[strongSwan] plugins, default enabled or not

Cindy Moore ctmoore at cs.ucsd.edu
Wed Dec 10 22:07:17 CET 2014


That part I understand.  The part I *don't* understand is what
installing extra modules from Ubuntu's 14.04 repository does.

Does that mean I can then make use of those plugins (and then
configure them via the snippets in strongswan.d/charon/ ) ?

In other words, is
apt-get install strongswan strongswan-plugin-ldap strongswan-plugin-xauth-noauth

equivalent to
./configure ... --enable-xauth-pam --enable-xauth-noauth
make
make install

(leaving aside the strongswan version of course)

On Wed, Dec 10, 2014 at 12:50 PM, Noel Kuntze <noel at familie-kuntze.de> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Hello Cindy,
>
> What do you mean with 'Enable those two options'? Are you referring to
> the files in '/etc/strongswan.d/'? Those packets just provide the plugins.
> Those do not enable them. If you use modular loading[1] and not a custom
> 'charon.load' [2], you need to enable the modules in their respective configuration
> file in '/etc/strongswan.d/' to make them get loaded. If you do not use modular loading [1]
> and do not use a custom 'charon.load' [2] line, the plugins get loaded automaticly.
> If you do not use modular loading [1] and use a custom 'charon.load' line, you need
> to add those plugins to the 'charon.load' line, if they are not already included in it.
>
> The plugin list [3], as described by the table header, describes what plugins are
> enabled by default ('x' in the column with title 'E') in the configuration script and
> hence are built by default if you don't disable them,
> what plugins are stable ('s' in the column with title 'S'), what plugins are in developement ('d'
> in the column with title 'S') and what plugins are experimental ('e' in the column with title 'S').
>
> The configuration script in the sources configure the sources to build all the executables, documentation and
> shared objects (libraries) that you want. The configuration in '/etc/strongswan.d/' and '/etc/strongswan.conf'
> offer to option to basicly enable, disable and configure the plugins after you already installed strongSwan.
>
> I hope this helped.
>
> [1] Have charon.load_modular not set or set to 'no' in '/etc/strongswan.conf'
> [2] The 'charon.load' line is configured in '/etc/strongswan.conf' and contains the
>      plugins that are to be loaded by charon.
> [3] https://wiki.strongswan.org/projects/strongswan/wiki/PluginList
>
> Mit freundlichen Grüßen/Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> Am 10.12.2014 um 21:39 schrieb Cindy Moore:
>> So I'm a little confused.  I know that there's a list of automatically
>> enabled options and so on, as detailed here
>> https://wiki.strongswan.org/projects/strongswan/wiki/PluginList
>>
>>
>> On ubuntu, the following
>> apt-get install strongswan strongswan-plugin-ldap strongswan-plugin-xauth-noauth
>>
>> would still not enable those two options (that are listed only as s
>> for stable, but not E for default enabled)?  Then why even offer
>> those?  What am I missing here?
>> _______________________________________________
>> Users mailing list
>> Users at lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iQIcBAEBCAAGBQJUiLISAAoJEDg5KY9j7GZYsHAP/AxG8u4LtyFvnPa/WG2y6gx2
> WsnKszZ9qA0XmRKvfQXZdIjJ12rAbOExL1ajRIPuNmagkFHChr4rREEI+ioTBxy6
> SCxelgyQrF8znyyJLO4Fp1FlCH6fm9QJtOaEkTc059RH7OdxJTLOtceAj7Tq89oc
> DWCsqahSUtqMWYfBYPqxni1Jkd45hMaRQNhDpzT+vYim67vizW8oMzh7v9n02L1B
> uyF4/SpJAw3LVrRg0rHN8MUxdVyLQjK1R6iI2NwdVZ2tLkRwN8/xlcOsnHjJpmDH
> eaS41nCE/BvL5kJsstMyP8WJRc32j9xK9MJfO5QEUp4sW1Ytfl+QWSpV4FTyBitc
> DtGbYLE8I+u+iNjl5d5OU0kBEPCLjcUCLR8LAeT6een3RRx5okgPWTIOGmx9vGGR
> gUpU3qW/nScuQHB8jD7DmGRe5GbSlmBhD20VkAEQ0xDEQFxaWPiStmnvQUXnhr1f
> YYlkPBRWdAwEpXHS30LGRpBLNQgiW9IDKalPq92LsWBlDnp8Zea6vMOTapi5Qwec
> Qv3AYl5skuqakhO9UaMgSd2DFoW0p9BizDstLZ8igIj38gWBnjzZGWmLZVMIktcC
> atdF++O+5NEaMy/7pHVrUU75ghvCPpbYXbltErEQ/QlIulJXAiDIVCVLMIlgFeem
> CSx9TilwY8c+6hjup/gD
> =o1ZZ
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users


More information about the Users mailing list