android: Don't enforce the server address as AAA identity for EAP-PEAP/TTLS

This is similar to EAP-TLS.  We could probably make this configurable
later.

diff --git a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c
index a1a51b7b52c5d8daff0728f5c8449aefa57664a7..a6b45059eb220c826a566dc2e4bff9d5a669a20c 100644 (file)
--- a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c
+++ b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c
@@ -640,6 +640,9 @@ static void add_auth_cfg_pw(private_android_service_t *this,
        {       /* use EAP-TTLS if BYOD is enabled */
                auth->add(auth, AUTH_RULE_EAP_TYPE, EAP_TTLS);
        }
+       /* in case EAP-PEAP or EAP-TTLS is used we currently accept any identity */
+       auth->add(auth, AUTH_RULE_AAA_IDENTITY,
+                         identification_create_from_string("%any"));
 
        username = this->settings->get_str(this->settings, "connection.username",
                                                                           NULL);