Fall back to local address as IKEv1 identity if nothing else is configured
authorTobias Brunner <tobias@strongswan.org>
Fri, 24 Aug 2012 10:53:23 +0000 (12:53 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 24 Aug 2012 10:55:01 +0000 (12:55 +0200)
src/libcharon/sa/ikev1/phase1.c

index fee304e..e5a48ec 100644 (file)
@@ -587,14 +587,26 @@ METHOD(phase1_t, select_config, peer_cfg_t*,
 METHOD(phase1_t, get_id, identification_t*,
        private_phase1_t *this, peer_cfg_t *peer_cfg, bool local)
 {
+       identification_t *id = NULL;
        auth_cfg_t *auth;
 
        auth = get_auth_cfg(peer_cfg, local);
        if (auth)
        {
-               return auth->get(auth, AUTH_RULE_IDENTITY);
+               id = auth->get(auth, AUTH_RULE_IDENTITY);
+               if (local && (!id || id->get_type(id) == ID_ANY))
+               {       /* no ID configured, use local IP address */
+                       host_t *me;
+
+                       me = this->ike_sa->get_my_host(this->ike_sa);
+                       if (!me->is_anyaddr(me))
+                       {
+                               id = identification_create_from_sockaddr(me->get_sockaddr(me));
+                               auth->add(auth, AUTH_RULE_IDENTITY, id);
+                       }
+               }
        }
-       return NULL;
+       return id;
 }
 
 METHOD(phase1_t, save_sa_payload, bool,