Hi, > Is it possible to send out traffic selectors values TSi,TSr to other > process (Authorization process) for TS narrow down.
A listener_t interface registered to the charon bus has a narrow() hook, see [1]. This hook can be used to modify traffic selectors during the setup of a CHILD_SA. To implement this interface, you should create your own charon plugin. This plugin can register a listener, but runs in the charon process. To delegate the narrowing decisions to a dedicated process, you can use some kind of IPC to communicate between the plugin and your external process. An example of a plugin using the narrow() hook is "unity". It registers a listener and uses it for narrowing, see [2] for more details. Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/bus/listeners/listener.h#l179 [2]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/plugins/unity/unity_narrow.c _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
