[strongSwan-dev] Issue in IKEv2 IKE_AUTH EAP identity parsing
Tobias Brunner
tobias at strongswan.org
Mon Nov 2 15:26:44 CET 2020
Hi Totti,
> Ok, but would the fallback from asn.1 to plain string then make sense?
The idea is good, but...
> id = identification_create_from_encoding(ID_DER_ASN1_DN, data);
This constructor does not do any parsing or verifying. The (assumed)
ASN.1 encoding is just copied. The data will only get parsed as DN once
the identity is compared or printed. But I guess we could add an
additional verification step to the from_data() constructor. I pushed a
possible fix to the dn-from-data branch [1].
Regards,
Tobias
[1]
https://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/dn-from-data
More information about the Dev
mailing list