From 3070697f9f7cc87e5abd9924dccedda9b2656100 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 25 Jul 2013 15:37:13 +0200
Subject: ike: support multiple addresses, ranges and subnets in IKE address
 config

Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.
---
 src/conftest/config.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/conftest/config.c')

diff --git a/src/conftest/config.c b/src/conftest/config.c
index 1aa931004..5aa742d79 100644
--- a/src/conftest/config.c
+++ b/src/conftest/config.c
@@ -103,9 +103,9 @@ static ike_cfg_t *load_ike_config(private_config_t *this,
 
 	ike_cfg = ike_cfg_create(IKEV2, TRUE,
 		settings->get_bool(settings, "configs.%s.fake_nat", FALSE, config),
-		settings->get_str(settings, "configs.%s.lhost", "%any", config), FALSE,
+		settings->get_str(settings, "configs.%s.lhost", "%any", config),
 		settings->get_int(settings, "configs.%s.lport", 500, config),
-		settings->get_str(settings, "configs.%s.rhost", "%any", config), FALSE,
+		settings->get_str(settings, "configs.%s.rhost", "%any", config),
 		settings->get_int(settings, "configs.%s.rport", 500, config),
 		FRAGMENTATION_NO, 0);
 	token = settings->get_str(settings, "configs.%s.proposal", NULL, config);
-- 
cgit v1.2.3