Make sure that xauth-noauth is not used accidentally

It has to be selected explicitly with rightauth2=xauth-noauth.

diff --git a/src/libcharon/sa/xauth/xauth_manager.c b/src/libcharon/sa/xauth/xauth_manager.c
index f0602a6..5709dc6 100644 (file)
--- a/src/libcharon/sa/xauth/xauth_manager.c
+++ b/src/libcharon/sa/xauth/xauth_manager.c
@@ -112,8 +112,11 @@ METHOD(xauth_manager_t, create_instance, xauth_method_t*,
        enumerator = this->methods->create_enumerator(this->methods);
        while (enumerator->enumerate(enumerator, &entry))
        {
-               if (role == entry->role &&
-                       (!name || streq(name, entry->name)))
+               if (!name && streq(entry->name, "noauth"))
+               {       /* xauth-noauth has to be configured explicitly */
+                       continue;
+               }
+               if (role == entry->role && (!name || streq(name, entry->name)))
                {
                        method = entry->constructor(server, peer);
                        if (method)