DBG2(DBG_CFG, "  esp=%s", msg->add_conn.algorithms.esp);
 	DBG2(DBG_CFG, "  dpddelay=%d", msg->add_conn.dpd.delay);
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index e399b1c04..628d63214 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -220,6 +220,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
 	msg.add_conn.eap_vendor = conn->eap_vendor;
 	msg.add_conn.eap_identity = push_string(&msg, conn->eap_identity);
 	msg.add_conn.aaa_identity = push_string(&msg, conn->aaa_identity);
+	msg.add_conn.xauth_identity = push_string(&msg, conn->xauth_identity);
 
 	if (conn->policy & POLICY_TUNNEL)
 	{
diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h
index f3c525ba7..3350d7603 100644
--- a/src/stroke/stroke_msg.h
+++ b/src/stroke/stroke_msg.h
@@ -246,6 +246,7 @@ struct stroke_msg_t {
 			u_int32_t eap_vendor;
 			char *eap_identity;
 			char *aaa_identity;
+			char *xauth_identity;
 			int mode;
 			int mobike;
 			int force_encap;
author	Martin Willi <martin@revosec.ch>	2011-12-15 13:12:42 +0100
committer	Martin Willi <martin@revosec.ch>	2012-03-20 17:31:23 +0100
commit	21a4fc832ea64a6abb194a14ee64ff42ca214a44 (patch)
tree	fc9dd5f1bcbf58b5a283399137d4f58ffae39bd4 /src
parent	10a6a5acff4a1237be0d33e9a483585e01c5e652 (diff)
download	strongswan-21a4fc832ea64a6abb194a14ee64ff42ca214a44.tar.bz2 strongswan-21a4fc832ea64a6abb194a14ee64ff42ca214a44.tar.xz