[strongSwan] initialzing EAP TLS peer with a different IDi than the IDi used in teh first IKE AUTH message

Ravi Kanth Vanapalli vvnrk.vanapalli at gmail.com
Mon Oct 10 22:13:19 CEST 2016


Hi all,

I have a situation wherein I need to alter the IDi slightly before the
EAP-TLS authentication proceeds. I.e IDi in the first IKE_AUTH message
should be different to IDi to be used for user private key lookup in the
EAP-TLS user authentication.

I see that the API 'eap_tls_create_peer' is being used, to initialize the
peer identitiy in TLSplugin.
This is being registered with plugin eap_tls_plugin.c

I am finding it difficult to know which module calls this API
eap_tls_create_peer to initialize EAP TLS peer identity.

Kindly provide any inputs regarding my issue.

Thank you very much.

-- 
Regards,
RaviKanth
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161010/259e933b/attachment.html>


More information about the Users mailing list