diff options
author | Ermal LUÇI <eri@pfsense.org> | 2015-01-07 21:02:09 +0100 |
---|---|---|
committer | Ermal LUÇI <eri@pfsense.org> | 2015-01-07 21:02:31 +0100 |
commit | 1ada4c8c514cc33b0df6238b7f2f177078bfe2e8 (patch) | |
tree | 6382518824dc189b931e10ba21b3fadf4decb93c /etc/inc/ipsec.inc | |
parent | 2f56ac49ee5fed548216aaabdf098e185decddf7 (diff) | |
download | pfsense-1ada4c8c514cc33b0df6238b7f2f177078bfe2e8.zip pfsense-1ada4c8c514cc33b0df6238b7f2f177078bfe2e8.tar.gz |
Move to specifically specifying the ID type apart when an ip address to have strongswan do proper behaviour. Also for DynDNS names use the dns type id so strongswan does the resolving by its own.
Diffstat (limited to 'etc/inc/ipsec.inc')
-rw-r--r-- | etc/inc/ipsec.inc | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index eb527e0..2b33e57 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -616,39 +616,41 @@ function ipsec_find_id(& $ph1ent, $side = "local", $rgmap = array()) { $addr = "%any"; else $addr = $ph1ent['remote-gateway']; - } else { + } else return array(); - } $thisid_type = $id_type; switch ($thisid_type) { - case "myaddress": - $thisid_type = "address"; + case 'myaddress': + $thisid_type = 'address'; $thisid_data = $addr; break; - - case "dyn_dns": - $thisid_type = "address"; - $thisid_data = resolve_retry($id_data); + case 'dyn_dns': + $thisid_type = 'dns'; + $thisid_data = $id_data; break; - - case "peeraddress": - $thisid_type = "address"; + case 'peeraddress': + $thisid_type = 'address'; $thisid_data = $rgmap[$ph1ent['remote-gateway']]; break; - - case "address"; + case 'address'; $thisid_data = $id_data; break; - - case "fqdn"; - case "keyid tag"; - case "user_fqdn"; - case "asn1dn"; + case 'fqdn'; + $thisid_data = "{$id_data}"; + break; + case 'keyid tag'; + $thisid_type = 'keyid'; + $thisid_data = "{$thisid_data}"; + break; + case 'user_fqdn'; + $thisid_type = 'userfqdn'; + $thisid_data = "{$id_data}"; + break; + case 'asn1dn'; $thisid_data = $id_data; - if( $thisid_data ) - $thisid_data = "{$thisid_data}"; + $thisid_data = "{$id_data}"; break; } return array($thisid_type, $thisid_data); |