[strongSwan] Prompting for Credentials with strongswan 5

richter at ecos.de richter at ecos.de
Mon Sep 10 16:05:03 CEST 2012


Hi Martin,

Thanks for your answer. I have started looking at the sources before my posting. I guess I have to take a deeper look.

One question: If I register my own credential_set, how does it interact with the existing credential_sets?

Is it possible to register it in such a way that it only gets called if other credentical_sets (e.g. the one that reads the config files) fails, so asking the user is only the last resort?

Thanks & Regards

Gerald


> -----Original Message-----
> From: Martin Willi [mailto:martin at strongswan.org]
> Sent: Monday, September 10, 2012 3:52 PM
> To: Gerald Richter - ECOS
> Cc: users at lists.strongswan.org
> Subject: Re: [strongSwan] Prompting for Credentials with strongswan 5
> 
> 
> > I would like to popup a Dialog when xauth credentials or a smartcard
> > pin is needed and not provided by the config files.
> 
> > As far as I see there is no such plugin yet, right?
> 
> No.
> 
> > Are there any additional docs or any plugin that I can use as starting
> > point?
> 
> There is no way around reading the sources. These interfaces are well
> commented and it shouldn't be too hard to understand them.
> 
> At the credential manager [1], you can register your own credential set [2].
> Once registered, the set will be asked for credentials when needed.
> XAuth credentials and PINs are both handled as shared key [3] (XAuth as
> SHARED_EAP). An example of a simple credential set is the NM backend [4].
> 
> For an example how to write a plugin in general, take a look at the LED plugin
> [5].
> 
> Regards
> Martin
> 
> [1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/
> credentials/credential_manager.h;hb=HEAD#l35
> [2]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/
> credentials/credential_set.h;hb=HEAD#l30
> [3]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/
> credentials/keys/shared_key.h;hb=HEAD#l30
> [4]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/charon-
> nm/nm/nm_creds.c;hb=HEAD
> [5]http://git.strongswan.org/?p=strongswan.git;a=tree;f=src/libcharon/plugi
> ns/led;hb=HEAD






More information about the Users mailing list