4 files changed, 37 insertions, 15 deletions

diff --git a/src/charon/config/policies/local_policy_store.c b/src/charon/config/policies/local_policy_store.c
index 7d2fad110..7eef382f0 100644
--- a/src/charon/config/policies/local_policy_store.c
+++ b/src/charon/config/policies/local_policy_store.c
@@ -92,8 +92,7 @@ static bool contains_traffic_selectors(policy_t *policy, bool mine,
 static policy_t *get_policy(private_local_policy_store_t *this, 
 							identification_t *my_id, identification_t *other_id,
 						    linked_list_t *my_ts, linked_list_t *other_ts,
-						    host_t *my_host, host_t *other_host,
-							linked_list_t *requested_ca_keyids)
+						    host_t *my_host, host_t *other_host)
 {
 	typedef enum {
 		PRIO_UNDEFINED = 	0x00,
@@ -254,7 +253,7 @@ local_policy_store_t *local_policy_store_create(void)
 	
 	this->public.policy_store.add_policy = (void (*) (policy_store_t*,policy_t*))add_policy;
 	this->public.policy_store.get_policy = (policy_t* (*) (policy_store_t*,identification_t*,identification_t*,
-											linked_list_t*,linked_list_t*,host_t*,host_t*,linked_list_t*))get_policy;
+											linked_list_t*,linked_list_t*,host_t*,host_t*))get_policy;
 	this->public.policy_store.get_policy_by_name = (policy_t* (*) (policy_store_t*,char*))get_policy_by_name;
 	this->public.policy_store.delete_policy = (status_t (*) (policy_store_t*,char*))delete_policy;
 	this->public.policy_store.create_iterator = (iterator_t* (*) (policy_store_t*))create_iterator;
diff --git a/src/charon/config/policies/policy.c b/src/charon/config/policies/policy.c
index 34bd15131..e68a8ad2b 100644
--- a/src/charon/config/policies/policy.c
+++ b/src/charon/config/policies/policy.c
@@ -84,6 +84,11 @@ struct private_policy_t {
 	auth_method_t auth_method;
 	
 	/**
+	 * EAP type to use for peer authentication
+	 */
+	eap_type_t eap_type;
+	
+	/**
 	 * we have a cert issued by this CA
 	 */
 	identification_t *my_ca;
@@ -194,6 +199,14 @@ static auth_method_t get_auth_method(private_policy_t *this)
 }
 
 /**
+ * Implementation of connection_t.get_eap_type.
+ */
+static eap_type_t get_eap_type(private_policy_t *this)
+{
+	return this->eap_type;
+}
+
+/**
  * Get traffic selectors, with wildcard-address update
  */
 static linked_list_t *get_traffic_selectors(private_policy_t *this, linked_list_t *list, host_t *host)
@@ -492,7 +505,7 @@ static void destroy(private_policy_t *this)
  * Described in header-file
  */
 policy_t *policy_create(char *name, identification_t *my_id, identification_t *other_id,
-						auth_method_t auth_method,
+						auth_method_t auth_method, eap_type_t eap_type,
 						u_int32_t hard_lifetime, u_int32_t soft_lifetime, 
 						u_int32_t jitter, char *updown, bool hostaccess,
 						mode_t mode, dpd_action_t dpd_action)
@@ -506,6 +519,7 @@ policy_t *policy_create(char *name, identification_t *my_id, identification_t *o
 	this->public.get_my_ca = (identification_t* (*) (policy_t*))get_my_ca;
 	this->public.get_other_ca = (identification_t* (*) (policy_t*))get_other_ca;
 	this->public.get_auth_method = (auth_method_t (*) (policy_t*)) get_auth_method;
+	this->public.get_eap_type = (eap_type_t (*) (policy_t*)) get_eap_type;
 	this->public.get_my_traffic_selectors = (linked_list_t* (*) (policy_t*,host_t*))get_my_traffic_selectors;
 	this->public.get_other_traffic_selectors = (linked_list_t* (*) (policy_t*,host_t*))get_other_traffic_selectors;
 	this->public.select_my_traffic_selectors = (linked_list_t* (*) (policy_t*,linked_list_t*,host_t*))select_my_traffic_selectors;
@@ -530,6 +544,7 @@ policy_t *policy_create(char *name, identification_t *my_id, identification_t *o
 	this->my_id = my_id;
 	this->other_id = other_id;
 	this->auth_method = auth_method;
+	this->eap_type = eap_type;
 	this->hard_lifetime = hard_lifetime;
 	this->soft_lifetime = soft_lifetime;
 	this->jitter = jitter;
diff --git a/src/charon/config/policies/policy.h b/src/charon/config/policies/policy.h
index 123383ca6..a2d9ae8d0 100644
--- a/src/charon/config/policies/policy.h
+++ b/src/charon/config/policies/policy.h
@@ -32,6 +32,7 @@ typedef struct policy_t policy_t;
 #include <config/traffic_selector.h>
 #include <config/proposal.h>
 #include <sa/authenticators/authenticator.h>
+#include <sa/authenticators/eap/eap_method.h>
 
 
 /**
@@ -148,6 +149,14 @@ struct policy_t {
 	 * @return			authentication method
 	 */
 	auth_method_t (*get_auth_method) (policy_t *this);
+
+	/**
+	 * @brief Get the EAP type to use for peer authentication.
+	 * 
+	 * @param this		calling object
+	 * @return			authentication method
+	 */
+	eap_type_t (*get_eap_type) (policy_t *this);
 	
 	/**
 	 * @brief Get configured traffic selectors for our site.
@@ -358,6 +367,7 @@ struct policy_t {
  * @param my_id 			identification_t for ourselves
  * @param other_id 			identification_t for the remote guy
  * @param auth_method		Authentication method to use for our(!) auth data
+ * @param eap_type			EAP type to use for peer authentication
  * @param hard_lifetime		lifetime before deleting an SA
  * @param soft_lifetime		lifetime before rekeying an SA
  * @param jitter			range of randomization time
@@ -371,7 +381,7 @@ struct policy_t {
  */
 policy_t *policy_create(char *name, 
 						identification_t *my_id, identification_t *other_id,
-						auth_method_t auth_method,
+						auth_method_t auth_method, eap_type_t eap_type,
 						u_int32_t hard_lifetime, u_int32_t soft_lifetime,
 						u_int32_t jitter, char *updown, bool hostaccess,
 						mode_t mode, dpd_action_t dpd_action);
diff --git a/src/charon/config/policies/policy_store.h b/src/charon/config/policies/policy_store.h
index 6b470055e..cd8870953 100755
--- a/src/charon/config/policies/policy_store.h
+++ b/src/charon/config/policies/policy_store.h
@@ -49,14 +49,13 @@ struct policy_store_t {
 	 * other_id must be fully qualified. my_id may be %any, as the
 	 * other peer may not include an IDr Request.
 	 *
-	 * @param this					calling object
-	 * @param my_id					own ID of the policy
-	 * @param other_id				others ID of the policy
-	 * @param my_ts					traffic selectors requested for local host
-	 * @param other_ts				traffic selectors requested for remote host
-	 * @param my_host				host to use for wilcards in TS compare
-	 * @param other_host			host to use for wildcards in TS compare
-	 * @param requested_ca_keyids	list of requested CA keyids
+	 * @param this			calling object
+	 * @param my_id			own ID of the policy
+	 * @param other_id		others ID of the policy
+	 * @param my_ts			traffic selectors requested for local host
+	 * @param other_ts		traffic selectors requested for remote host
+	 * @param my_host		host to use for wilcards in TS compare
+	 * @param other_host	host to use for wildcards in TS compare
 	 * @return
 	 *						- matching policy_t, if found
 	 *						- NULL otherwise
@@ -64,8 +63,7 @@ struct policy_store_t {
 	policy_t *(*get_policy) (policy_store_t *this, 
 							 identification_t *my_id, identification_t *other_id,
 							 linked_list_t *my_ts, linked_list_t *other_ts,
-							 host_t *my_host, host_t* other_host,
-							 linked_list_t *requested_ca_keyids);
+							 host_t *my_host, host_t* other_host);
 
 	/**
 	 * @brief Returns a policy identified by a connection name.