diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon/config/peer_cfg.h | 6 | ||||
| -rw-r--r-- | src/charon/sa/authenticators/pubkey_authenticator.c | 14 | ||||
| -rw-r--r-- | src/starter/starterstroke.c | 8 |
3 files changed, 12 insertions, 16 deletions
diff --git a/src/charon/config/peer_cfg.h b/src/charon/config/peer_cfg.h index d682534ba..7b9b01a63 100644 --- a/src/charon/config/peer_cfg.h +++ b/src/charon/config/peer_cfg.h @@ -86,11 +86,11 @@ extern enum_name_t *unique_policy_names; */ enum config_auth_method_t { /** authentication using public keys (RSA, ECDSA) */ - CONF_AUTH_PUBKEY = 0, + CONF_AUTH_PUBKEY = 1, /** authentication using a pre-shared secret */ - CONF_AUTH_PSK, + CONF_AUTH_PSK = 2, /** authentication using EAP */ - CONF_AUTH_EAP, + CONF_AUTH_EAP = 3, }; /** diff --git a/src/charon/sa/authenticators/pubkey_authenticator.c b/src/charon/sa/authenticators/pubkey_authenticator.c index 15a79e201..46e0be4c0 100644 --- a/src/charon/sa/authenticators/pubkey_authenticator.c +++ b/src/charon/sa/authenticators/pubkey_authenticator.c @@ -132,8 +132,6 @@ static status_t build(private_pubkey_authenticator_t *this, chunk_t ike_sa_init, signature_scheme_t scheme; my_id = this->ike_sa->get_my_id(this->ike_sa); - DBG1(DBG_IKE, "authentication of '%D' (myself) with public key", my_id); - auth = this->ike_sa->get_my_auth(this->ike_sa); private = charon->credentials->get_private(charon->credentials, KEY_ANY, my_id, auth); @@ -168,7 +166,8 @@ static status_t build(private_pubkey_authenticator_t *this, chunk_t ike_sa_init, auth_method = AUTH_ECDSA_521; break; default: - DBG1(DBG_IKE, "ECDSA not supported by private key"); + DBG1(DBG_IKE, "%d bit ECDSA private key size not supported", + private->get_keysize(private)); return status; } break; @@ -177,7 +176,6 @@ static status_t build(private_pubkey_authenticator_t *this, chunk_t ike_sa_init, key_type_names, private->get_type(private)); return status; } - prf = this->ike_sa->get_prf(this->ike_sa); prf->set_key(prf, this->ike_sa->get_skp_build(this->ike_sa)); octets = build_tbs_octets(ike_sa_init, other_nonce, my_id, prf); @@ -190,12 +188,10 @@ static status_t build(private_pubkey_authenticator_t *this, chunk_t ike_sa_init, *auth_payload = payload; chunk_free(&auth_data); status = SUCCESS; - DBG2(DBG_IKE, "successfully built %N with private key", auth_method_names, auth_method); - } - else - { - DBG1(DBG_IKE, "building signature failed"); } + DBG1(DBG_IKE, "authentication of '%D' (myself) with %N %s", my_id, + auth_method_names, auth_method, + (status == SUCCESS)? "successful":"failed"); chunk_free(&octets); private->destroy(private); diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 0183c26c7..b7d0d32b0 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -38,12 +38,12 @@ #include "files.h" /** - * Authentication mehtods, must be the same as in charon + * Authentication methods, must be the same as in charon/config/peer_cfg.h */ enum auth_method_t { - AUTH_PUBKEY = 0, - AUTH_PSK, - AUTH_EAP, + AUTH_PUBKEY = 1, + AUTH_PSK = 2, + AUTH_EAP = 3 }; static char* push_string(stroke_msg_t *msg, char *string) |