projects / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b26ba1b)
vici: Use an empty local auth round if none given
authorMartin Willi <martin@strongswan.org>
Wed, 4 Nov 2015 16:04:11 +0000 (17:04 +0100)
committerMartin Willi <martin@strongswan.org>
Mon, 7 Dec 2015 09:05:07 +0000 (10:05 +0100)
While it hardly makes sense to use none for negotiated SAs, it actually does
when installing shunt policies.

src/libcharon/plugins/vici/vici_config.c patch | blob | history

diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index 2a652e0..7f7ce61 100644 (file)
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -1886,9 +1886,8 @@ CALLBACK(config_sn, bool,
 
        if (peer.local->get_count(peer.local) == 0)
        {
-               free_peer_data(&peer);
-               peer.request->reply = create_reply("missing local auth config");
-               return FALSE;
+               auth_cfg = auth_cfg_create();
+               peer.local->insert_last(peer.local, auth_cfg);
        }
        if (peer.remote->get_count(peer.remote) == 0)
        {
strongSwan - IPsec VPN