[strongSwan-dev] Issue in IKEv2 IKE_AUTH EAP identity parsing

Tobias Brunner tobias at strongswan.org
Mon Nov 2 14:15:24 CET 2020


Hi Totti,

> There is also ID Type in the identification payload.

Unfortunately, EAP-Identities are not transmitted in such payloads.
They are basically arbitrary binary blobs that strongSwan tries to parse
based on some heuristics to actually match them against other identities
(e.g. in certificates or the configuration, which all have a type
associated that must match).

Regards,
Tobias


More information about the Dev mailing list