[strongSwan-dev] How to implement strongswan up and down using SMP?
Vadim Kuznetsov
rics at ideco.ru
Mon Aug 18 13:16:21 CEST 2014
Hello!
I'd like to implement the equivalent of commands "strongswan up <connectionname>"
and "strongswan down <connectionname>" using SMP plugin. To do that I'm sending
these messages to charon:
1) strongswan up:
<message type="request" id="1">
<control>
<ikesainitiate>department1</ikesainitiate>
</control>
</message>
<message type="request" id="2">
<control>
<childsainitiate>department1</childsainitiate>
</control>
</message>
2) strongswan down:
<message type="request" id="3">
<control>
<childsaterminate>1</childsaterminate>
</control>
</message>
<message type="request" id="4">
<control>
<ikesaterminate>1</ikesaterminate>
</control>
</message>
It works fine, but I'm still not sure is that the complete equivalent? And I've got
a couple of questions:
1) What happens to strongSwan server if my program would be terminated unexpectedly
before sending the second message? I mean:
- "childsaterminate" was sent and processed successfully;
- program's going to send "ikesaterminate";
- program dies before sending;
- ???
2) Are these SMP messages synchronous? Do they guarantee that the current action
(IKE/child initiation or termination) is complete (with or without error)?
Thanks in advance,
--
Vadim Kuznetsov,
GNU/Linux Software Developer
More information about the Dev
mailing list