diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2016-02-03 15:16:48 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2016-03-04 16:19:54 +0100 |
| commit | 1ecec95dff4036cf6a4a5d0347b3247fc71ce0b0 (patch) | |
| tree | a4fbb11594418043a664f9d14341c78b15e72f04 /src | |
| parent | 3c23a75120c5b548383da439537cab956b15dafd (diff) | |
| download | strongswan-1ecec95dff4036cf6a4a5d0347b3247fc71ce0b0.tar.bz2 strongswan-1ecec95dff4036cf6a4a5d0347b3247fc71ce0b0.tar.xz | |
vici: Add support for pubkey constraints with EAP-TLS
This is a feature currently supported by stroke.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/plugins/vici/vici_config.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c index 7711fa0cb..181b14b40 100644 --- a/src/libcharon/plugins/vici/vici_config.c +++ b/src/libcharon/plugins/vici/vici_config.c @@ -982,8 +982,16 @@ CALLBACK(parse_auth, bool, } if (strcasepfx(buf, "eap")) { + char *pos; + cfg->add(cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP); + pos = strchr(buf, ':'); + if (pos) + { + *pos = 0; + cfg->add_pubkey_constraints(cfg, pos + 1, FALSE); + } type = eap_vendor_type_from_string(buf); if (type) { |