Commit e248fac362 for strongswan.org

commit e248fac362b0d2a17b9a04491b5b5ab40c2d6f45
Author: Tobias Brunner <tobias@strongswan.org>
Date:   Thu Oct 2 10:47:36 2025 +0200

    charon-cmd: Only use loose identity matching if no IDr is configured

diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
index aaf02c6c78..cb16600901 100644
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -247,8 +247,9 @@ static void add_auth_cfg(private_cmd_connection_t *this, peer_cfg_t *peer_cfg,
 		else
 		{
 			id = identification_create_from_string(this->host);
+			/* only use this if remote ID was not configured explicitly */
+			auth->add(auth, AUTH_RULE_IDENTITY_LOOSE, TRUE);
 		}
-		auth->add(auth, AUTH_RULE_IDENTITY_LOOSE, TRUE);
 	}
 	auth->add(auth, AUTH_RULE_IDENTITY, id);
 	peer_cfg->add_auth_cfg(peer_cfg, auth, local);