[strongSwan] initialzing EAP TLS peer with a different IDi than the IDi used in teh first IKE AUTH message

Andreas Steffen andreas.steffen at strongswan.org
Tue Oct 11 09:54:47 CEST 2016


Hi Ravi,

why don't you use the eap_identity parameter?

Regards

Andreas

On 10.10.2016 22:13, Ravi Kanth Vanapalli wrote:
> Hi all,
> 
> I have a situation wherein I need to alter the IDi slightly before the
> EAP-TLS authentication proceeds. I.e IDi in the first IKE_AUTH message
> should be different to IDi to be used for user private key lookup in the
> EAP-TLS user authentication.
> 
> I see that the API 'eap_tls_create_peer' is being used, to initialize
> the peer identitiy in TLSplugin.
> This is being registered with plugin eap_tls_plugin.c 
> 
> I am finding it difficult to know which module calls this API
> eap_tls_create_peer to initialize EAP TLS peer identity. 
> 
> Kindly provide any inputs regarding my issue.
> 
> Thank you very much.
> 
> -- 
> Regards,
> RaviKanth

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3859 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161011/a67a5cae/attachment.bin>


More information about the Users mailing list