[strongSwan] Prompting for Credentials with strongswan 5

Martin Willi martin at strongswan.org
Mon Sep 10 16:15:28 CEST 2012

> One question: If I register my own credential_set, how does it interact
> with the existing credential_sets?

The credential sets are queried in the order they get registered and
that depends on the plugin load order.

> Is it possible to register it in such a way that it only gets called if
> other credentical_sets (e.g. the one that reads the config files)
> fails, so asking the user is only the last resort?

Currently, all credential sets are queried for shared keys. This allows
us to find a "better matching" key, based on the peer identities. But
aborting the enumeration if we get a "perfect matching" key from a
previous set should be a trivial extension.


More information about the Users mailing list