From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Mon, 11 Jan 2010 10:17:40 +0000 (+0100)
Subject: log EAP-only authentication proposal
X-Git-Tag: 4.3.6~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b9790320885b7f48e20cdf2384cf7e989a78ca70;p=thirdparty%2Fstrongswan.git

log EAP-only authentication proposal
---

diff --git a/src/charon/sa/tasks/ike_auth.c b/src/charon/sa/tasks/ike_auth.c
index fb79cb20fc..f37ce7b34c 100644
--- a/src/charon/sa/tasks/ike_auth.c
+++ b/src/charon/sa/tasks/ike_auth.c
@@ -879,12 +879,14 @@ static status_t process_i(private_ike_auth_t *this, message_t *message)
 				}
 			}
 			else
-			{	/* responder omited AUTH payload, indicating EAP-only */
-				if (!this->my_auth ||
-					!this->my_auth->is_mutual(this->my_auth))
+			{	/* responder omitted AUTH payload, indicating EAP-only */
+				if (!this->my_auth || !this->my_auth->is_mutual(this->my_auth))
 				{
+					DBG1(DBG_IKE, "do not allow non-mutual or weak "
+								  "EAP-only authentication");
 					return FAILED;
 				}
+				DBG1(DBG_IKE, "allow mutual EAP-only authentication");
 			}
 		}
 		if (this->other_auth)