Add basic support for XAuth responder authentication

author: Martin Willi <martin@revosec.ch> 2012-06-14 16:13:10 +0200
committer: Martin Willi <martin@revosec.ch> 2012-06-27 11:42:56 +0200
commit: c2a391746c5464182ee8695c8f7c8101d5a70d29 (patch)
tree: 54fbc42cb576a6695ec3896b2d0e4096e4866502 /src
parent: a9aa75b90e638b49825cb612dc21f5d4600c4141 (diff)
download: strongswan-c2a391746c5464182ee8695c8f7c8101d5a70d29.tar.bz2
strongswan-c2a391746c5464182ee8695c8f7c8101d5a70d29.tar.xz
2 files changed, 10 insertions, 8 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
index 1b6ccc558..d6ed9aa84 100644
--- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
@@ -303,8 +303,9 @@ METHOD(task_t, build_i, status_t,
 				case AUTH_XAUTH_RESP_PSK:
 				case AUTH_XAUTH_RESP_RSA:
 				case AUTH_HYBRID_RESP_RSA:
-					/* TODO-IKEv1: not yet */
-					return FAILED;
+					this->ike_sa->queue_task(this->ike_sa,
+									(task_t*)xauth_create(this->ike_sa, TRUE));
+					return SUCCESS;
 				default:
 					if (charon->ike_sa_manager->check_uniqueness(
 								charon->ike_sa_manager, this->ike_sa, FALSE))
@@ -476,8 +477,8 @@ METHOD(task_t, process_r, status_t,
 				case AUTH_XAUTH_RESP_PSK:
 				case AUTH_XAUTH_RESP_RSA:
 				case AUTH_HYBRID_RESP_RSA:
-					/* TODO-IKEv1: not yet supported */
-					return FAILED;
+					/* wait for XAUTH request */
+					return SUCCESS;
 				default:
 					if (charon->ike_sa_manager->check_uniqueness(
 								charon->ike_sa_manager, this->ike_sa, FALSE))
diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c
index 11bdc1d2a..a65b3a68b 100644
--- a/src/libcharon/sa/ikev1/tasks/main_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
@@ -505,8 +505,8 @@ METHOD(task_t, build_r, status_t,
 				case AUTH_XAUTH_RESP_PSK:
 				case AUTH_XAUTH_RESP_RSA:
 				case AUTH_HYBRID_RESP_RSA:
-					/* TODO-IKEv1: not yet supported */
-					return FAILED;
+					/* wait for XAUTH request */
+					return SUCCESS;
 				default:
 					if (charon->ike_sa_manager->check_uniqueness(
 								charon->ike_sa_manager, this->ike_sa, FALSE))
@@ -634,8 +634,9 @@ METHOD(task_t, process_i, status_t,
 				case AUTH_XAUTH_RESP_PSK:
 				case AUTH_XAUTH_RESP_RSA:
 				case AUTH_HYBRID_RESP_RSA:
-					/* TODO-IKEv1: not yet */
-					return FAILED;
+					this->ike_sa->queue_task(this->ike_sa,
+									(task_t*)xauth_create(this->ike_sa, TRUE));
+					return SUCCESS;
 				default:
 					if (charon->ike_sa_manager->check_uniqueness(
 								charon->ike_sa_manager, this->ike_sa, FALSE))
author	Martin Willi <martin@revosec.ch>	2012-06-14 16:13:10 +0200
committer	Martin Willi <martin@revosec.ch>	2012-06-27 11:42:56 +0200
commit	c2a391746c5464182ee8695c8f7c8101d5a70d29 (patch)
tree	54fbc42cb576a6695ec3896b2d0e4096e4866502 /src
parent	a9aa75b90e638b49825cb612dc21f5d4600c4141 (diff)
download	strongswan-c2a391746c5464182ee8695c8f7c8101d5a70d29.tar.bz2 strongswan-c2a391746c5464182ee8695c8f7c8101d5a70d29.tar.xz