[strongSwan-dev] Implement new plugin

vtsingaras at it.auth.gr vtsingaras at it.auth.gr
Sat Jun 28 20:27:45 CEST 2014

My authorize hook listener gets called for the client and the gateway. How can I tell for which end is the current invocation? 

Sent from my android device.

-----Original Message-----
From: Vyronas Tsingaras <vtsingaras at it.auth.gr>
To: Martin Willi <martin at strongswan.org>
Cc: dev at lists.strongswan.org
Sent: Fri, 27 Jun 2014 14:55
Subject: Re: [strongSwan-dev] Implement new plugin

Am I correct that in order to test my plugin on a package-install of 
strongswan on Ubuntu 14.04 I just have to add the conf file to 
/etc/strongswan.d/charon/ and add the resulting .so to 
/usr/lib/ipsec/plugins/ ?? Thank you for your time.

Vyronas Tsingaras
vtsingaras at it.auth.gr

On 27/06/2014 12:49 μμ, Martin Willi wrote:
> Hi Vyronas,
>>   How does one add a new plugin to the build system?
> You'll have to add a --enable option and the associated Makefile to
> configure.ac. Search the file for an existing plugin (lookip for
> example), and insert corresponding statements for your plugin.
> For a libcharon plugin, you'll have to extend the Makefile.am in this
> directory for your plugin. Again, refer to an existing plugin for a
> template.
>> Is there an existing plugin that provides authorization by an external
>> script/executable after user authentication like OpenVPN?
> No, the updown plugin invokes a script for established tunnels, but
> can't reject authorization based on the script return value.
> Instead, you may register a listener for the authorize hook [1], which
> then can call a script and pass appropriate information for a decision.
> Regards
> Martin
> [1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/bus/listeners/listener.h;h=abcc765e;hb=HEAD#l163

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20140628/f5d4a1ea/attachment.html>

More information about the Dev mailing list