Feature #4234
allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth
Start date:
01/18/2015
Due date:
% Done:
0%
Estimated time:
Description
Allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth
It seems the gui setting is missing, but the background code is already in place to allow this.
History
#1
Updated by Renato Botelho almost 5 years ago
- Target version changed from 2.2 to 2.2.1
Push it to 2.2.1
#2
Updated by Chris Buechler almost 5 years ago
- Target version changed from 2.2.1 to 2.2.2
#3
Updated by Chris Buechler over 4 years ago
- Target version changed from 2.2.2 to 2.2.3
#4
Updated by Chris Buechler over 4 years ago
- Target version changed from 2.2.3 to 2.3
#5
Updated by Jim Thompson about 4 years ago
- Assignee set to Matthew Smith
#6
Updated by Jim Thompson almost 4 years ago
- Assignee changed from Matthew Smith to Marc Dye
#7
Updated by Jim Thompson almost 4 years ago
- Status changed from New to Assigned
#8
Updated by Matthew Smith almost 4 years ago
- Target version changed from 2.3 to Future
The backend code that exists in /etc/inc/ipsec.auth-user.php is not actually something that can be used. It looks like that code is very closely modeled after code in the openvpn.auth-user.php script. OpenVPN passes the common name in as an environment variable when it calls an auth script. Strongswan doesn't do this so the code won't work.
#9
Updated by Renato Botelho almost 3 years ago
- Assignee deleted (
Marc Dye)