aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/plugins')
-rw-r--r--src/charon/plugins/medcli/medcli_config.c4
-rw-r--r--src/charon/plugins/medsrv/medsrv_config.c2
-rw-r--r--src/charon/plugins/stroke/stroke_cred.c15
3 files changed, 7 insertions, 14 deletions
diff --git a/src/charon/plugins/medcli/medcli_config.c b/src/charon/plugins/medcli/medcli_config.c
index 8a56bfefe..1bf02e43e 100644
--- a/src/charon/plugins/medcli/medcli_config.c
+++ b/src/charon/plugins/medcli/medcli_config.c
@@ -120,7 +120,7 @@ static peer_cfg_t *get_peer_cfg_by_name(private_medcli_config_t *this, char *nam
"mediation", 2, ike_cfg,
identification_create_from_encoding(ID_KEY_ID, me),
identification_create_from_encoding(ID_KEY_ID, other),
- CERT_NEVER_SEND, UNIQUE_REPLACE, AUTH_RSA,
+ CERT_NEVER_SEND, UNIQUE_REPLACE, CONF_AUTH_PUBKEY,
0, 0, /* EAP method, vendor */
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
@@ -149,7 +149,7 @@ static peer_cfg_t *get_peer_cfg_by_name(private_medcli_config_t *this, char *nam
name, 2, this->ike->get_ref(this->ike),
identification_create_from_encoding(ID_KEY_ID, me),
identification_create_from_encoding(ID_KEY_ID, other),
- CERT_NEVER_SEND, UNIQUE_REPLACE, AUTH_RSA,
+ CERT_NEVER_SEND, UNIQUE_REPLACE, CONF_AUTH_PUBKEY,
0, 0, /* EAP method, vendor */
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
diff --git a/src/charon/plugins/medsrv/medsrv_config.c b/src/charon/plugins/medsrv/medsrv_config.c
index 04cb56930..ff11939d1 100644
--- a/src/charon/plugins/medsrv/medsrv_config.c
+++ b/src/charon/plugins/medsrv/medsrv_config.c
@@ -99,7 +99,7 @@ static enumerator_t* create_peer_cfg_enumerator(private_medsrv_config_t *this,
peer_cfg = peer_cfg_create(
name, 2, this->ike->get_ref(this->ike),
me->clone(me), other->clone(other),
- CERT_NEVER_SEND, UNIQUE_REPLACE, AUTH_RSA,
+ CERT_NEVER_SEND, UNIQUE_REPLACE, CONF_AUTH_RSA,
0, 0, /* EAP method, vendor */
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
diff --git a/src/charon/plugins/stroke/stroke_cred.c b/src/charon/plugins/stroke/stroke_cred.c
index 819b3f024..368aea1cc 100644
--- a/src/charon/plugins/stroke/stroke_cred.c
+++ b/src/charon/plugins/stroke/stroke_cred.c
@@ -135,10 +135,6 @@ static enumerator_t* create_private_enumerator(private_stroke_cred_t *this,
{
id_data_t *data;
- if (type != KEY_RSA && type != KEY_ANY)
- { /* we only have RSA keys */
- return NULL;
- }
data = malloc_thing(id_data_t);
data->this = this;
data->id = id;
@@ -253,10 +249,6 @@ static enumerator_t* create_cert_enumerator(private_stroke_cred_t *this,
{ /* we only have X509 certificates. TODO: ACs? */
return NULL;
}
- if (key != KEY_RSA && key != KEY_ANY)
- { /* we only have RSA keys */
- return NULL;
- }
data = malloc_thing(id_data_t);
data->this = this;
data->id = id;
@@ -741,7 +733,7 @@ static void load_secrets(private_stroke_cred_t *this)
DBG1(DBG_CFG, "line %d: missing token", line_nr);
goto error;
}
- if (match("RSA", &token))
+ if (match("RSA", &token) || match("EC", &token))
{
char path[PATH_MAX];
chunk_t filename;
@@ -749,6 +741,7 @@ static void load_secrets(private_stroke_cred_t *this)
private_key_t *key;
bool pgp = FALSE;
chunk_t chunk = chunk_empty;
+ key_type_t key_type = match("RSA", &token) ? KEY_RSA : KEY_ECDSA;
err_t ugh = extract_value(&filename, &line);
@@ -787,7 +780,7 @@ static void load_secrets(private_stroke_cred_t *this)
if (pem_asn1_load_file(path, &secret, &chunk, &pgp))
{
- key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
+ key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, key_type,
BUILD_BLOB_ASN1_DER, chunk, BUILD_END);
if (key)
{
@@ -861,7 +854,7 @@ static void load_secrets(private_stroke_cred_t *this)
else
{
DBG1(DBG_CFG, "line %d: token must be either "
- "RSA, PSK, EAP, or PIN", line_nr);
+ "RSA, EC, PSK, EAP, or PIN", line_nr);
goto error;
}
}