Fixed IDi in case neither left nor leftid is configured.
authorTobias Brunner <tobias@strongswan.org>
Wed, 4 Apr 2012 09:46:59 +0000 (11:46 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 16 Apr 2012 11:44:27 +0000 (13:44 +0200)
src/libcharon/sa/tasks/ike_auth.c

index af2c30f..1ef2162 100644 (file)
@@ -422,6 +422,27 @@ METHOD(task_t, build_i, status_t,
                        DBG1(DBG_CFG, "configuration misses IDi");
                        return FAILED;
                }
+               else if (idi->get_type(idi) == ID_ANY)
+               {       /* ID_ANY is invalid as IDi, use local IP address instead */
+                       enumerator_t *enumerator;
+                       auth_rule_t rule;
+                       host_t *me;
+                       void *data;
+
+                       me = this->ike_sa->get_my_host(this->ike_sa);
+                       idi = identification_create_from_sockaddr(me->get_sockaddr(me));
+                       enumerator = cfg->create_enumerator(cfg);
+                       while (enumerator->enumerate(enumerator, &rule, &data))
+                       {
+                               if (rule == AUTH_RULE_IDENTITY)
+                               {
+                                       cfg->replace(cfg, enumerator, AUTH_RULE_IDENTITY,
+                                                                idi);
+                                       break;
+                               }
+                       }
+                       enumerator->destroy(enumerator);
+               }
                this->ike_sa->set_my_id(this->ike_sa, idi->clone(idi));
                id_payload = id_payload_create_from_identification(ID_INITIATOR, idi);
                get_reserved_id_bytes(this, id_payload);