charon-cmd: authenticate with EAP if no private key is given

author Martin Willi <martin@revosec.ch>

Tue, 26 Mar 2013 16:47:28 +0000 (17:47 +0100)

committer Martin Willi <martin@revosec.ch>

Mon, 6 May 2013 13:28:27 +0000 (15:28 +0200)
author Martin Willi <martin@revosec.ch>
Tue, 26 Mar 2013 16:47:28 +0000 (17:47 +0100)
committer Martin Willi <martin@revosec.ch>
Mon, 6 May 2013 13:28:27 +0000 (15:28 +0200)
diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c

index f58df5c..b3aad00 100644 (file)
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -48,6 +48,11 @@ struct private_cmd_connection_t {
          * Local identity
          */
         char *identity;
          * Local identity
          */
         char *identity;
+
+       /**
+        * Is a private key configured
+        */
+       bool key_seen;
  };
  
  /**
  };
  
  /**
@@ -93,9 +98,18 @@ static peer_cfg_t* create_peer_cfg(private_cmd_connection_t *this)
  static void add_auth_cfgs(private_cmd_connection_t *this, peer_cfg_t *peer_cfg)
  {
         auth_cfg_t *auth;
  static void add_auth_cfgs(private_cmd_connection_t *this, peer_cfg_t *peer_cfg)
  {
         auth_cfg_t *auth;
+       auth_class_t class;
  
  
+       if (this->key_seen)
+       {
+               class = AUTH_CLASS_PUBKEY;
+       }
+       else
+       {
+               class = AUTH_CLASS_EAP;
+       }
         auth = auth_cfg_create();
         auth = auth_cfg_create();
-       auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
+       auth->add(auth, AUTH_RULE_AUTH_CLASS, class);
         auth->add(auth, AUTH_RULE_IDENTITY,
                           identification_create_from_string(this->identity));
         peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
         auth->add(auth, AUTH_RULE_IDENTITY,
                           identification_create_from_string(this->identity));
         peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
@@ -183,6 +197,9 @@ METHOD(cmd_connection_t, handle, bool,
                 case CMD_OPT_IDENTITY:
                         this->identity = arg;
                         break;
                 case CMD_OPT_IDENTITY:
                         this->identity = arg;
                         break;
+               case CMD_OPT_RSA:
+                       this->key_seen = TRUE;
+                       break;
                 default:
                         return FALSE;
         }
                 default:
                         return FALSE;
         }
author	Martin Willi <martin@revosec.ch>
	Tue, 26 Mar 2013 16:47:28 +0000 (17:47 +0100)
committer	Martin Willi <martin@revosec.ch>
	Mon, 6 May 2013 13:28:27 +0000 (15:28 +0200)