|
Line 0
Link Here
|
|
|
1 |
--- src/racoon/oakley.c.orig 2012-08-29 11:35:09 UTC |
| 2 |
+++ src/racoon/oakley.c |
| 3 |
@@ -2391,6 +2391,7 @@ oakley_skeyid(iph1) |
| 4 |
char *p; |
| 5 |
int len; |
| 6 |
int error = -1; |
| 7 |
+ struct ipsecdoi_id_b *id_b; |
| 8 |
|
| 9 |
/* SKEYID */ |
| 10 |
switch (iph1->approval->authmethod) { |
| 11 |
@@ -2400,7 +2401,19 @@ oakley_skeyid(iph1) |
| 12 |
case OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_R: |
| 13 |
#endif |
| 14 |
if (iph1->etype != ISAKMP_ETYPE_IDENT) { |
| 15 |
- iph1->authstr = getpskbyname(iph1->id_p); |
| 16 |
+ id_b = (struct ipsecdoi_id_b *)iph1->id_p->v; |
| 17 |
+ |
| 18 |
+ if (id_b->type != IPSECDOI_ID_IPV4_ADDR |
| 19 |
+ && id_b->type != IPSECDOI_ID_IPV6_ADDR) { |
| 20 |
+ iph1->authstr = getpskbyname(iph1->id_p); |
| 21 |
+ } else { |
| 22 |
+ struct sockaddr addr; |
| 23 |
+ u_int8_t prefix; |
| 24 |
+ u_int16_t ul_proto; |
| 25 |
+ if (!ipsecdoi_id2sockaddr(iph1->id_p, &addr, &prefix, &ul_proto)) { |
| 26 |
+ iph1->authstr = getpskbyaddr(&addr); |
| 27 |
+ } |
| 28 |
+ } |
| 29 |
if (iph1->authstr == NULL) { |
| 30 |
if (iph1->rmconf->verify_identifier) { |
| 31 |
plog(LLV_ERROR, LOCATION, iph1->remote, |