ike: support multiple addresses, ranges and subnets in IKE address config

Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.

1 files changed, 2 insertions, 3 deletions

diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c
index a788ce581..a5825519b 100644
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -544,7 +544,6 @@ METHOD(stroke_list_t, status, void,
 		while (enumerator->enumerate(enumerator, &peer_cfg))
 		{
 			char *my_addr, *other_addr;
-			bool my_allow_any, other_allow_any;
 
 			if (name && !streq(name, peer_cfg->get_name(peer_cfg)))
 			{
@@ -553,8 +552,8 @@ METHOD(stroke_list_t, status, void,
 
 			ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
 			ike_version = peer_cfg->get_ike_version(peer_cfg);
-			my_addr = ike_cfg->get_my_addr(ike_cfg, &my_allow_any);
-			other_addr = ike_cfg->get_other_addr(ike_cfg, &other_allow_any);
+			my_addr = ike_cfg->get_my_addr(ike_cfg);
+			other_addr = ike_cfg->get_other_addr(ike_cfg);
 			fprintf(out, "%12s:  %s...%s  %N", peer_cfg->get_name(peer_cfg),
 					my_addr, other_addr, ike_version_names, ike_version);