/**
* Server identity
*/
- identification_t *id;
+ identification_t *server;
+
+ /**
+ * Client authentication identity
+ */
+ identification_t *client;
/**
* Current PT-TLS message identifier
return FALSE;
}
- this->tls = tls_socket_create(FALSE, this->id, NULL, fd, NULL);
+ this->tls = tls_socket_create(FALSE, this->server, this->client, fd, NULL);
if (!this->tls)
{
close(fd);
close(fd);
}
this->address->destroy(this->address);
- this->id->destroy(this->id);
+ this->server->destroy(this->server);
+ this->client->destroy(this->client);
free(this);
}
/**
* See header
*/
-pt_tls_client_t *pt_tls_client_create(host_t *address, identification_t *id)
+pt_tls_client_t *pt_tls_client_create(host_t *address, identification_t *server,
+ identification_t *client)
{
private_pt_tls_client_t *this;
.destroy = _destroy,
},
.address = address,
- .id = id,
+ .server = server,
+ .client = client,
);
return &this->public;
/**
* Create a pt_tls_client instance.
*
+ * The client identity is used for:
+ * - TLS authentication if an appropirate certificate is found
+ * - SASL authentication if requested from the server
+ *
* @param address address/port to run assessments against, gets owned
- * @param id server identity to use for authentication, gets owned
+ * @param server server identity to use for authentication, gets owned
+ * @param client client identity to use for authentication, gets owned
* @return PT-TLS context
*/
-pt_tls_client_t *pt_tls_client_create(host_t *address, identification_t *id);
+pt_tls_client_t *pt_tls_client_create(host_t *address, identification_t *server,
+ identification_t *client);
#endif /** PT_TLS_CLIENT_H_ @}*/
projects / thirdparty / strongswan.git / commitdiff
