summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--etc/inc/ipsec.inc3
-rw-r--r--etc/inc/vpn.inc8
2 files changed, 8 insertions, 3 deletions
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc
index 5c7d15d..d3a6fe8 100644
--- a/etc/inc/ipsec.inc
+++ b/etc/inc/ipsec.inc
@@ -727,9 +727,6 @@ function ipsec_find_id(& $ph1ent, $side = "local", $rgmap = array()) {
break;
case 'asn1dn':
$thisid_data = $id_data;
- if ($thisid_data && $thisid_data[0] != '"') {
- $thisid_data = "\"{$id_data}\"";
- }
break;
}
return array($thisid_type, $thisid_data);
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 44d96e5..b328975 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -825,6 +825,10 @@ EOD;
list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, 'local');
if ($myid_type != 'address' && $myid_type != 'keyid') {
$myid_data = "{$myid_type}:{$myid_data}";
+ /* asn1dn needs double quotes */
+ if ($myid_type == "asn1dn") {
+ $myid_data = '"' . $myid_data . '"';
+ }
}
/* Only specify peer ID if we are not dealing with a mobile PSK-only tunnel */
@@ -833,6 +837,10 @@ EOD;
list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, 'peer', $rgmap);
if ($peerid_type != 'address' && $peerid_type != 'keyid') {
$peerid_spec = "{$peerid_type}:{$peerid_data}";
+ /* asn1dn needs double quotes */
+ if ($peerid_type == "asn1dn") {
+ $peerid_spec = '"' . $peerid_spec . '"';
+ }
} else {
$peerid_spec = $peerid_data;
}
OpenPOWER on IntegriCloud