[strongSwan-dev] role of High Aavailibity plugin in installing ipsec SA keys when there is only one node in Android Client

Ravi Kanth Vanapalli vvnrk.vanapalli at gmail.com
Mon Jan 5 17:58:01 CET 2015


Dear all,
 I have a question regarding the role of using HA plugin when installing
the IKE_SA keys.

As I observe from the code once IKE_SA_INIT negotiation complets.

process_r and 'build_r' which inturn calls 'derive_keys'

derive_keys calls 'charon->bus->ike_keys'      on the charon bus.

The listener to ike_keys has been added  by the High availability plugin.

Query:
 1)  There is only one node.. i.e the android client.  Why would be the
need to use a HA plugin here.

  2)  In line 140 of ha_ike.c there is a  call like below

     this->socket->push(this->socket, m);   // To which socket this
information is being written.
       Which module will be listening to this socket for keying
information.

 3)  How is this keying information stored back in the IKE_SA managed by
the IKE SA manager ?

-- 
Regards,
RaviKanth VN Vanapalli
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150105/c58104b9/attachment.html>


More information about the Dev mailing list