> This introduces support for specifying optional IKE SA specific > source and remote address for child sa initiation. This allows > to initiate wildcard connection for known address via vici.
I'm not sure if this is the right approach, as the change is rather invasive. For other uses, we dynamically generate configuration objects to initiate with, without registering them at the backend. This is a little more consistent in behavior. The vici backend does currently not support initiating non-registered connections, but this could be definitely worth to add. @Tobias, what do you thing about this approach when looking at the trap-any branch? What is the state of that branch for mainlining? Regards Martin _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
