charon-cmd: add --eap-identity and --xauth-username options

4 files changed, 37 insertions, 0 deletions

diff --git a/src/charon-cmd/charon-cmd.8.in b/src/charon-cmd/charon-cmd.8.in
index c15c7d91f..c9d52c92f 100644
--- a/src/charon-cmd/charon-cmd.8.in
+++ b/src/charon-cmd/charon-cmd.8.in
@@ -77,6 +77,12 @@ DNS name or IP address to connect to.
 .BI "\-\-identity " identity
 Identity the client uses for the IKE exchange.
 .TP
+.BI "\-\-eap\-identity " identity
+Identity the client uses for EAP authentication.
+.TP
+.BI "\-\-xauth\-username " username
+Username the client uses for XAuth authentication.
+.TP
 .BI "\-\-remote\-identity " identity
 Server identity to expect, defaults to
 .IR hostname .
diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
index 2d995f0cd..5c459f99f 100644
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -102,6 +102,11 @@ struct private_cmd_connection_t {
 	char *identity;
 
 	/**
+	 * XAuth/EAP identity
+	 */
+	char *xautheap;
+
+	/**
 	 * Is a private key configured
 	 */
 	bool key_seen;
@@ -187,6 +192,22 @@ static void add_auth_cfg(private_cmd_connection_t *this, peer_cfg_t *peer_cfg,
 	if (local)
 	{
 		id = identification_create_from_string(this->identity);
+		if (this->xautheap)
+		{
+			switch (class)
+			{
+				case AUTH_CLASS_EAP:
+					auth->add(auth, AUTH_RULE_EAP_IDENTITY,
+							identification_create_from_string(this->xautheap));
+					break;
+				case AUTH_CLASS_XAUTH:
+					auth->add(auth, AUTH_RULE_XAUTH_IDENTITY,
+							identification_create_from_string(this->xautheap));
+					break;
+				default:
+					break;
+			}
+		}
 	}
 	else
 	{
@@ -411,6 +432,10 @@ METHOD(cmd_connection_t, handle, bool,
 		case CMD_OPT_IDENTITY:
 			this->identity = arg;
 			break;
+		case CMD_OPT_EAP_IDENTITY:
+		case CMD_OPT_XAUTH_USER:
+			this->xautheap = arg;
+			break;
 		case CMD_OPT_RSA:
 		case CMD_OPT_AGENT:
 		case CMD_OPT_PKCS12:
diff --git a/src/charon-cmd/cmd/cmd_options.c b/src/charon-cmd/cmd/cmd_options.c
index 175aa4269..597ccda1f 100644
--- a/src/charon-cmd/cmd/cmd_options.c
+++ b/src/charon-cmd/cmd/cmd_options.c
@@ -34,6 +34,10 @@ cmd_option_t cmd_options[CMD_OPT_COUNT] = {
 	  "DNS name or address to connect to", {}},
 	{ CMD_OPT_IDENTITY, "identity", required_argument, "identity",
 	  "identity the client uses for the IKE exchange", {}},
+	{ CMD_OPT_EAP_IDENTITY, "eap-identity", required_argument, "eap-identity",
+	  "identity the client uses for EAP authentication", {}},
+	{ CMD_OPT_XAUTH_USER, "xauth-username", required_argument, "xauth-username",
+	  "username the client uses for XAuth authentication", {}},
 	{ CMD_OPT_REMOTE_IDENTITY, "remote-identity", required_argument, "identity",
 	  "server identity to expect, defaults to host", {}},
 	{ CMD_OPT_CERT, "cert", required_argument, "path",
diff --git a/src/charon-cmd/cmd/cmd_options.h b/src/charon-cmd/cmd/cmd_options.h
index 4e5ba6780..6b8b04cdf 100644
--- a/src/charon-cmd/cmd/cmd_options.h
+++ b/src/charon-cmd/cmd/cmd_options.h
@@ -36,6 +36,8 @@ enum cmd_option_type_t {
 	CMD_OPT_DEBUG,
 	CMD_OPT_HOST,
 	CMD_OPT_IDENTITY,
+	CMD_OPT_EAP_IDENTITY,
+	CMD_OPT_XAUTH_USER,
 	CMD_OPT_REMOTE_IDENTITY,
 	CMD_OPT_CERT,
 	CMD_OPT_RSA,