[14/16] IPsec: Strip @ from IDs in Apple profile

Message ID 20200528175850.12638-15-michael.tremer@ipfire.org
State New
Headers show
Series
  • [01/16] IPsec: Use sane defaults for certificate lifetimes
Related show

Commit Message

Michael Tremer May 28, 2020, 5:58 p.m. UTC
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 html/cgi-bin/vpnmain.cgi | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

Patch

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 1e4115e95..2e0dd797d 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -1390,14 +1390,28 @@  END
 
 	# Left ID
 	if ($confighash{$key}[9]) {
+		my $leftid = $confighash{$key}[9];
+
+		# Strip leading @ from FQDNs
+		if ($leftid =~ m/^@(.*)$/) {
+			$leftid = $1;
+		}
+
 		print "					<key>LocalIdentifier</key>\n";
-		print "					<string>$confighash{$key}[9]</string>\n";
+		print "					<string>$leftid</string>\n";
 	}
 
 	# Right ID
 	if ($confighash{$key}[7]) {
+		my $rightid = $confighash{$key}[7];
+
+		# Strip leading @ from FQDNs
+		if ($rightid =~ m/^@(.*)$/) {
+			$rightid = $1;
+		}
+
 		print "					<key>RemoteIdentifier</key>\n";
-		print "					<string>$confighash{$key}[7]</string>\n";
+		print "					<string>$rightid</string>\n";
 	}
 
 	if ($confighash{$key}[4] eq "cert") {