[strongSwan] upgrade to 4.4.0 and virt ip-address-pool
Andreas Steffen
andreas.steffen at strongswan.org
Tue May 25 10:39:59 CEST 2010
Hi Peter,
with the strongSwan 4.4 major release we moved the attr-sql plugin
from libstrongswan (which should handle crypto and authentication,
only) to the new libhydra (which will share more and more daemon
functionality between pluto and charon).
As a consequenceyou must move your database definition from
libstrongswan {
plugins {
attr-sql {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
to
libhydra {
plugins {
attr-sql {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
We apologize for the inconvenience!
Andreas
On 05/25/2010 10:16 AM, Peter Winterer wrote:
> Hi all,
> I just did an upgrade from strongswan 4.3.5 to 4.4.0.
> We are using an virtual ip-adresspool (sqlite) to assign ip-addresses from the
> server to the client. With 4.3.5 this works without any problems.
> After upgrading, I am getting the following error-message:
>
> ipsec pool --status :
> database URI libhydra.plugins.attr-sql.database not set
>
> And the following message in the log, when I start "ipsec":
>
>
> Starting IKEv2 charon daemon (strongSwan 4.4.0)
> [CFG] attr-sql plugin: database URI not set
> [LIB] plugin 'attr-sql': failed to load - attr_sql_plugin_create returned NULL
>
>
> The plugins seem to be available:
>
> /usr/libexec/ipsec/plugins/libstrongswan-sql.a
> /usr/libexec/ipsec/plugins/libstrongswan-sql.la
> /usr/libexec/ipsec/plugins/libstrongswan-sqlite.so
> /usr/libexec/ipsec/plugins/libstrongswan-sqlite.a
> /usr/libexec/ipsec/plugins/libstrongswan-attr-sql.so
> /usr/libexec/ipsec/plugins/libstrongswan-sqlite.la
> /usr/libexec/ipsec/plugins/libstrongswan-attr-sql.la
> /usr/libexec/ipsec/plugins/libstrongswan-sql.so
> /usr/libexec/ipsec/plugins/libstrongswan-attr-sql.a
>
> /usr/lib/libhydra.la
> /usr/lib/libhydra.a
> /usr/lib/libhydra.so.0.0.0
> /usr/lib/libhydra.so.0 -> libhydra.so.0.0.0
> /usr/lib/libhydra.so -> libhydra.so.0.0.0
>
>
> strongswan.conf:
> ...
> libstrongswan {
> plugins {
> attr-sql {
>
> # loglevel to log into sql database
> loglevel = -1
>
> # URI to the database
> # database = sqlite:///path/to/file.db
> database = sqlite:///etc/ipsec.d/ipsec.db
> # database = mysql://user:password@localhost/database
> }
> }
> }
> pool {
> load = sqlite
> }
> .....
>
>
>
> Any ideas? Thanks
> Peter
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list