Hi Ido, > Is there any doc/wiki describing how to configure/control charon on android? > > AFAIK usually it’s done thru ipsec/starter/stroke but those aren’t built > for android.
There are several options. First, you could try to adapt the Android.mk files to actually build starter/stroke for Android. I have never tried that, but it might just work. Although ipsec is a shell script it might not work directly on Android, as there could be some dependencies on bash. As charon is basically configured/controlled through plugins (the stroke plugin being only one of them) your second option is to write your own plugin, which then interacts with your own tools/frontend. There is a patch for Android 2.2 that allows basic configuration and control of charon through Android's default VPN frontend [1]. The latter interacts with charon's android plugin [2] using a control mechanism provided by Android's C library (basically a UNIX socket). The android plugin also provides an Android specific logger, reads credentials from Android's credential store, and installs DNS servers. Besides the android plugin there are several other plugins that illustrate how charon can be controlled using different technologies like DBUS (nm, maemo), UNIX sockets (stroke) or named pipes (uci). There are also plugins that allow you to store the configuration in a database (e.g. SQlite). Your third option is to hire us to write such a plugin for you. Charon's android plugin is actually an offspring of such an assignment. Please contact Andreas ([email protected]) if you are interested. Regards, Tobias [1] http://wiki.strongswan.org/projects/strongswan/wiki/AndroidFrontend [2] http://git.strongswan.org/?p=strongswan.git;a=tree;f=src/libcharon/plugins/android _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
