diff options
| author | Renato Botelho <renato@netgate.com> | 2015-07-16 15:56:26 -0300 |
|---|---|---|
| committer | Renato Botelho <renato@netgate.com> | 2015-07-16 15:56:45 -0300 |
| commit | 31ae45d2535e73f58b307f18227ba29a9061d2af (patch) | |
| tree | 29583adf74b7ad7d2da0f9a351494df3b3678c74 | |
| parent | 088af065f5cf0c63b1420e3ee6246de4c5db06c1 (diff) | |
| download | pfsense-31ae45d2535e73f58b307f18227ba29a9061d2af.zip pfsense-31ae45d2535e73f58b307f18227ba29a9061d2af.tar.gz | |
Add leftid and rightid value between double quotes on ipsec config when type is asn1dn. Ticket #4792
| -rw-r--r-- | etc/inc/ipsec.inc | 3 | ||||
| -rw-r--r-- | etc/inc/vpn.inc | 8 |
2 files changed, 8 insertions, 3 deletions
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index 5c7d15d..d3a6fe8 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -727,9 +727,6 @@ function ipsec_find_id(& $ph1ent, $side = "local", $rgmap = array()) { break; case 'asn1dn': $thisid_data = $id_data; - if ($thisid_data && $thisid_data[0] != '"') { - $thisid_data = "\"{$id_data}\""; - } break; } return array($thisid_type, $thisid_data); diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 44d96e5..b328975 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -825,6 +825,10 @@ EOD; list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, 'local'); if ($myid_type != 'address' && $myid_type != 'keyid') { $myid_data = "{$myid_type}:{$myid_data}"; + /* asn1dn needs double quotes */ + if ($myid_type == "asn1dn") { + $myid_data = '"' . $myid_data . '"'; + } } /* Only specify peer ID if we are not dealing with a mobile PSK-only tunnel */ @@ -833,6 +837,10 @@ EOD; list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, 'peer', $rgmap); if ($peerid_type != 'address' && $peerid_type != 'keyid') { $peerid_spec = "{$peerid_type}:{$peerid_data}"; + /* asn1dn needs double quotes */ + if ($peerid_type == "asn1dn") { + $peerid_spec = '"' . $peerid_spec . '"'; + } } else { $peerid_spec = $peerid_data; } |
