Changeset 332:e624fa5f85ca in freeDiameter for extensions/acl_wl
- Timestamp:
- May 31, 2010, 7:09:24 PM (14 years ago)
- Branch:
- default
- Phase:
- public
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/acl_wl/acl_wl.c
r258 r332 77 77 } 78 78 79 /* Check the Inband-Security-Id value */ 80 res &= info->runtime.pir_isi; 81 if (res == 0) { 82 TRACE_DEBUG(INFO, "Peer '%s' rejected, remotely advertised Inband-Security-Id is not compatible with whitelist flags.", info->pi_diamid); 83 /* We don't actually set *auth = -1, leave space for a further extension to validate the peer */ 84 return 0; 85 } 86 87 /* Ok, the peer is whitelisted */ 79 /* Otherwise, just set the configured flags for the peer, and authorize it */ 88 80 *auth = 1; 89 81 90 /* Now, configure the peer for the authorized mechanism*/82 /* Save information about the security mechanism to use after CER/CEA exchange */ 91 83 if ((res & PI_SEC_NONE) && (res & PI_SEC_TLS_OLD)) 92 84 res = PI_SEC_NONE; /* If we authorized it, we must have an IPsec tunnel setup, no need for TLS in this case */ 93 85 94 /* Save information about the security mechanism to use after CER/CEA exchange */95 86 info->config.pic_flags.sec = res; 96 87 return 0;
Note: See TracChangeset
for help on using the changeset viewer.