allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth
Allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth
It seems the gui setting is missing, but the background code is already in place to allow this.
Updated by Matthew Smith over 5 years ago
- Target version changed from 2.3 to Future
The backend code that exists in /etc/inc/ipsec.auth-user.php is not actually something that can be used. It looks like that code is very closely modeled after code in the openvpn.auth-user.php script. OpenVPN passes the common name in as an environment variable when it calls an auth script. Strongswan doesn't do this so the code won't work.