From: Martin Willi Date: Mon, 26 Jul 2010 13:10:54 +0000 (+0200) Subject: Synchronize EAP-Identity of remote peer X-Git-Tag: 4.4.1~16 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fa4f71c8192c3c8a8e6968bf19d386467f3076b9;p=thirdparty%2Fstrongswan.git Synchronize EAP-Identity of remote peer --- diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c index 3c41466aa4..51dee4da11 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.c +++ b/src/libcharon/plugins/ha/ha_dispatcher.c @@ -243,6 +243,7 @@ static void process_ike_update(private_ha_dispatcher_t *this, enumerator_t *enumerator; ike_sa_t *ike_sa = NULL; peer_cfg_t *peer_cfg = NULL; + auth_cfg_t *auth; enumerator = message->create_attribute_enumerator(message); while (enumerator->enumerate(enumerator, &attribute, &value)) @@ -264,6 +265,11 @@ static void process_ike_update(private_ha_dispatcher_t *this, case HA_REMOTE_ID: ike_sa->set_other_id(ike_sa, value.id->clone(value.id)); break; + case HA_REMOTE_EAP_ID: + auth = auth_cfg_create(); + auth->add(auth, AUTH_RULE_EAP_IDENTITY, value.id->clone(value.id)); + ike_sa->add_auth_cfg(ike_sa, FALSE, auth); + break; case HA_LOCAL_ADDR: ike_sa->set_my_host(ike_sa, value.host->clone(value.host)); break; diff --git a/src/libcharon/plugins/ha/ha_ike.c b/src/libcharon/plugins/ha/ha_ike.c index c7a7c5826d..67df391e9a 100644 --- a/src/libcharon/plugins/ha/ha_ike.c +++ b/src/libcharon/plugins/ha/ha_ike.c @@ -148,6 +148,7 @@ METHOD(listener_t, ike_updown, bool, u_int32_t extension, condition; host_t *addr; ike_sa_id_t *id; + identification_t *eap_id; peer_cfg = ike_sa->get_peer_cfg(ike_sa); @@ -169,6 +170,11 @@ METHOD(listener_t, ike_updown, bool, m->add_attribute(m, HA_IKE_ID, id); m->add_attribute(m, HA_LOCAL_ID, ike_sa->get_my_id(ike_sa)); m->add_attribute(m, HA_REMOTE_ID, ike_sa->get_other_id(ike_sa)); + eap_id = ike_sa->get_other_eap_id(ike_sa); + if (!eap_id->equals(eap_id, ike_sa->get_other_id(ike_sa))) + { + m->add_attribute(m, HA_REMOTE_EAP_ID, eap_id); + } m->add_attribute(m, HA_LOCAL_ADDR, ike_sa->get_my_host(ike_sa)); m->add_attribute(m, HA_REMOTE_ADDR, ike_sa->get_other_host(ike_sa)); m->add_attribute(m, HA_CONDITIONS, condition); diff --git a/src/libcharon/plugins/ha/ha_message.c b/src/libcharon/plugins/ha/ha_message.c index 16e214bd88..7ce9cbe091 100644 --- a/src/libcharon/plugins/ha/ha_message.c +++ b/src/libcharon/plugins/ha/ha_message.c @@ -163,6 +163,7 @@ METHOD(ha_message_t, add_attribute, void, /* identification_t* */ case HA_LOCAL_ID: case HA_REMOTE_ID: + case HA_REMOTE_EAP_ID: { identification_encoding_t *enc; identification_t *id; @@ -360,6 +361,7 @@ METHOD(enumerator_t, attribute_enumerate, bool, /* identification_t* */ case HA_LOCAL_ID: case HA_REMOTE_ID: + case HA_REMOTE_EAP_ID: { identification_encoding_t *enc; diff --git a/src/libcharon/plugins/ha/ha_message.h b/src/libcharon/plugins/ha/ha_message.h index 4034dbe51e..50e11830f4 100644 --- a/src/libcharon/plugins/ha/ha_message.h +++ b/src/libcharon/plugins/ha/ha_message.h @@ -82,6 +82,8 @@ enum ha_message_attribute_t { HA_LOCAL_ID, /** identification_t*, remote identity */ HA_REMOTE_ID, + /** identification_t*, remote EAP identity */ + HA_REMOTE_EAP_ID, /** host_t*, local address */ HA_LOCAL_ADDR, /** host_t*, remote address */