sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity

Call ike_isa_auth_psk in listener authorize hook

Browse Source 
This exchange initiates the AUTH verification in the TKM.
This commit is contained in:
Reto Buerki 2012-09-06 18:17:26 +02:00 committed by Tobias Brunner
parent 9df5645623
commit 3972769690
1 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/charon-tkm/src/tkm/tkm_listener.c
View File

@ -18,9 +18,12 @@
#include <encoding/payloads/auth_payload.h>
#include <utils/chunk.h>
#include <tkm/types.h>
#include <tkm/constants.h>
#include <tkm/client.h>
#include "tkm_listener.h"
#include "tkm_keymat.h"
#include "tkm_utils.h"
typedef struct private_tkm_listener_t private_tkm_listener_t;
@ -56,9 +59,21 @@ METHOD(listener_t, authorize, bool,
*success = FALSE;
}
DBG1(DBG_IKE, "TKM based authentication successful"
" for ISA context %llu", isa_id);
*success = TRUE;
signature_type signature;
chunk_to_sequence(auth, &signature);
if (ike_isa_auth_psk(isa_id, signature) != TKM_OK)
{
DBG1(DBG_IKE, "TKM based authentication failed"
" for ISA context %llu", isa_id);
*success = FALSE;
}
else
{
DBG1(DBG_IKE, "TKM based authentication successful"
" for ISA context %llu", isa_id);
*success = TRUE;
}
return TRUE;
}