This allows symmetric configuration of EAP methods (i.e. the same value
in leftauth and rightauth) when mutual EAP-only authentication is used.
Previously the client had to configure rightauth=eap or rightauth=any,
which prevented it from using this same config as responder.
identification_t *other_id;
auth_cfg_t *auth;
keymat_v2_t *keymat;
+ eap_type_t type;
+ u_int32_t vendor;
auth_payload = (auth_payload_t*)message->get_payload(message,
PLV2_AUTH);
this->auth_complete = TRUE;
auth = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
+
+ type = this->method->get_type(this->method, &vendor);
+ auth->add(auth, AUTH_RULE_EAP_TYPE, type);
+ if (vendor)
+ {
+ auth->add(auth, AUTH_RULE_EAP_VENDOR, vendor);
+ }
return TRUE;
}