log EAP-only authentication proposal

author Andreas Steffen <andreas.steffen@strongswan.org>

Mon, 11 Jan 2010 10:17:40 +0000 (11:17 +0100)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Mon, 11 Jan 2010 10:17:40 +0000 (11:17 +0100)
author Andreas Steffen <andreas.steffen@strongswan.org>
Mon, 11 Jan 2010 10:17:40 +0000 (11:17 +0100)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Mon, 11 Jan 2010 10:17:40 +0000 (11:17 +0100)
diff --git a/src/charon/sa/tasks/ike_auth.c b/src/charon/sa/tasks/ike_auth.c

index fb79cb20fc2c0cbfbcfc83ca28498cdb7e0e71ac..f37ce7b34c452483baa3b23924121661ec63ee65 100644 (file)
--- a/src/charon/sa/tasks/ike_auth.c
+++ b/src/charon/sa/tasks/ike_auth.c
@@ -879,12 +879,14 @@ static status_t process_i(private_ike_auth_t *this, message_t *message)
                                 }
                         }
                         else
-                       {       /* responder omited AUTH payload, indicating EAP-only */
-                               if (!this->my_auth ||
-                                       !this->my_auth->is_mutual(this->my_auth))
+                       {       /* responder omitted AUTH payload, indicating EAP-only */
+                               if (!this->my_auth || !this->my_auth->is_mutual(this->my_auth))
                                 {
+                                       DBG1(DBG_IKE, "do not allow non-mutual or weak "
+                                                                 "EAP-only authentication");
                                         return FAILED;
                                 }
+                               DBG1(DBG_IKE, "allow mutual EAP-only authentication");
                         }
                 }
                 if (this->other_auth)
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Mon, 11 Jan 2010 10:17:40 +0000 (11:17 +0100)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Mon, 11 Jan 2010 10:17:40 +0000 (11:17 +0100)