[strongSwan-dev] WI: Extend plugin_t interface for reloading support

Martin Willi martin at strongswan.org
Fri Apr 15 10:11:43 CEST 2011


Work-Item: Extend plugin_t interface for reloading support

Branch: reload, now in master

Schedule: 4.5.2

Rationale:
Configuration values read from strongswan.conf have not reloadable
during daemon runtime. It is not possible to change this behavior for
many keys, as it would be very difficult to migrate IKE_SA state during
changes.
For certain keys, especially in some plugins, it makes sense to reload
the configuration during runtime (e.g. RADIUS servers, IKEv2
configuration attributes), and it isn't too hard to implement.
To allow reloading, the IKEv2 daemon now reloads strongswan.conf on
SIGHUP, and calls the new "reload()" method on all plugins. If a plugin
supports reloading, it rereads the configuration and updates itself
accordingly.

API changes:
The plugin_t interface now requires a "reload()" method. It may be
implemented as "return_false" if it does not support reloading. If the
plugin supports reloading, it does so and returns TRUE.
To simplify plugin enumeration, each plugin additionally needs a
"get_name()" method returning a static string with its plugin name. The
"create_plugin_enumerator()" function provided by plugin_loader_t now
enumerates over the plugin_t interfaces instead of just the plugin
names.
For strongswan.conf reloading, the settings_t "load_files()" and
"load_files_section()" functions gained an additional boolean argument
to merge loaded file to the existing configuration, or the replace it.

Please add these two methods to your custom plugin while migrating to
strongSwan 4.5.2. All included plugins have been migrated, the
eap-radius and attr plugins already support configuration reloading
triggerd by SIGHUP.





More information about the Dev mailing list