diff options
Diffstat (limited to 'src/charon/plugins')
-rw-r--r-- | src/charon/plugins/medcli/medcli_config.c | 4 | ||||
-rw-r--r-- | src/charon/plugins/medsrv/medsrv_config.c | 2 | ||||
-rw-r--r-- | src/charon/plugins/stroke/stroke_cred.c | 15 |
3 files changed, 7 insertions, 14 deletions
diff --git a/src/charon/plugins/medcli/medcli_config.c b/src/charon/plugins/medcli/medcli_config.c index 8a56bfefe..1bf02e43e 100644 --- a/src/charon/plugins/medcli/medcli_config.c +++ b/src/charon/plugins/medcli/medcli_config.c @@ -120,7 +120,7 @@ static peer_cfg_t *get_peer_cfg_by_name(private_medcli_config_t *this, char *nam "mediation", 2, ike_cfg, identification_create_from_encoding(ID_KEY_ID, me), identification_create_from_encoding(ID_KEY_ID, other), - CERT_NEVER_SEND, UNIQUE_REPLACE, AUTH_RSA, + CERT_NEVER_SEND, UNIQUE_REPLACE, CONF_AUTH_PUBKEY, 0, 0, /* EAP method, vendor */ 1, this->rekey*60, 0, /* keytries, rekey, reauth */ this->rekey*5, this->rekey*3, /* jitter, overtime */ @@ -149,7 +149,7 @@ static peer_cfg_t *get_peer_cfg_by_name(private_medcli_config_t *this, char *nam name, 2, this->ike->get_ref(this->ike), identification_create_from_encoding(ID_KEY_ID, me), identification_create_from_encoding(ID_KEY_ID, other), - CERT_NEVER_SEND, UNIQUE_REPLACE, AUTH_RSA, + CERT_NEVER_SEND, UNIQUE_REPLACE, CONF_AUTH_PUBKEY, 0, 0, /* EAP method, vendor */ 1, this->rekey*60, 0, /* keytries, rekey, reauth */ this->rekey*5, this->rekey*3, /* jitter, overtime */ diff --git a/src/charon/plugins/medsrv/medsrv_config.c b/src/charon/plugins/medsrv/medsrv_config.c index 04cb56930..ff11939d1 100644 --- a/src/charon/plugins/medsrv/medsrv_config.c +++ b/src/charon/plugins/medsrv/medsrv_config.c @@ -99,7 +99,7 @@ static enumerator_t* create_peer_cfg_enumerator(private_medsrv_config_t *this, peer_cfg = peer_cfg_create( name, 2, this->ike->get_ref(this->ike), me->clone(me), other->clone(other), - CERT_NEVER_SEND, UNIQUE_REPLACE, AUTH_RSA, + CERT_NEVER_SEND, UNIQUE_REPLACE, CONF_AUTH_RSA, 0, 0, /* EAP method, vendor */ 1, this->rekey*60, 0, /* keytries, rekey, reauth */ this->rekey*5, this->rekey*3, /* jitter, overtime */ diff --git a/src/charon/plugins/stroke/stroke_cred.c b/src/charon/plugins/stroke/stroke_cred.c index 819b3f024..368aea1cc 100644 --- a/src/charon/plugins/stroke/stroke_cred.c +++ b/src/charon/plugins/stroke/stroke_cred.c @@ -135,10 +135,6 @@ static enumerator_t* create_private_enumerator(private_stroke_cred_t *this, { id_data_t *data; - if (type != KEY_RSA && type != KEY_ANY) - { /* we only have RSA keys */ - return NULL; - } data = malloc_thing(id_data_t); data->this = this; data->id = id; @@ -253,10 +249,6 @@ static enumerator_t* create_cert_enumerator(private_stroke_cred_t *this, { /* we only have X509 certificates. TODO: ACs? */ return NULL; } - if (key != KEY_RSA && key != KEY_ANY) - { /* we only have RSA keys */ - return NULL; - } data = malloc_thing(id_data_t); data->this = this; data->id = id; @@ -741,7 +733,7 @@ static void load_secrets(private_stroke_cred_t *this) DBG1(DBG_CFG, "line %d: missing token", line_nr); goto error; } - if (match("RSA", &token)) + if (match("RSA", &token) || match("EC", &token)) { char path[PATH_MAX]; chunk_t filename; @@ -749,6 +741,7 @@ static void load_secrets(private_stroke_cred_t *this) private_key_t *key; bool pgp = FALSE; chunk_t chunk = chunk_empty; + key_type_t key_type = match("RSA", &token) ? KEY_RSA : KEY_ECDSA; err_t ugh = extract_value(&filename, &line); @@ -787,7 +780,7 @@ static void load_secrets(private_stroke_cred_t *this) if (pem_asn1_load_file(path, &secret, &chunk, &pgp)) { - key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, key_type, BUILD_BLOB_ASN1_DER, chunk, BUILD_END); if (key) { @@ -861,7 +854,7 @@ static void load_secrets(private_stroke_cred_t *this) else { DBG1(DBG_CFG, "line %d: token must be either " - "RSA, PSK, EAP, or PIN", line_nr); + "RSA, EC, PSK, EAP, or PIN", line_nr); goto error; } } |