Feature #2581
Add option to configure client identity in NetworkManager plugin
Description
charon-nm sends the certificate's DN as an identifier. In this case the dhcp plugin on the peer does not set a client hostname option in the dhcp request, i.e. dnsmasq doesn't set the hostname in its DNS database.
It would be very nice if charon/charon-nm could be improved in this case.
On ios or MacOS the client uses the FQDN (configured in a profile) as an identifier, the dhcp plug sets the client hostname in the dhcp request, and dnsmasq registers the hostname in DNS.
History
#1 Updated by Tobias Brunner over 7 years ago
- Status changed from New to Feedback
I'm not sure if the title is correct, as this is more of a charon-nm than a dhcp plugin issue (e.g. add a client ID selector like we provide in the Android app). But you sure could also hack something into the dhcp plugin if really wanted to forward a hostname (e.g. get the client's certificate and search for a FQDN in the SANs).
#2 Updated by Harald Dunkel about 6 years ago
I am desperately waiting for this feature. Is there hope?
#3 Updated by Tobias Brunner over 5 years ago
- Subject changed from dhcp plugin: please support client hostname option for peers running charon-nm to Add option to configure client identity in NetworkManager plugin
- Category set to networkmanager (charon-nm)
- Target version set to 5.8.3
I pushed some changes to the 2581-nm-client-id branch, which allow configuring a specific client identity (e.g. a subjectAltName instead of the subject DN, which is used by default for certificates).
#4 Updated by Tobias Brunner over 5 years ago
- Status changed from Feedback to Closed
- Assignee set to Tobias Brunner
- Resolution set to Fixed