Thanx for the pointers. I will investigate further. regards, sk
On Thu, Nov 29, 2018 at 12:15 AM Tobias Brunner <[email protected]> wrote: > Hi, > > > Is there any other way to get to tls_peer_t from the updown_listener.c ? > > No, there is no easy way to do that. It's also not that easy to patch > tls_peer_t because it has no access to the daemon (it's implemented in > libtls). So you'd have to extend tls_peer_t, tls_t and tls_eap_t to > somehow get the auth_cfg_t or the certificate in eap_tls_t and then > either merge that with the auth config of the IKE_SA or store that > information somewhere else (e.g. via lib->set) so it can be retrieved in > the updown listener. > > Regards, > Tobias >
