Don't add ANY identity constraint to auth config, as XAuth rounds don't use one
authorMartin Willi <martin@revosec.ch>
Thu, 26 Jul 2012 10:38:34 +0000 (12:38 +0200)
committerMartin Willi <martin@revosec.ch>
Thu, 26 Jul 2012 10:38:34 +0000 (12:38 +0200)
src/libcharon/plugins/stroke/stroke_config.c
src/libcharon/plugins/stroke/stroke_list.c

index 8657c3b..c884da0 100644 (file)
@@ -458,7 +458,14 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
                        }
                }
        }
-       cfg->add(cfg, AUTH_RULE_IDENTITY, identity);
+       if (identity->get_type(identity) != ID_ANY)
+       {
+               cfg->add(cfg, AUTH_RULE_IDENTITY, identity);
+       }
+       else
+       {
+               identity->destroy(identity);
+       }
 
        /* add raw RSA public key */
        pubkey = end->rsakey;
index 89bd1a7..1381e58 100644 (file)
@@ -338,8 +338,13 @@ static void log_auth_cfgs(FILE *out, peer_cfg_t *peer_cfg, bool local)
        enumerator = peer_cfg->create_auth_cfg_enumerator(peer_cfg, local);
        while (enumerator->enumerate(enumerator, &auth))
        {
-               fprintf(out, "%12s:   %s [%Y] uses ", name,     local ? "local: " : "remote:",
-                               auth->get(auth, AUTH_RULE_IDENTITY));
+               fprintf(out, "%12s:   %s", name, local ? "local: " : "remote:");
+               id = auth->get(auth, AUTH_RULE_IDENTITY);
+               if (id)
+               {
+                       fprintf(out, " [%Y]", id);
+               }
+               fprintf(out, " uses ");
 
                auth_class = (uintptr_t)auth->get(auth, AUTH_RULE_AUTH_CLASS);
                if (auth_class == AUTH_CLASS_EAP)