[strongSwan-dev] integrating permis into strongswan

Martin Willi martin at strongswan.org
Fri May 7 17:08:41 CEST 2010


> I've changed the code of src/libcharon/sa/tasks/ike_auth.c as I want to
> perform an authorization after an authentication.

You might have a look at our authorization hooks. It might be sufficient
if your plugin registers a listener_t to the bus and do the
authorization checks in these hooks.

> For this authorization step I need to connect via sockets to another
> machine/program (permis). And figured that I could use the
> socket_dynamic_socket to this end.

Probably not a good idea. Our socket_t implementations are very IKE
specific and not a generic abstraction for sockets. It is easier to use
plain BSD sockets for other protocols.

> ../../src/libcharon/.libs/libcharon.so: undefined reference to
> `socket_dynamic_socket_create'

You can't invoke the socket_dynamic_socket_create() function directly,
as this code is implemented in a plugin. The function is only available
after the plugin has been loaded by the plugin_loader. The plugin then
registers this constructor function to the daemon.

Best regards

More information about the Dev mailing list