vici: Use an empty local auth round if none given
authorMartin Willi <martin@strongswan.org>
Wed, 4 Nov 2015 16:04:11 +0000 (17:04 +0100)
committerMartin Willi <martin@strongswan.org>
Mon, 7 Dec 2015 09:05:07 +0000 (10:05 +0100)
While it hardly makes sense to use none for negotiated SAs, it actually does
when installing shunt policies.

src/libcharon/plugins/vici/vici_config.c

index 2a652e0..7f7ce61 100644 (file)
@@ -1886,9 +1886,8 @@ CALLBACK(config_sn, bool,
 
        if (peer.local->get_count(peer.local) == 0)
        {
-               free_peer_data(&peer);
-               peer.request->reply = create_reply("missing local auth config");
-               return FALSE;
+               auth_cfg = auth_cfg_create();
+               peer.local->insert_last(peer.local, auth_cfg);
        }
        if (peer.remote->get_count(peer.remote) == 0)
        {