CVSROOT: /cvs
Module name: src
Changes by: r...@cvs.openbsd.org 2017/04/24 01:07:25
Modified files:
sbin/iked : parse.y
Log message:
Fix configuration of ASN1_DN IDs.
Public key authentication uses public key files that are stored in the
/etc/iked/pubkeys/ directory where the IKE IDs are encoded as filenames.
This does not simply work with ASN1_DNs where the IDs include slashes
and other special characters. Instead of breaking and failing when an
ASN1_DN is configured, simply skip the public key lookup but allow
to use it with certificates or PSKs.
Reported and fix tested by Igor V. Gubenko - Thanks.
