HI Andreas Thanks for the explanation. Do you think if I still need "starter" if configs are stored in sqlite database?
thanks, Xia Weizhong 2010/1/20 Andreas Steffen <[email protected]> > Xia Weizhong wrote: > > Hi > > > > I plan to use strongswan in an Embeded environment. My plan is to use > charon > > alone with libstrongswan (no starter), and with configs stored in sqlite > > database. Is this way possible? > > > > To store configs in sqlite database, is there any document I could > consult? > > In the sqlite howto page, I can figure out some of the setting. Yet some > I > > can not, example: > > > > *ID_DER_ASN1_DN*: scripts/id2sql "C=CH, O=Linux strongSwan, CN= > > moon.strongswan.org" > > > > INSERT INTO identities ( > > type, data > > ) VALUES ( > > 9, > X'3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f7267' > > ); > > How do the string in quotations get into the magic 3046....? > > > As described in the SQLite howto, the auxiliary program id2sql > translates the LDAP-style representation of the > subject distinguished name > > "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" > > into its binary ASN.1 DER-encoded representation. We are aware > that entering configuration, identity and credential information into > the database manually is quite tiresome. If you want to use the > database in a production environment you would have to write some > scripts or a GUI to enter this information. > > > And from the source code package test examples, there are something like: > > INSERT INTO shared_secret_identity ( > > shared_secret, identity > > ) VALUES ( > > 1, 4 > > ); > > What is the 1 and 4 means here? Row number in releated tables? > > > Yes, this are primary keys of the shared_secret and identity > tables. The keys are assigned with increasing numbers starting > with one. Have a look at the following examples for more details > > http://www.strongswan.org/uml/testresults43/sql/index.html > > > Not sure if anything in ipsec.conf can have a counter part in the > database? > > > There are currently some parameters that cannot be defined in the > database. > > > thanks, Xia Weizhong > > Best regards > > Andreas > > ====================================================================== > Andreas Steffen [email protected] > strongSwan - the Linux VPN Solution! www.strongswan.org > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========================================================[ITA-HSR]== > _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
