stroke: Support public key constraints for EAP methods
authorMartin Willi <martin@revosec.ch>
Thu, 29 Jan 2015 10:27:26 +0000 (11:27 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 3 Mar 2015 13:08:01 +0000 (14:08 +0100)
src/libcharon/plugins/stroke/stroke_config.c

index 3e40a78..88abe49 100644 (file)
@@ -620,9 +620,16 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
        else if (strpfx(auth, "eap"))
        {
                eap_vendor_type_t *type;
+               char *pos;
 
                cfg->add(cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
-
+               /* check for public key constraints for EAP-TLS etc. */
+               pos = strchr(auth, ':');
+               if (pos)
+               {
+                       *pos = 0;
+                       parse_pubkey_constraints(pos + 1, cfg);
+               }
                type = eap_vendor_type_from_string(auth);
                if (type)
                {