[strongSwan] Prompting for Credentials with strongswan 5

richter at ecos.de richter at ecos.de
Tue Sep 18 16:35:18 CEST 2012 

Hi,

I have taken a closer look at the sources (e.g. nm_cread.c and others) and it seems to me that the credential manager does only handle the password (in case of xauth), but not the username.

What I would like to have, is that the user gets ask for username _and_ password (maybe with some default username already filled in). Is it possible to supply the username via the credential manager or can it only be changed in the config, so I have to do it upfront?

Thanks & Regards

Gerald


> -----Original Message-----
> From: users-bounces+richter=ecos.de at lists.strongswan.org [mailto:users-
> bounces+richter=ecos.de at lists.strongswan.org] On Behalf Of Gerald Richter
> - ECOS
> Sent: Monday, September 10, 2012 4:05 PM
> To: Martin Willi
> Cc: users at lists.strongswan.org
> Subject: Re: [strongSwan] Prompting for Credentials with strongswan 5
> 
> Hi Martin,
> 
> Thanks for your answer. I have started looking at the sources before my
> posting. I guess I have to take a deeper look.
> 
> One question: If I register my own credential_set, how does it interact with
> the existing credential_sets?
> 
> Is it possible to register it in such a way that it only gets called if other
> credentical_sets (e.g. the one that reads the config files) fails, so asking the
> user is only the last resort?
> 
> Thanks & Regards
> 
> Gerald
> 
> 
> > -----Original Message-----
> > From: Martin Willi [mailto:martin at strongswan.org]
> > Sent: Monday, September 10, 2012 3:52 PM
> > To: Gerald Richter - ECOS
> > Cc: users at lists.strongswan.org
> > Subject: Re: [strongSwan] Prompting for Credentials with strongswan 5
> >
> >
> > > I would like to popup a Dialog when xauth credentials or a smartcard
> > > pin is needed and not provided by the config files.
> >
> > > As far as I see there is no such plugin yet, right?
> >
> > No.
> >
> > > Are there any additional docs or any plugin that I can use as
> > > starting point?
> >
> > There is no way around reading the sources. These interfaces are well
> > commented and it shouldn't be too hard to understand them.
> >
> > At the credential manager [1], you can register your own credential set [2].
> > Once registered, the set will be asked for credentials when needed.
> > XAuth credentials and PINs are both handled as shared key [3] (XAuth
> > as SHARED_EAP). An example of a simple credential set is the NM backend
> [4].
> >
> > For an example how to write a plugin in general, take a look at the
> > LED plugin [5].
> >
> > Regards
> > Martin
> >
> > [1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongs
> > wan/
> > credentials/credential_manager.h;hb=HEAD#l35
> > [2]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongs
> > wan/
> > credentials/credential_set.h;hb=HEAD#l30
> > [3]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongs
> > wan/
> > credentials/keys/shared_key.h;hb=HEAD#l30
> > [4]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/charon-
> > nm/nm/nm_creds.c;hb=HEAD
> > [5]http://git.strongswan.org/?p=strongswan.git;a=tree;f=src/libcharon/
> > plugi
> > ns/led;hb=HEAD
> 
> 
> 
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

More information about the Users mailing list