diff options
| author | Martin Willi <martin@revosec.ch> | 2012-07-26 12:38:34 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-07-26 12:38:34 +0200 |
| commit | 874f7c7e2c4dc0ad2474675f3a79d51d61fe6d8c (patch) | |
| tree | 5c6d3a34b9313f624b1b19284fb91e092cd79562 /src | |
| parent | 9191946a63dac2ff4ee3ce2ec732cbf699193d3d (diff) | |
| download | strongswan-874f7c7e2c4dc0ad2474675f3a79d51d61fe6d8c.tar.bz2 strongswan-874f7c7e2c4dc0ad2474675f3a79d51d61fe6d8c.tar.xz | |
Don't add ANY identity constraint to auth config, as XAuth rounds don't use one
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_config.c | 9 | ||||
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_list.c | 9 |
2 files changed, 15 insertions, 3 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index 8657c3b26..c884da05d 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -458,7 +458,14 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this, } } } - cfg->add(cfg, AUTH_RULE_IDENTITY, identity); + if (identity->get_type(identity) != ID_ANY) + { + cfg->add(cfg, AUTH_RULE_IDENTITY, identity); + } + else + { + identity->destroy(identity); + } /* add raw RSA public key */ pubkey = end->rsakey; diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c index 89bd1a79e..1381e5842 100644 --- a/src/libcharon/plugins/stroke/stroke_list.c +++ b/src/libcharon/plugins/stroke/stroke_list.c @@ -338,8 +338,13 @@ static void log_auth_cfgs(FILE *out, peer_cfg_t *peer_cfg, bool local) enumerator = peer_cfg->create_auth_cfg_enumerator(peer_cfg, local); while (enumerator->enumerate(enumerator, &auth)) { - fprintf(out, "%12s: %s [%Y] uses ", name, local ? "local: " : "remote:", - auth->get(auth, AUTH_RULE_IDENTITY)); + fprintf(out, "%12s: %s", name, local ? "local: " : "remote:"); + id = auth->get(auth, AUTH_RULE_IDENTITY); + if (id) + { + fprintf(out, " [%Y]", id); + } + fprintf(out, " uses "); auth_class = (uintptr_t)auth->get(auth, AUTH_RULE_AUTH_CLASS); if (auth_class == AUTH_CLASS_EAP) |