Hi Andrea,
> I have changed the license to MIT and moved the service lookup into the
> listener construction.
Thanks for the updated patch, I did some testing with it. Some notes:
* Is there a specific reason why you open a session for each
virtual IP? As the IP is actually not bound to that session,
would a single session per IKE_SA be sufficient?
* As the PAM sessions are not directly coupled to PAM
authentication (but any IKE_SA), I think it might be worth to
have an option to disable this session functionality.
* Having a null PAM conversion function makes my PAM complain
here. Therefore I introduced a dummy function that ignores any
Info Text, but fails if anything is requested by PAM.
Please have a look at the changes at [1], and let me know if that
version works for you.
Best Regards
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/pam-session
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
