Use IP address as ID as responder if not configured or no IDr received.

author: Tobias Brunner <tobias@strongswan.org> 2012-04-16 11:55:07 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2012-04-16 14:09:51 +0200
commit: 7fd6c078b67ee4e5061379599b6a814bba22b8c6 (patch)
tree: 46653441661d7d4e0366e4ac0342f49d4ac82016 /src
parent: b241a374117f32be724d3f6ad13cf4b7d42445b4 (diff)
download: strongswan-7fd6c078b67ee4e5061379599b6a814bba22b8c6.tar.bz2
strongswan-7fd6c078b67ee4e5061379599b6a814bba22b8c6.tar.xz
1 files changed, 11 insertions, 3 deletions
diff --git a/src/libcharon/sa/tasks/ike_auth.c b/src/libcharon/sa/tasks/ike_auth.c
index 389465d1a..7552097f9 100644
--- a/src/libcharon/sa/tasks/ike_auth.c
+++ b/src/libcharon/sa/tasks/ike_auth.c
@@ -695,9 +695,17 @@ METHOD(task_t, build_r, status_t,
 		if (id->get_type(id) == ID_ANY)
 		{	/* no IDr received, apply configured ID */
 			if (!id_cfg || id_cfg->contains_wildcards(id_cfg))
-			{
-				DBG1(DBG_CFG, "IDr not configured and negotiation failed");
-				goto peer_auth_failed;
+			{	/* no ID configured, use local IP address */
+				host_t *me;
+
+				DBG1(DBG_CFG, "no IDr configured, fall back on IP address");
+				me = this->ike_sa->get_my_host(this->ike_sa);
+				id_cfg = identification_create_from_sockaddr(
+														me->get_sockaddr(me));
+				if (!cfg->replace_value(cfg, AUTH_RULE_IDENTITY, id_cfg))
+				{
+					cfg->add(cfg, AUTH_RULE_IDENTITY, id_cfg);
+				}
 			}
 			this->ike_sa->set_my_id(this->ike_sa, id_cfg->clone(id_cfg));
 			id = id_cfg;
author	Tobias Brunner <tobias@strongswan.org>	2012-04-16 11:55:07 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2012-04-16 14:09:51 +0200
commit	7fd6c078b67ee4e5061379599b6a814bba22b8c6 (patch)
tree	46653441661d7d4e0366e4ac0342f49d4ac82016 /src
parent	b241a374117f32be724d3f6ad13cf4b7d42445b4 (diff)
download	strongswan-7fd6c078b67ee4e5061379599b6a814bba22b8c6.tar.bz2 strongswan-7fd6c078b67ee4e5061379599b6a814bba22b8c6.tar.xz