Hi. I am building application that control Charon via SMP, so I had same purpose and this is what I have done.
I added ike_state_change listener in smp.c so I can get event every IKE_SA state changes. But there is a problem when I make SMP message and send it to over TCP socket (charon.xml), it generates error. SMP socket is really based on send/ack based protocol as long as I understand, so I decided to add another listening local Socket on my application to receive and handle any asynchronous event from charon. Hope this can help. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Ian Hailey Sent: Thursday, March 04, 2010 9:17 AM To: [email protected] Subject: [strongSwan-dev] Embedded application integration - best practice Hi, I am hoping someone could offer some advice on how people "normally" go about integrating a controlling app with StrongSwan, after a quick look I can see a few ways are possible: 1.) Use the normal config files and invoke the ipsec script (no way of getting indications?). 2.) Write a Charon plugin (like the NM plugin, I quite like this approach). 3.) Use DBUS and the NM plugin (I have no idea about DBUS). 4.) Re-use the Stroke API (probably not a good idea). My aim is to: 1.) Programatically configure StrongSwan (Charon). 2.) Be able to up/down connections. 3.) Get indications when connections go down (e.g. through DPD). What are the GPL implications of writing a plugin, I assume it would also become GPL? Regards, Ian. _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
