diff options
author | Tobias Brunner <tobias@strongswan.org> | 2016-02-01 18:15:57 +0100 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2016-03-04 16:19:53 +0100 |
commit | e37e6d6dcaee842b6d8a5be2d271f560f86fabcc (patch) | |
tree | 4ba98a30f5f7e98ca044cdb1f92b6c0d7fdaa8a0 /src | |
parent | c8a0781334a1ebb43b31c613a0538d3ea364bf4c (diff) | |
download | strongswan-e37e6d6dcaee842b6d8a5be2d271f560f86fabcc.tar.bz2 strongswan-e37e6d6dcaee842b6d8a5be2d271f560f86fabcc.tar.xz |
ikev2: Always store signature scheme in auth-cfg
As we use a different rule we can always store the scheme.
Diffstat (limited to 'src')
-rw-r--r-- | src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c | 13 |
1 files changed, 1 insertions, 12 deletions
diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c index 64cd775ad..110c50973 100644 --- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c +++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c @@ -55,11 +55,6 @@ struct private_pubkey_authenticator_t { * Reserved bytes of ID payload */ char reserved[3]; - - /** - * Whether to store signature schemes on remote auth configs. - */ - bool store_signature_scheme; }; /** @@ -425,11 +420,7 @@ METHOD(authenticator_t, process, status_t, status = SUCCESS; auth->merge(auth, current_auth, FALSE); auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY); - if (this->store_signature_scheme) - { - auth->add(auth, AUTH_RULE_IKE_SIGNATURE_SCHEME, - (uintptr_t)scheme); - } + auth->add(auth, AUTH_RULE_IKE_SIGNATURE_SCHEME, (uintptr_t)scheme); break; } else @@ -502,8 +493,6 @@ pubkey_authenticator_t *pubkey_authenticator_create_verifier(ike_sa_t *ike_sa, .ike_sa = ike_sa, .ike_sa_init = received_init, .nonce = sent_nonce, - .store_signature_scheme = lib->settings->get_bool(lib->settings, - "%s.signature_authentication_constraints", TRUE, lib->ns), ); memcpy(this->reserved, reserved, sizeof(this->reserved)); |