Store authentication info of a XAUTH round on IKE_SA
authorMartin Willi <martin@revosec.ch>
Wed, 21 Mar 2012 15:57:06 +0000 (16:57 +0100)
committerMartin Willi <martin@revosec.ch>
Thu, 22 Mar 2012 08:06:31 +0000 (09:06 +0100)
src/libcharon/sa/ikev1/tasks/xauth.c

index aa79811..059877e 100755 (executable)
@@ -167,6 +167,20 @@ static bool establish(private_xauth_t *this)
        return TRUE;
 }
 
+/**
+ * Create auth config after successful authentication
+ */
+static void add_auth_cfg(private_xauth_t *this, identification_t *id, bool local)
+{
+       auth_cfg_t *auth;
+
+       auth = auth_cfg_create();
+       auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_XAUTH);
+       auth->add(auth, AUTH_RULE_XAUTH_IDENTITY, id->clone(id));
+
+       this->ike_sa->add_auth_cfg(this->ike_sa, local, auth);
+}
+
 METHOD(task_t, build_i_status, status_t,
        private_xauth_t *this, message_t *message)
 {
@@ -283,6 +297,7 @@ METHOD(task_t, process_r, status_t,
                {
                        DBG1(DBG_IKE, "XAuth authentication of '%Y' (myself) successful",
                                 this->xauth->get_identity(this->xauth));
+                       add_auth_cfg(this, this->xauth->get_identity(this->xauth), TRUE);
                }
                else
                {
@@ -356,6 +371,7 @@ METHOD(task_t, process_i, status_t,
                                break;
                        }
                        DBG1(DBG_IKE, "XAuth authentication of '%Y' successful", id);
+                       add_auth_cfg(this, id, FALSE);
                        this->status = XAUTH_OK;
                        break;
                case FAILED: