char *host;
/**
+ * Server identity, or NULL to use host
+ */
+ char *server;
+
+ /**
* Local identity
*/
char *identity;
}
else
{
- id = identification_create_from_string(this->host);
+ if (this->server)
+ {
+ id = identification_create_from_string(this->server);
+ }
+ else
+ {
+ id = identification_create_from_string(this->host);
+ }
}
auth->add(auth, AUTH_RULE_IDENTITY, id);
peer_cfg->add_auth_cfg(peer_cfg, auth, local);
case CMD_OPT_HOST:
this->host = arg;
break;
+ case CMD_OPT_REMOTE_IDENTITY:
+ this->server = arg;
+ break;
case CMD_OPT_IDENTITY:
this->identity = arg;
break;
"DNS name or address to connect to" },
{ CMD_OPT_IDENTITY, "identity", required_argument, "identity",
"identity the client uses for the IKE exchange" },
+ { CMD_OPT_REMOTE_IDENTITY, "remote-identity", required_argument, "identity",
+ "server identity to expect, defaults to host" },
{ CMD_OPT_CERT, "cert", required_argument, "path",
"trusted certificate, for authentication or trust chain validation" },
{ CMD_OPT_RSA, "rsa", required_argument, "path",