Hello, While I code plugin to confront peer identity to the ldap, in case of pubkey authent, during ike_sa establishment I parsed certificate in order to store a ldap identifier in private_x509. In authorize hook, I tried to get cert in order to authorize or not IPSEC SA, using peer_cfg and enumerate auth_cfg (remote) but documentation says "Create an enumerator over added authentication rounds. @param local TRUE for own rules, FALSE for others constraints" and effectively I can read local certx509 but I'm unable to get "(auth, AUTH_RULE_SUBJECT_CERT)" it always return NULL. How can I get the struct certificate_t used by the remote in authorize hook?
Thanks Guillaume DEBROS _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
