Don't add ANY identity constraint to auth config, as XAuth rounds don't use one

2012-07-26 12:38:34 +02:00 · 2012-07-26 12:38:34 +02:00 · 874f7c7e2c
parent 9191946a63
commit 874f7c7e2c
2 changed files with 15 additions and 3 deletions
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@ -458,7 +458,14 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
 			}
 		}
 	}
-	cfg->add(cfg, AUTH_RULE_IDENTITY, identity);
+	if (identity->get_type(identity) != ID_ANY)
+	{
+		cfg->add(cfg, AUTH_RULE_IDENTITY, identity);
+	}
+	else
+	{
+		identity->destroy(identity);
+	}

 	/* add raw RSA public key */
 	pubkey = end->rsakey;
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@ -338,8 +338,13 @@ static void log_auth_cfgs(FILE *out, peer_cfg_t *peer_cfg, bool local)
 	enumerator = peer_cfg->create_auth_cfg_enumerator(peer_cfg, local);
 	while (enumerator->enumerate(enumerator, &auth))
 	{
-		fprintf(out, "%12s:   %s [%Y] uses ", name,	local ? "local: " : "remote:",
-				auth->get(auth, AUTH_RULE_IDENTITY));
+		fprintf(out, "%12s:   %s", name, local ? "local: " : "remote:");
+		id = auth->get(auth, AUTH_RULE_IDENTITY);
+		if (id)
+		{
+			fprintf(out, " [%Y]", id);
+		}
+		fprintf(out, " uses ");

 		auth_class = (uintptr_t)auth->get(auth, AUTH_RULE_AUTH_CLASS);
 		if (auth_class == AUTH_CLASS_EAP)