[strongSwan-dev] Embedded application integration - best practice
Jae Park
jpark at 2wire.com
Thu Mar 4 18:59:49 CET 2010
Hi.
I am building application that control Charon via SMP, so I had same
purpose and this is what I have done.
I added ike_state_change listener in smp.c so I can get event every
IKE_SA state changes.
But there is a problem when I make SMP message and send it to over TCP
socket (charon.xml), it generates error.
SMP socket is really based on send/ack based protocol as long as I
understand, so I decided to add another listening local
Socket on my application to receive and handle any asynchronous event
from charon.
Hope this can help.
-----Original Message-----
From: dev-bounces+jpark=2wire.com at lists.strongswan.org
[mailto:dev-bounces+jpark=2wire.com at lists.strongswan.org] On Behalf Of
Ian Hailey
Sent: Thursday, March 04, 2010 9:17 AM
To: dev at lists.strongswan.org
Subject: [strongSwan-dev] Embedded application integration - best
practice
Hi,
I am hoping someone could offer some advice on how people "normally" go
about integrating a controlling app with StrongSwan, after a quick look
I can see a few ways are possible:
1.) Use the normal config files and invoke the ipsec script (no way of
getting indications?).
2.) Write a Charon plugin (like the NM plugin, I quite like this
approach).
3.) Use DBUS and the NM plugin (I have no idea about DBUS).
4.) Re-use the Stroke API (probably not a good idea).
My aim is to:
1.) Programatically configure StrongSwan (Charon).
2.) Be able to up/down connections.
3.) Get indications when connections go down (e.g. through DPD).
What are the GPL implications of writing a plugin, I assume it would
also become GPL?
Regards,
Ian.
_______________________________________________
Dev mailing list
Dev at lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/dev
More information about the Dev
mailing list