[strongSwan-dev] Getting a trigger from strongswan

Andreas Steffen andreas.steffen at strongswan.org
Fri Aug 19 13:22:42 CEST 2011 

Hello Salil,

you could implement a charon plugin which communicates via a unix socket
with your application and then installs the keys in the IKEv2 daemon.
You can use our HA (High Availability) plugin as an example to start
from where IKE keying material is exchanged between two daemons:

http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/plugins/ha/ha_dispatcher.c;h=04267f593d382b4550b4e01ca4e7794b42bd504c;hb=86e5d4aa6bd5af00764143059e2682e37efec1b6#l73

If you need professional support with your implementation please
contact our IKEv2 main developer Martin Willi (martin at strongswan.org).

Best regards

Andreas

On 19.08.2011 12:15, Salil Agrawal wrote:
> Hi,
> 
>  
> 
> We are trying to use strongswan in one of our application for the IKEv2
> purpose, our application would be running in separate process which will
> communicate the key to the strongswan daemon at one side and on the
> other side application would receive the trigger and will confirm the key.
> 
>  
> 
> Our problems are –
> 
>  
> 
> 1.       How to send the trigger from application to the strongswan, is
> there a way other then cli if yes can someone point the location of the
> code.
> 
> 2.       At the receiver end we like to have a trigger before IKE
> procedure is completed, actually we would like to confirm some private
> information (vendor specific) about the originator and would like to
> send the confirm to the strongswan which can then complete the IKEv2
> procedure. As the receiver is a server so we want a unsolicited trigger
> from strongswan towards application if we have such capability then
> please explain where can I look for it.
> 
> 3.       Once the procedure is completed we would like to have a confirm
> (reject in case of error) on both sender and receiver so that we can
> complete our state machine.
> 
>  
> 
> Regards,
> 
> Salil

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

More information about the Dev mailing list