diff options
Diffstat (limited to 'src/libcharon/sa/tasks/ike_auth.c')
| -rw-r--r-- | src/libcharon/sa/tasks/ike_auth.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/libcharon/sa/tasks/ike_auth.c b/src/libcharon/sa/tasks/ike_auth.c index a954782f2..b440ec811 100644 --- a/src/libcharon/sa/tasks/ike_auth.c +++ b/src/libcharon/sa/tasks/ike_auth.c @@ -481,9 +481,8 @@ static status_t process_r(private_ike_auth_t *this, message_t *message) { this->ike_sa->enable_extension(this->ike_sa, EXT_MULTIPLE_AUTH); } - if (this->ike_sa->supports_extension(this->ike_sa, EXT_STRONGSWAN) && - message->get_notify(message, EAP_ONLY_AUTHENTICATION)) - { /* EAP-only has no official notify, accept only from strongSwan */ + if (message->get_notify(message, EAP_ONLY_AUTHENTICATION)) + { this->ike_sa->enable_extension(this->ike_sa, EXT_EAP_ONLY_AUTHENTICATION); } @@ -538,6 +537,11 @@ static status_t process_r(private_ike_auth_t *this, message_t *message) { cfg->add(cfg, AUTH_RULE_EAP_IDENTITY, id->clone(id)); } + id = (identification_t*)cand->get(cand, AUTH_RULE_AAA_IDENTITY); + if (id) + { + cfg->add(cfg, AUTH_RULE_AAA_IDENTITY, id->clone(id)); + } } /* verify authentication data */ @@ -821,7 +825,7 @@ static status_t process_i(private_ike_auth_t *this, message_t *message) break; default: { - if (type < 16383) + if (type <= 16383) { DBG1(DBG_IKE, "received %N notify error", notify_type_names, type); |