ike: support multiple addresses, ranges and subnets in IKE address config

Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.

1 files changed, 2 insertions, 2 deletions

diff --git a/src/conftest/config.c b/src/conftest/config.c
index 1aa931004..5aa742d79 100644
--- a/src/conftest/config.c
+++ b/src/conftest/config.c
@@ -103,9 +103,9 @@ static ike_cfg_t *load_ike_config(private_config_t *this,
 
 	ike_cfg = ike_cfg_create(IKEV2, TRUE,
 		settings->get_bool(settings, "configs.%s.fake_nat", FALSE, config),
-		settings->get_str(settings, "configs.%s.lhost", "%any", config), FALSE,
+		settings->get_str(settings, "configs.%s.lhost", "%any", config),
 		settings->get_int(settings, "configs.%s.lport", 500, config),
-		settings->get_str(settings, "configs.%s.rhost", "%any", config), FALSE,
+		settings->get_str(settings, "configs.%s.rhost", "%any", config),
 		settings->get_int(settings, "configs.%s.rport", 500, config),
 		FRAGMENTATION_NO, 0);
 	token = settings->get_str(settings, "configs.%s.proposal", NULL, config);