[strongSwan] plugins, default enabled or not

Noel Kuntze noel at familie-kuntze.de
Wed Dec 10 22:06:24 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Cindy,

Under the assumption that all your program code regarding strongSwan comes from the repo,
the answer is yes. Do not mix parts from the repo and self compiled stuff. Bad things might happen
and kittens could be killed.

Mit freundlichen Grüßen/Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 10.12.2014 um 22:07 schrieb Cindy Moore:
> That part I understand.  The part I *don't* understand is what
> installing extra modules from Ubuntu's 14.04 repository does.
>
> Does that mean I can then make use of those plugins (and then
> configure them via the snippets in strongswan.d/charon/ ) ?
>
> In other words, is
> apt-get install strongswan strongswan-plugin-ldap strongswan-plugin-xauth-noauth
>
> equivalent to
> ./configure ... --enable-xauth-pam --enable-xauth-noauth
> make
> make install
>
> (leaving aside the strongswan version of course)
>
> On Wed, Dec 10, 2014 at 12:50 PM, Noel Kuntze <noel at familie-kuntze.de> wrote:
>>
> Hello Cindy,
>
> What do you mean with 'Enable those two options'? Are you referring to
> the files in '/etc/strongswan.d/'? Those packets just provide the plugins.
> Those do not enable them. If you use modular loading[1] and not a custom
> 'charon.load' [2], you need to enable the modules in their respective configuration
> file in '/etc/strongswan.d/' to make them get loaded. If you do not use modular loading [1]
> and do not use a custom 'charon.load' [2] line, the plugins get loaded automaticly.
> If you do not use modular loading [1] and use a custom 'charon.load' line, you need
> to add those plugins to the 'charon.load' line, if they are not already included in it.
>
> The plugin list [3], as described by the table header, describes what plugins are
> enabled by default ('x' in the column with title 'E') in the configuration script and
> hence are built by default if you don't disable them,
> what plugins are stable ('s' in the column with title 'S'), what plugins are in developement ('d'
> in the column with title 'S') and what plugins are experimental ('e' in the column with title 'S').
>
> The configuration script in the sources configure the sources to build all the executables, documentation and
> shared objects (libraries) that you want. The configuration in '/etc/strongswan.d/' and '/etc/strongswan.conf'
> offer to option to basicly enable, disable and configure the plugins after you already installed strongSwan.
>
> I hope this helped.
>
> [1] Have charon.load_modular not set or set to 'no' in '/etc/strongswan.conf'
> [2] The 'charon.load' line is configured in '/etc/strongswan.conf' and contains the
>      plugins that are to be loaded by charon.
> [3] https://wiki.strongswan.org/projects/strongswan/wiki/PluginList
>
> Mit freundlichen Grüßen/Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> Am 10.12.2014 um 21:39 schrieb Cindy Moore:
> >>> So I'm a little confused.  I know that there's a list of automatically
> >>> enabled options and so on, as detailed here
> >>> https://wiki.strongswan.org/projects/strongswan/wiki/PluginList
> >>>
> >>>
> >>> On ubuntu, the following
> >>> apt-get install strongswan strongswan-plugin-ldap strongswan-plugin-xauth-noauth
> >>>
> >>> would still not enable those two options (that are listed only as s
> >>> for stable, but not E for default enabled)?  Then why even offer
> >>> those?  What am I missing here?
> >>> _______________________________________________
> >>> Users mailing list
> >>> Users at lists.strongswan.org
> >>> https://lists.strongswan.org/mailman/listinfo/users
>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJUiLXMAAoJEDg5KY9j7GZY/ToP/RJjuSoOUhaSYqJCMAlD496u
dyQNVfqTvruTeBirgRWda685i36ylIQxCgYg40kkCcsvWayawzkn+VvvuddH9bCJ
6ESa1QiOGfmMw4DihaI1ZBtpi4OiQwmi9rMdZy5PrwU/LENgPDNICGJOLfeCAeAL
3ZUxObLcl7jV944MYfCRHeJen63IZd7b6Bvx1XyNpnKpXGQYg6ImRGACoev55WsQ
k3uxV5ulNHuto9LW0wBzx6VkWl+1NFTn1W+8Bo9mGV3L5ye1BSl5C6AxMdtpnKF5
E5qHEdtWGczr3oh3F0jwjmwaSrtu7fpDZW4odG879Q9XWZp/l/ZBfv8tXWEybdRc
x9N3Ux+ZCHiNnzJk0heqZJpurZHV0AVuMB/n9/C8kWnzXj+cJWDqPiV+k32XYELv
VPuHsmwIstSYFUFZ/8jpFEZ1D5RIhv6oEi7+71iqBJmkGqLU8UlniqbBD8xCw9hn
jMlYzdB5fJwiUcc84ais5/i/KMaq/PRJgKs4xLKI3XUVwNYM+HR6XdOghrhBUyAO
nsCM89PP5s3dGznN86V4dbEX453Qu5fOsGhXjdxf9260Aodfl99Q4hZCEZOsJ3Dt
ZJ/5he/CKx/EQo8G/QbEs4F4o2ehMliTomSWy3h6QMtIG29UU17SdqNoe3UyuY+1
rgvf8mqesyq8lwORB8Pn
=nobo
-----END PGP SIGNATURE-----



More information about the Users mailing list