xauth: Call authorize() hook also when xauth-noauth is used
authorTobias Brunner <tobias@strongswan.org>
Thu, 1 Oct 2015 16:15:00 +0000 (18:15 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 9 Nov 2015 13:44:53 +0000 (14:44 +0100)
Fixes #1138.

src/libcharon/sa/ikev1/tasks/xauth.c

index a770e90..c0c9157 100644 (file)
@@ -271,7 +271,10 @@ static bool add_auth_cfg(private_xauth_t *this, identification_t *id, bool local
 
        auth = auth_cfg_create();
        auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_XAUTH);
-       auth->add(auth, AUTH_RULE_XAUTH_IDENTITY, id->clone(id));
+       if (id)
+       {
+               auth->add(auth, AUTH_RULE_XAUTH_IDENTITY, id->clone(id));
+       }
        auth->merge(auth, this->ike_sa->get_auth_cfg(this->ike_sa, local), FALSE);
        this->ike_sa->add_auth_cfg(this->ike_sa, local, auth);
 
@@ -342,7 +345,10 @@ METHOD(task_t, build_i, status_t,
                                break;
                        case SUCCESS:
                                DESTROY_IF(cp);
-                               this->status = XAUTH_OK;
+                               if (add_auth_cfg(this, NULL, FALSE) && allowed(this))
+                               {
+                                       this->status = XAUTH_OK;
+                               }
                                this->public.task.process = _process_i_status;
                                return build_i_status(this, message);
                        default: