Skip to content

Commit

Permalink
Only omit rightid for PSK mobile types. Flip the logic here as the 2_1 !
Browse files Browse the repository at this point in the history 
logic gets ugly.
  • Loading branch information
Chris Buechler committed Jul 23, 2015
1 parent bdd9efb commit 021a97b
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions etc/inc/vpn.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -857,9 +857,10 @@ EOD;
$leftid = "leftid = {$myid_data}";
}

/* Only specify peer ID if we are not dealing with a mobile PSK-only tunnel */
$peerid_spec = '';
if (!isset($ph1ent['mobile'])) {
if (isset($ph1ent['mobile']) && ($ph1ent['authentication_method'] == "pre_shared_key" || $ph1ent['authentication_method'] == "xauth_psk_server")) {
// Only specify peer ID if we are not dealing with mobile PSK
} else {
list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, 'peer', $rgmap);
if ($peerid_type != 'address' && $peerid_type != 'keyid' && $peerid_type != 'asn1dn') {
$peerid_spec = "{$peerid_type}:{$peerid_data}";
Expand Down

0 comments on commit 021a97b

Please sign in to comment.