diff options
5 files changed, 15 insertions, 2 deletions
diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index 6c2bc4a27..373aba22c 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -104,7 +104,16 @@ static identification_t* get_issuer(private_pgp_cert_t *this) static id_match_t has_subject(private_pgp_cert_t *this, identification_t *subject) { - return this->user_id->matches(this->user_id, subject); + id_match_t match_user_id; + + match_user_id = this->user_id->matches(this->user_id, subject); + if (match_user_id == ID_MATCH_NONE && + subject->get_type(subject) == ID_KEY_ID && + chunk_equals(this->fingerprint, subject->get_encoding(subject))) + { + return ID_MATCH_PERFECT; + } + return match_user_id; } /** @@ -369,7 +378,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) /* we parse only V3 signature packets */ if (version != 3) { - DBG1(" skipped V%d PGP signature", version); + DBG2(" skipped V%d PGP signature", version); return TRUE; } if (!pgp_read_scalar(&packet, 1, &len) || len != 5) diff --git a/testing/tests/ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf index 97fa1c37c..405cd06bf 100755 --- a/testing/tests/ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf +++ b/testing/tests/ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf @@ -14,6 +14,7 @@ conn net-net left=PH_IP_MOON leftsubnet=10.1.0.0/16 leftcert=moonCert.asc + leftid=@#71270432cd763a18020ac988c0e75aed leftfirewall=yes right=PH_IP_SUN rightsubnet=10.2.0.0/16 diff --git a/testing/tests/ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf index d18270ec7..4460106de 100755 --- a/testing/tests/ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf +++ b/testing/tests/ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf @@ -18,4 +18,5 @@ conn net-net right=PH_IP_MOON rightsubnet=10.1.0.0/16 rightcert=moonCert.asc + rightid=@#71270432cd763a18020ac988c0e75aed auto=add diff --git a/testing/tests/ikev2/net2net-pgp-v4/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-pgp-v4/hosts/moon/etc/ipsec.conf index 97fa1c37c..d059cb1da 100755 --- a/testing/tests/ikev2/net2net-pgp-v4/hosts/moon/etc/ipsec.conf +++ b/testing/tests/ikev2/net2net-pgp-v4/hosts/moon/etc/ipsec.conf @@ -18,4 +18,5 @@ conn net-net right=PH_IP_SUN rightsubnet=10.2.0.0/16 rightcert=sunCert.asc + rightid=@#b42f31fec80ae3264a101c85977a04ac8d1638d3 auto=add diff --git a/testing/tests/ikev2/net2net-pgp-v4/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-pgp-v4/hosts/sun/etc/ipsec.conf index d18270ec7..198f2a8a8 100755 --- a/testing/tests/ikev2/net2net-pgp-v4/hosts/sun/etc/ipsec.conf +++ b/testing/tests/ikev2/net2net-pgp-v4/hosts/sun/etc/ipsec.conf @@ -14,6 +14,7 @@ conn net-net left=PH_IP_SUN leftsubnet=10.2.0.0/16 leftcert=sunCert.asc + leftid=@#b42f31fec80ae3264a101c85977a04ac8d1638d3 leftfirewall=yes right=PH_IP_MOON rightsubnet=10.1.0.0/16 |