Hi Martin, Martin Willi wrote: > Hi Christophe, > > >> I was just wondering if charon (or starter) can be made to reload the >> strongswan.conf file in case it changed. >> > > No, currently not. > > >> I guess this is complex, since the list of plugins or their >> configuration may have changed >> > > It is indeed very complex to change many of the configuration options. A > lot of data structures and resources are created depending on > strongswan.conf options. "Updating" would actually mean recreating or > changing these resources while our multi-threaded daemon is using them. > yes, this confirms my thoughts :) > We have introduced, however, some basic support for setting > strongswan.conf options during runtime (see the set_*() methods and > load_files() in libstrongswan/settings.h). I even had some plans to > attach different backends to the settings provider (i.e. read from a > relational database). But all this requires that the consumer rereads > these keys. This is not the case for many of them. > > >> I condemned to restart charon (ipsec restart)? >> > > Depends on what keys you actually want to update. Rereading > strongswan.conf wouldn't be too difficult. But applying new values might > be, depending on the key that gets changed. > I was thinking of changing the radius server parameters (add/delete a server, or change some of its parameters like the shared secret). > Regards > Martin > Thanks and Regards, Christophe.
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
