From e6fcc172f889681ddcefff50a186135b3cfb8b6b Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 18 Sep 2012 14:39:45 +0200
Subject: Use AUTH_RULE_IDENTITY_LOOSE in NetworkManager backend

---
 src/charon-nm/nm/nm_service.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/charon-nm/nm')

diff --git a/src/charon-nm/nm/nm_service.c b/src/charon-nm/nm/nm_service.c
index 461837c0c..fd96f436b 100644
--- a/src/charon-nm/nm/nm_service.c
+++ b/src/charon-nm/nm/nm_service.c
@@ -277,7 +277,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
 	auth_class_t auth_class = AUTH_CLASS_EAP;
 	certificate_t *cert = NULL;
 	x509_t *x509;
-	bool agent = FALSE, smartcard = FALSE;
+	bool agent = FALSE, smartcard = FALSE, loose_gateway_id = FALSE;
 	lifetime_cfg_t lifetime = {
 		.time = {
 			.life = 10800 /* 3h */,
@@ -380,6 +380,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
 		 * included in the gateway certificate. */
 		gateway = identification_create_from_string((char*)address);
 		DBG1(DBG_CFG, "using CA certificate, gateway identity '%Y'", gateway);
+		loose_gateway_id = TRUE;
 	}
 
 	if (auth_class == AUTH_CLASS_EAP)
@@ -519,6 +520,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
 	auth = auth_cfg_create();
 	auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
 	auth->add(auth, AUTH_RULE_IDENTITY, gateway);
+	auth->add(auth, AUTH_RULE_IDENTITY_LOOSE, loose_gateway_id);
 	peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
 
 	child_cfg = child_cfg_create(priv->name, &lifetime,
-- 
cgit v1.2.3