Exchange certificates when using IKEv1 ECDSA authentication

diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c b/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c
index b88b9e31a8f46fe2db7c7ec8e15f65f529221eee..b5ef4cda1af60b681e5459738101358f16ff92ff 100644 (file)
--- a/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c
@@ -75,6 +75,9 @@ static bool use_certs(private_isakmp_cert_post_t *this, message_t *message)
                        switch (sa_payload->get_auth_method(sa_payload))
                        {
                                case AUTH_RSA:
+                               case AUTH_ECDSA_256:
+                               case AUTH_ECDSA_384:
+                               case AUTH_ECDSA_521:
                                case AUTH_XAUTH_INIT_RSA:
                                case AUTH_XAUTH_RESP_RSA:
                                case AUTH_HYBRID_INIT_RSA:

diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c b/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c
index 8d0405730603e6210a435d85af284cac6d9840f2..8ba5a2aa7db3269a5b436956fafcab6157a77508 100644 (file)
--- a/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c
@@ -317,6 +317,9 @@ static bool use_certs(private_isakmp_cert_pre_t *this, message_t *message)
                                        }
                                        /* FALL */
                                case AUTH_RSA:
+                               case AUTH_ECDSA_256:
+                               case AUTH_ECDSA_384:
+                               case AUTH_ECDSA_521:
                                case AUTH_XAUTH_INIT_RSA:
                                case AUTH_XAUTH_RESP_RSA:
                                        use = TRUE;