ikev1: Log successful authentication with signature scheme
authorThomas Egerer <thomas.egerer@secunet.com>
Mon, 1 Feb 2016 14:33:38 +0000 (15:33 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 1 Feb 2016 14:58:53 +0000 (15:58 +0100)
Output is now identical to that of the IKEv2 pubkey authenticator.

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c
testing/tests/ikev1/xauth-rsa-eap-md5-radius/evaltest.dat
testing/tests/ikev1/xauth-rsa-radius/evaltest.dat
testing/tests/openssl-ikev1/ecdsa-certs/evaltest.dat

index 52228ef..793e6d5 100644 (file)
@@ -179,7 +179,7 @@ METHOD(authenticator_t, process, status_t,
                if (public->verify(public, scheme, hash, sig))
                {
                        DBG1(DBG_IKE, "authentication of '%Y' with %N successful",
-                                id, key_type_names, this->type);
+                                id, signature_scheme_names, scheme);
                        status = SUCCESS;
                        auth->merge(auth, current_auth, FALSE);
                        auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
index d568273..fe148cd 100644 (file)
@@ -1,4 +1,4 @@
-carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA successful::YES
+carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_NULL successful::YES
 moon:: cat /var/log/daemon.log::RADIUS authentication of 'carol@strongswan.org' successful::YES
 moon:: cat /var/log/daemon.log::XAuth authentication of 'carol@strongswan.org' successful::YES
 moon:: ipsec status 2> /dev/null::rw.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
index ee60292..a88debd 100644 (file)
@@ -1,4 +1,4 @@
-carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA successful::YES
+carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_NULL successful::YES
 moon:: cat /var/log/daemon.log::XAuth authentication of 'carol@strongswan.org' successful::YES
 moon:: ipsec status 2> /dev/null::rw.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
 carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
index 69c893f..941a2fe 100644 (file)
@@ -8,10 +8,10 @@ moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
 moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
 moon:: cat /var/log/daemon.log::looking for ECDSA-256 signature peer configs matching.*carol@strongswan.org::YES
 moon:: cat /var/log/daemon.log::looking for ECDSA-384 signature peer configs matching.*dave@strongswan.org::YES
-moon:: cat /var/log/daemon.log::authentication of.*carol@strongswan.org.*with ECDSA successful::YES
-moon:: cat /var/log/daemon.log::authentication of.*dave@strongswan.org.*with ECDSA successful::YES
-carol::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA successful::YES
-dave:: cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA successful::YES
+moon:: cat /var/log/daemon.log::authentication of.*carol@strongswan.org.*with ECDSA_WITH_NULL successful::YES
+moon:: cat /var/log/daemon.log::authentication of.*dave@strongswan.org.*with ECDSA_WITH_NULL successful::YES
+carol::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA_WITH_NULL successful::YES
+dave:: cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA_WITH_NULL successful::YES
 carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES
 dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES
 moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES