Xia Weizhong wrote: > Hi > > I plan to use strongswan in an Embeded environment. My plan is to use charon > alone with libstrongswan (no starter), and with configs stored in sqlite > database. Is this way possible? > > To store configs in sqlite database, is there any document I could consult? > In the sqlite howto page, I can figure out some of the setting. Yet some I > can not, example: > > *ID_DER_ASN1_DN*: scripts/id2sql "C=CH, O=Linux strongSwan, CN= > moon.strongswan.org" > > INSERT INTO identities ( > type, data > ) VALUES ( > 9, > X'3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f7267' > ); > How do the string in quotations get into the magic 3046....? > As described in the SQLite howto, the auxiliary program id2sql translates the LDAP-style representation of the subject distinguished name
"C=CH, O=Linux strongSwan, CN=moon.strongswan.org" into its binary ASN.1 DER-encoded representation. We are aware that entering configuration, identity and credential information into the database manually is quite tiresome. If you want to use the database in a production environment you would have to write some scripts or a GUI to enter this information. > And from the source code package test examples, there are something like: > INSERT INTO shared_secret_identity ( > shared_secret, identity > ) VALUES ( > 1, 4 > ); > What is the 1 and 4 means here? Row number in releated tables? > Yes, this are primary keys of the shared_secret and identity tables. The keys are assigned with increasing numbers starting with one. Have a look at the following examples for more details http://www.strongswan.org/uml/testresults43/sql/index.html > Not sure if anything in ipsec.conf can have a counter part in the database? > There are currently some parameters that cannot be defined in the database. > thanks, Xia Weizhong Best regards Andreas ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
