]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9df5645)
Call ike_isa_auth_psk in listener authorize hook
authorReto Buerki <reet@codelabs.ch>
Thu, 6 Sep 2012 16:17:26 +0000 (18:17 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 19 Mar 2013 14:23:47 +0000 (15:23 +0100)
This exchange initiates the AUTH verification in the TKM.

src/charon-tkm/src/tkm/tkm_listener.c patch | blob | blame | history

diff --git a/src/charon-tkm/src/tkm/tkm_listener.c b/src/charon-tkm/src/tkm/tkm_listener.c
index 536ba78b2bd7c8bc2f9735007043954741e7c0c7..557b276b8bcf734ce61c88df6772258bfea13e99 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_listener.c
+++ b/src/charon-tkm/src/tkm/tkm_listener.c
@@ -18,9 +18,12 @@
 #include <encoding/payloads/auth_payload.h>
 #include <utils/chunk.h>
 #include <tkm/types.h>
+#include <tkm/constants.h>
+#include <tkm/client.h>
 
 #include "tkm_listener.h"
 #include "tkm_keymat.h"
+#include "tkm_utils.h"
 
 typedef struct private_tkm_listener_t private_tkm_listener_t;
 
@@ -56,9 +59,21 @@ METHOD(listener_t, authorize, bool,
                *success = FALSE;
        }
 
-       DBG1(DBG_IKE, "TKM based authentication successful"
-                  " for ISA context %llu", isa_id);
-       *success = TRUE;
+       signature_type signature;
+       chunk_to_sequence(auth, &signature);
+       if (ike_isa_auth_psk(isa_id, signature) != TKM_OK)
+       {
+               DBG1(DBG_IKE, "TKM based authentication failed"
+                        " for ISA context %llu", isa_id);
+               *success = FALSE;
+       }
+       else
+       {
+               DBG1(DBG_IKE, "TKM based authentication successful"
+                        " for ISA context %llu", isa_id);
+               *success = TRUE;
+       }
+
        return TRUE;
 }
 
Unnamed repository; edit this file 'description' to name the repository.