[svn-upgrade] Integrating new upstream version, strongswan (2.8.1)

1 files changed, 10 insertions, 3 deletions

diff --git a/programs/starter/confread.c b/programs/starter/confread.c
index edd041ab4..63010685b 100644
--- a/programs/starter/confread.c
+++ b/programs/starter/confread.c
@@ -11,7 +11,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * RCSID $Id: confread.c,v 1.39 2006/10/19 14:58:30 as Exp $
+ * RCSID $Id: confread.c,v 1.40 2007/01/11 21:27:27 as Exp $
  */
 
 #include <stddef.h>
@@ -418,7 +418,7 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg)
 	    KW_POLICY_FLAG("ah", "esp", POLICY_AUTHENTICATE)
 	    break; 
 	case KW_AUTHBY:
-	    conn->policy &= ~(POLICY_RSASIG | POLICY_PSK | POLICY_ENCRYPT);
+	    conn->policy &= ~(POLICY_ID_AUTH_MASK | POLICY_ENCRYPT);
 
 	    if (strcmp(kw->value, "never") != 0)
 	    {
@@ -433,8 +433,12 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg)
 		{
 		    if (streq(value, "rsasig"))
 			conn->policy |= POLICY_RSASIG | POLICY_ENCRYPT;
-		    else if (streq(value, "secret"))
+		    else if (streq(value, "secret") || streq(value, "psk"))
 			conn->policy |= POLICY_PSK | POLICY_ENCRYPT;
+		    else if (streq(value, "xauthrsasig"))
+			conn->policy |= POLICY_XAUTH_RSASIG | POLICY_ENCRYPT;
+		    else if (streq(value, "xauthpsk"))
+			conn->policy |= POLICY_XAUTH_PSK | POLICY_ENCRYPT;
 		    else
 		    {
 			plog("# bad policy value: %s=%s", kw->entry->name, kw->value);
@@ -454,6 +458,9 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg)
 	case KW_MODECONFIG:
 	    KW_POLICY_FLAG("push", "pull", POLICY_MODECFG_PUSH)
 	    break;
+	case KW_XAUTH:
+	    KW_POLICY_FLAG("server", "client", POLICY_XAUTH_SERVER)
+	    break;
 	default:
 	    break;
 	}