[strongSwan-dev] How to control charon on android
Tobias Brunner
tobias at strongswan.org
Mon Mar 7 12:01:25 CET 2011
Hi Ido,
> Is there any doc/wiki describing how to configure/control charon on android?
>
> AFAIK usually it’s done thru ipsec/starter/stroke but those aren’t built
> for android.
There are several options. First, you could try to adapt the Android.mk
files to actually build starter/stroke for Android. I have never tried
that, but it might just work. Although ipsec is a shell script it might
not work directly on Android, as there could be some dependencies on bash.
As charon is basically configured/controlled through plugins (the stroke
plugin being only one of them) your second option is to write your own
plugin, which then interacts with your own tools/frontend.
There is a patch for Android 2.2 that allows basic configuration and
control of charon through Android's default VPN frontend [1]. The
latter interacts with charon's android plugin [2] using a control
mechanism provided by Android's C library (basically a UNIX socket).
The android plugin also provides an Android specific logger, reads
credentials from Android's credential store, and installs DNS servers.
Besides the android plugin there are several other plugins that
illustrate how charon can be controlled using different technologies
like DBUS (nm, maemo), UNIX sockets (stroke) or named pipes (uci).
There are also plugins that allow you to store the configuration in a
database (e.g. SQlite).
Your third option is to hire us to write such a plugin for you.
Charon's android plugin is actually an offspring of such an assignment.
Please contact Andreas (andreas.steffen at strongswan.org) if you are
interested.
Regards,
Tobias
[1] http://wiki.strongswan.org/projects/strongswan/wiki/AndroidFrontend
[2]
http://git.strongswan.org/?p=strongswan.git;a=tree;f=src/libcharon/plugins/android
More information about the Dev
mailing list