Add AUTH_RULE_IDENTITY_LOOSE which allows to use IDr loosely as initiator
authorTobias Brunner <tobias@strongswan.org>
Tue, 18 Sep 2012 09:16:10 +0000 (11:16 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 18 Sep 2012 09:16:10 +0000 (11:16 +0200)
commit3a8852c76fd009e11e78ea377796376b1b770da6
tree00fdd536664456f60fcaf3468018de66626ad4bd
parentcf1ec852073b35c28a47aae6979d7143dcc5e2ed
Add AUTH_RULE_IDENTITY_LOOSE which allows to use IDr loosely as initiator

If it is set on an auth config IDr will not be sent, and later the configured
identity will not only be checked against the returned IDr, but also
against other identities contained in the responder's certificate.
src/libcharon/sa/ikev2/tasks/ike_auth.c
src/libstrongswan/credentials/auth_cfg.c
src/libstrongswan/credentials/auth_cfg.h