Added auth_cfg option to select XAUTH backend to use

author Martin Willi <martin@revosec.ch>

Thu, 8 Dec 2011 15:53:27 +0000 (16:53 +0100)

committer Martin Willi <martin@revosec.ch>

Tue, 20 Mar 2012 16:31:15 +0000 (17:31 +0100)
author Martin Willi <martin@revosec.ch>
Thu, 8 Dec 2011 15:53:27 +0000 (16:53 +0100)
committer Martin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:15 +0000 (17:31 +0100)
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c

index 4b5dbbcf71bb7e7527032e8e69c2f71081bd7fcb..c9a8be61eb7a112e7f96fe38f1cdff23a84a793d 100644 (file)
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -37,6 +37,7 @@ ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_REVOCATION_CERT,
         "RULE_EAP_IDENTITY",
         "RULE_EAP_TYPE",
         "RULE_EAP_VENDOR",
+       "RULE_XAUTH_BACKEND",
         "RULE_CA_CERT",
         "RULE_IM_CERT",
         "RULE_SUBJECT_CERT",
@@ -159,6 +160,7 @@ static void destroy_entry_value(entry_t *entry)
                         break;
                 }
                 case AUTH_RULE_CERT_POLICY:
+               case AUTH_RULE_XAUTH_BACKEND:
                 case AUTH_HELPER_IM_HASH_URL:
                 case AUTH_HELPER_SUBJECT_HASH_URL:
                 {
@@ -205,6 +207,7 @@ static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator,
                         case AUTH_RULE_IDENTITY:
                         case AUTH_RULE_EAP_IDENTITY:
                         case AUTH_RULE_AAA_IDENTITY:
+                       case AUTH_RULE_XAUTH_BACKEND:
                         case AUTH_RULE_GROUP:
                         case AUTH_RULE_CA_CERT:
                         case AUTH_RULE_IM_CERT:
@@ -273,6 +276,7 @@ METHOD(auth_cfg_t, get, void*,
                 case AUTH_RULE_IDENTITY:
                 case AUTH_RULE_EAP_IDENTITY:
                 case AUTH_RULE_AAA_IDENTITY:
+               case AUTH_RULE_XAUTH_BACKEND:
                 case AUTH_RULE_GROUP:
                 case AUTH_RULE_CA_CERT:
                 case AUTH_RULE_IM_CERT:
@@ -313,6 +317,7 @@ static void add(private_auth_cfg_t *this, auth_rule_t type, ...)
                 case AUTH_RULE_IDENTITY:
                 case AUTH_RULE_EAP_IDENTITY:
                 case AUTH_RULE_AAA_IDENTITY:
+               case AUTH_RULE_XAUTH_BACKEND:
                 case AUTH_RULE_GROUP:
                 case AUTH_RULE_CA_CERT:
                 case AUTH_RULE_IM_CERT:
@@ -577,6 +582,8 @@ METHOD(auth_cfg_t, complies, bool,
                                 }
                                 break;
                         }
+                       case AUTH_RULE_XAUTH_BACKEND:
+                               /* not enforced, just a hint for local authentication */
                         case AUTH_HELPER_IM_CERT:
                         case AUTH_HELPER_SUBJECT_CERT:
                         case AUTH_HELPER_IM_HASH_URL:
@@ -656,6 +663,7 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
                                         add(this, type, id->clone(id));
                                         break;
                                 }
+                               case AUTH_RULE_XAUTH_BACKEND:
                                 case AUTH_RULE_CERT_POLICY:
                                 case AUTH_HELPER_IM_HASH_URL:
                                 case AUTH_HELPER_SUBJECT_HASH_URL:
@@ -755,6 +763,7 @@ static bool equals(private_auth_cfg_t *this, private_auth_cfg_t *other)
                                                 }
                                                 continue;
                                         }
+                                       case AUTH_RULE_XAUTH_BACKEND:
                                         case AUTH_RULE_CERT_POLICY:
                                         case AUTH_HELPER_IM_HASH_URL:
                                         case AUTH_HELPER_SUBJECT_HASH_URL:
@@ -840,6 +849,7 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
                                 clone->add(clone, entry->type, cert->get_ref(cert));
                                 break;
                         }
+                       case AUTH_RULE_XAUTH_BACKEND:
                         case AUTH_RULE_CERT_POLICY:
                         case AUTH_HELPER_IM_HASH_URL:
                         case AUTH_HELPER_SUBJECT_HASH_URL:
diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h

index fd8e4c06a2da4d8ca671c7b381843d9e662c3ad2..3e0fc73764db467faa87da54f274851b0ce50bdb 100644 (file)
--- a/src/libstrongswan/credentials/auth_cfg.h
+++ b/src/libstrongswan/credentials/auth_cfg.h
@@ -78,6 +78,8 @@ enum auth_rule_t {
         AUTH_RULE_EAP_TYPE,
         /** EAP vendor for vendor specific type, u_int32_t */
         AUTH_RULE_EAP_VENDOR,
+       /** XAUTH backend name to use, char* */
+       AUTH_RULE_XAUTH_BACKEND,
         /** certificate authority, certificate_t* */
         AUTH_RULE_CA_CERT,
         /** intermediate certificate in trustchain, certificate_t* */
diff --git a/src/libstrongswan/plugins/plugin_feature.c b/src/libstrongswan/plugins/plugin_feature.c

index b2bf419465ef8eb43edd60689729632f255915fc..6555e593b377bf1c390b789dacbb93179ce031a3 100644 (file)
--- a/src/libstrongswan/plugins/plugin_feature.c
+++ b/src/libstrongswan/plugins/plugin_feature.c
@@ -234,8 +234,8 @@ char* plugin_feature_get_string(plugin_feature_t *feature)
                         break;
                 case FEATURE_XAUTH_SERVER:
                 case FEATURE_XAUTH_PEER:
-                       if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
-                                       xauth_method_type_short_names, feature->arg.xauth) > 0)
+                       if (asprintf(&str, "%N:%s", plugin_feature_names, feature->type,
+                                       feature->arg.xauth) > 0)
                         {
                                 return str;
                         }
author	Martin Willi <martin@revosec.ch>
	Thu, 8 Dec 2011 15:53:27 +0000 (16:53 +0100)
committer	Martin Willi <martin@revosec.ch>
	Tue, 20 Mar 2012 16:31:15 +0000 (17:31 +0100)
src/libstrongswan/credentials/auth_cfg.c		patch \| blob \| blame \| history
src/libstrongswan/credentials/auth_cfg.h		patch \| blob \| blame \| history
src/libstrongswan/plugins/plugin_feature.c		patch \| blob \| blame \| history