Re: [strongSwan-dev] [PATCH] XAUTH username im updown environment

[Andreas Steffen]

Hello Heiko,

can you tell me where this hunk is supposed to fit in?

@@ -4947,6 +4957,17 @@ static stf_status quick_inI1_outR1_tail(struct 
verify_oppo_bundle *b,
                                                p->spd.that.client = 
c->spd.that.client;
                                                p->spd.that.has_client = TRUE;
                                        }
+
+                                       identification_t *xauth_id = 
c->xauth_identity;
+                                       if (c->policy & (POLICY_XAUTH_RSASIG | 
POLICY_XAUTH_PSK) &&
+                                               xauth_id)
+                                       {
+                                               DBG(DBG_CONTROL,
+                                                       DBG_log("inheriting 
XAUTH identity %Y", xauth_id)
+                                               )
+                                               DESTROY_IF(p->xauth_identity);
+                                               p->xauth_identity = 
xauth_id->clone(xauth_id);
+                                       }
                                }
                        }
  #ifdef DEBUG

The strongSwan master shows:

static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b,
                                                                                
struct adns_continuation *ac)
{
        struct msg_digest *md = b->md;
        struct state *const p1st = md->st;
        connection_t *c = p1st->st_connection;
        struct payload_digest *const id_pd = md->chain[ISAKMP_NEXT_ID];
        ip_subnet *our_net = &b->my.net
                , *his_net = &b->his.net;

        u_char      /* set by START_HASH_PAYLOAD: */
                *r_hashval,     /* where in reply to jam hash value */
                *r_hash_start;  /* from where to start hashing */

        /* Now that we have identities of client subnets, we must look for
         * a suitable connection (our current one only matches for hosts).
         */
        {
                connection_t *p = find_client_connection(c
                        , our_net, his_net, b->my.proto, b->my.port, 
b->his.proto, b->his.port);

Regards

Andreas

On 06/08/2010 09:31 AM, Heiko Hund wrote:
> On Tuesday 08 June 2010 08:50:31 Heiko Hund wrote:
>> dieser Patch fuegt den XAUTH usernamen als Umgebungsvariable fuer das
>> updown Skript hinzu. Könnte auch fÌr die Allgemeinheit interessant sein
>> und wuerde gut zum 4.4.1 changset passen. Wurde mich freuen wenn er
>> aufgenommen wird.
>
> Oops, this wasn't supposed to go to this list. Anyway, here's the translation
> for all non German speakers:
>
>    This patch adds the XAUTH username to the updown script environment. Is
>    could be interesting for the general public and would fit well into the
>    4.4.1 changeset. Would be happy if you accept it.
>
> Cheers
> Heiko

======================================================================
Andreas Steffen                         andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

_______________________________________________
Dev mailing list
Dev@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/dev