[strongSwan-dev] Implement new plugin

Vyronas Tsingaras vtsingaras at it.auth.gr
Fri Jun 27 13:54:55 CEST 2014


Am I correct that in order to test my plugin on a package-install of 
strongswan on Ubuntu 14.04 I just have to add the conf file to 
/etc/strongswan.d/charon/ and add the resulting .so to 
/usr/lib/ipsec/plugins/ ?? Thank you for your time.

Regards,
Vyronas Tsingaras
vtsingaras at it.auth.gr

On 27/06/2014 12:49 μμ, Martin Willi wrote:
> Hi Vyronas,
>
>>   How does one add a new plugin to the build system?
> You'll have to add a --enable option and the associated Makefile to
> configure.ac. Search the file for an existing plugin (lookip for
> example), and insert corresponding statements for your plugin.
>
> For a libcharon plugin, you'll have to extend the Makefile.am in this
> directory for your plugin. Again, refer to an existing plugin for a
> template.
>
>> Is there an existing plugin that provides authorization by an external
>> script/executable after user authentication like OpenVPN?
> No, the updown plugin invokes a script for established tunnels, but
> can't reject authorization based on the script return value.
>
> Instead, you may register a listener for the authorize hook [1], which
> then can call a script and pass appropriate information for a decision.
>
> Regards
> Martin
>
> [1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/bus/listeners/listener.h;h=abcc765e;hb=HEAD#l163
>



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5751 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20140627/0867df38/attachment.bin>


More information about the Dev mailing list