From: Martin Willi Date: Thu, 14 Jun 2012 14:13:10 +0000 (+0200) Subject: Add basic support for XAuth responder authentication X-Git-Tag: 5.0.0~24 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c2a391746c5464182ee8695c8f7c8101d5a70d29;p=thirdparty%2Fstrongswan.git Add basic support for XAuth responder authentication --- diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c index 1b6ccc5581..d6ed9aa845 100644 --- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c +++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c @@ -303,8 +303,9 @@ METHOD(task_t, build_i, status_t, case AUTH_XAUTH_RESP_PSK: case AUTH_XAUTH_RESP_RSA: case AUTH_HYBRID_RESP_RSA: - /* TODO-IKEv1: not yet */ - return FAILED; + this->ike_sa->queue_task(this->ike_sa, + (task_t*)xauth_create(this->ike_sa, TRUE)); + return SUCCESS; default: if (charon->ike_sa_manager->check_uniqueness( charon->ike_sa_manager, this->ike_sa, FALSE)) @@ -476,8 +477,8 @@ METHOD(task_t, process_r, status_t, case AUTH_XAUTH_RESP_PSK: case AUTH_XAUTH_RESP_RSA: case AUTH_HYBRID_RESP_RSA: - /* TODO-IKEv1: not yet supported */ - return FAILED; + /* wait for XAUTH request */ + return SUCCESS; default: if (charon->ike_sa_manager->check_uniqueness( charon->ike_sa_manager, this->ike_sa, FALSE)) diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c index 11bdc1d2af..a65b3a68b7 100644 --- a/src/libcharon/sa/ikev1/tasks/main_mode.c +++ b/src/libcharon/sa/ikev1/tasks/main_mode.c @@ -505,8 +505,8 @@ METHOD(task_t, build_r, status_t, case AUTH_XAUTH_RESP_PSK: case AUTH_XAUTH_RESP_RSA: case AUTH_HYBRID_RESP_RSA: - /* TODO-IKEv1: not yet supported */ - return FAILED; + /* wait for XAUTH request */ + return SUCCESS; default: if (charon->ike_sa_manager->check_uniqueness( charon->ike_sa_manager, this->ike_sa, FALSE)) @@ -634,8 +634,9 @@ METHOD(task_t, process_i, status_t, case AUTH_XAUTH_RESP_PSK: case AUTH_XAUTH_RESP_RSA: case AUTH_HYBRID_RESP_RSA: - /* TODO-IKEv1: not yet */ - return FAILED; + this->ike_sa->queue_task(this->ike_sa, + (task_t*)xauth_create(this->ike_sa, TRUE)); + return SUCCESS; default: if (charon->ike_sa_manager->check_uniqueness( charon->ike_sa_manager, this->ike_sa, FALSE))