[strongSwan-dev] Issue in IKEv2 IKE_AUTH EAP identity parsing

tiio vossi tottiviljami at gmail.com
Tue Nov 3 09:35:53 CET 2020


tested the fix and it works. Thanks again for the great help!


On Mon, Nov 2, 2020 at 4:26 PM Tobias Brunner <tobias at strongswan.org> wrote:

> Hi Totti,
> > Ok, but would the fallback from asn.1 to plain string then make sense?
> The idea is good, but...
> >         id = identification_create_from_encoding(ID_DER_ASN1_DN, data);
> This constructor does not do any parsing or verifying.  The (assumed)
> ASN.1 encoding is just copied.  The data will only get parsed as DN once
> the identity is compared or printed.  But I guess we could add an
> additional verification step to the from_data() constructor.  I pushed a
> possible fix to the dn-from-data branch [1].
> Regards,
> Tobias
> [1]
> https://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/dn-from-data
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20201103/e6754364/attachment.html>

More information about the Dev mailing list