Hello,
For a custom validation plugin, we would like to add an option per connection.
What would be the best way to do this?
As it seems quite complicated and very intusive to add custom options to the
ipsec.conf file, we were thinking about something like that:
strongswan.conf:
charon {
...
plugins {
custom-validation-plugin {
**connection_1_name** {
option_name = value;
}
**connection_2_name** {
option_name = value;
}
....
}
}
}
In the validation plugin, we would get the name of the connection using the
peer_cfg_t of the current ike sa attached to the bus.
The option would be got thanks to
lib->settings->get_str("%s.plugins.custom-validation-plugin.%s", def, lib->ns,
conn_name);
There seems to be some restrictions though (dot cannot be used within a
connection name, ... ?)
Sounds like a hack, maybe there is something better to handle this?
What do you think?
Emeric
