[strongSwan] sending ID_USER_FQDN instead of ID_FQDN

Gerald Richter - ECOS richter at ecos.de
Tue Jul 2 08:15:53 CEST 2013


Hi,

 
I am trying to setup a client connection to a watchguard, among other issues, I realized that the watchguard doesn’t like ID_FQDN. I had to sent to ID as ID_USER_FQDN. The following patch allow to specify an ID as @@<id> to force ID_USER_FQDN. I think that might be useful for other situations as well.

 
Regards

 
Gerald

 
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c

index 06ec533..6d26475 100644

--- a/src/libstrongswan/utils/identification.c

+++ b/src/libstrongswan/utils/identification.c

@@ -1008,6 +1008,17 @@ identification_t *identification_create_from_string(char *string)

                                                                        chunk_create(string, strlen(string)), NULL);

                                return &this->public;

                        }

+                       else if (*(string + 1) == '@')

+                       {

+                               this = identification_create(ID_USER_FQDN);

+                               string += 2;

+                               this->encoded.len = strlen(string);

+                               if (this->encoded.len)

+                               {       /* if we only got an @@ */

+                                       this->encoded.ptr = strdup(string);

+                               }

+                               return &this->public;

+                       }

                        else

                        {

                                this = identification_create(ID_FQDN);

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130702/805d58b7/attachment.html>


More information about the Users mailing list