Accept NULL identities passed to peer config enumeration
[strongswan.git] / src / libcharon / sa / tasks / main_mode.c
index d31458b..dbdc0c0 100755 (executable)
@@ -29,6 +29,7 @@
 #include <encoding/payloads/id_payload.h>
 #include <encoding/payloads/hash_payload.h>
 #include <sa/tasks/xauth.h>
+#include <sa/tasks/mode_config.h>
 
 typedef struct private_main_mode_t private_main_mode_t;
 
@@ -307,7 +308,7 @@ static auth_method_t get_auth_method(private_main_mode_t *this,
                        return AUTH_XAUTH_RESP_RSA;
                }
        }
-       if (i1 == AUTH_CLASS_PSK && r2 == AUTH_CLASS_PSK)
+       if (i1 == AUTH_CLASS_PSK && r1 == AUTH_CLASS_PSK)
        {
                if (i2 == AUTH_CLASS_ANY && r2 == AUTH_CLASS_ANY)
                {
@@ -332,13 +333,11 @@ static auth_method_t get_auth_method(private_main_mode_t *this,
 static peer_cfg_t *select_config(private_main_mode_t *this, identification_t *id)
 {
        enumerator_t *enumerator;
-       identification_t *any;
        peer_cfg_t *current, *found = NULL;
 
-       any = identification_create_from_encoding(ID_ANY, chunk_empty);
        enumerator = charon->backends->create_peer_cfg_enumerator(charon->backends,
                                                this->ike_sa->get_my_host(this->ike_sa),
-                                               this->ike_sa->get_other_host(this->ike_sa), any, id);
+                                               this->ike_sa->get_other_host(this->ike_sa), NULL, id);
        while (enumerator->enumerate(enumerator, &current))
        {
                if (get_auth_method(this, current) == this->auth_method)
@@ -348,7 +347,6 @@ static peer_cfg_t *select_config(private_main_mode_t *this, identification_t *id
                }
        }
        enumerator->destroy(enumerator);
-       any->destroy(any);
 
        return found;
 }
@@ -824,6 +822,12 @@ METHOD(task_t, build_r, status_t,
                                return FAILED;
                        }
 
+                       if (this->peer_cfg->get_virtual_ip(this->peer_cfg))
+                       {
+                               this->ike_sa->queue_task(this->ike_sa,
+                                                       (task_t*)mode_config_create(this->ike_sa, TRUE));
+                       }
+
                        switch (this->auth_method)
                        {
                                case AUTH_XAUTH_INIT_PSK: