From: Martin Willi <martin@strongswan.org>
Date: Wed, 4 Nov 2015 16:04:11 +0000 (+0100)
Subject: vici: Use an empty local auth round if none given
X-Git-Tag: 5.4.0dr1~19^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1db918c4f89fa97ecf04ec29b07960e7cf91fa5c;p=thirdparty%2Fstrongswan.git

vici: Use an empty local auth round if none given

While it hardly makes sense to use none for negotiated SAs, it actually does
when installing shunt policies.
---

diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index 2a652e0142..7f7ce61a15 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -1886,9 +1886,8 @@ CALLBACK(config_sn, bool,
 
 	if (peer.local->get_count(peer.local) == 0)
 	{
-		free_peer_data(&peer);
-		peer.request->reply = create_reply("missing local auth config");
-		return FALSE;
+		auth_cfg = auth_cfg_create();
+		peer.local->insert_last(peer.local, auth_cfg);
 	}
 	if (peer.remote->get_count(peer.remote) == 0)
 	{