From 247794827e8ac7b7aa5f9dd8eb36d5f35e067e0d Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Tue, 13 Oct 2009 17:02:29 +0200 Subject: [PATCH] move SQL-based pool functionality to new attr-sql libstrongswan plugin --- configure.in | 7 ++ src/charon/plugins/sql/Makefile.am | 9 +- src/charon/plugins/sql/sql_plugin.c | 10 --- src/checksum/Makefile.am | 4 +- src/libstrongswan/Makefile.am | 4 + .../plugins/attr_sql/Makefile.am | 15 ++++ .../plugins/attr_sql/attr_sql_plugin.c | 87 +++++++++++++++++++ .../plugins/attr_sql/attr_sql_plugin.h | 47 ++++++++++ .../plugins/attr_sql}/pool.c | 4 +- .../plugins/attr_sql}/sql_attribute.c | 17 ++-- .../plugins/attr_sql}/sql_attribute.h | 0 .../ip-pool-db/hosts/moon/etc/strongswan.conf | 9 +- .../hosts/moon/etc/strongswan.conf | 9 +- .../hosts/moon/etc/strongswan.conf | 9 +- .../hosts/moon/etc/strongswan.conf | 9 +- .../hosts/moon/etc/strongswan.conf | 10 ++- .../hosts/moon/etc/strongswan.conf | 10 ++- .../ip-pool-db/hosts/moon/etc/strongswan.conf | 10 ++- .../hosts/moon/etc/strongswan.conf | 10 ++- .../hosts/moon/etc/strongswan.conf | 10 ++- 20 files changed, 245 insertions(+), 45 deletions(-) create mode 100644 src/libstrongswan/plugins/attr_sql/Makefile.am create mode 100644 src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c create mode 100644 src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h rename src/{charon/plugins/sql => libstrongswan/plugins/attr_sql}/pool.c (99%) rename src/{charon/plugins/sql => libstrongswan/plugins/attr_sql}/sql_attribute.c (97%) rename src/{charon/plugins/sql => libstrongswan/plugins/attr_sql}/sql_attribute.h (100%) diff --git a/configure.in b/configure.in index 6086af282..057152d03 100644 --- a/configure.in +++ b/configure.in @@ -127,6 +127,7 @@ ARG_DISBL_SET([tools], [disable additional utilities (openac, scepclien ARG_DISBL_SET([scripts], [disable additional utilities (found in directory scripts).]) ARG_DISBL_SET([updown], [disable updown firewall script plugin.]) ARG_DISBL_SET([attr], [disable strongswan.conf based configuration attribute plugin.]) +ARG_ENABL_SET([attr-sql], [enable SQL based configuration attribute plugin.]) ARG_DISBL_SET([resolve], [disable resolve DNS handler plugin.]) ARG_ENABL_SET([padlock], [enables VIA Padlock crypto plugin.]) ARG_ENABL_SET([openssl], [enables the OpenSSL crypto plugin.]) @@ -618,6 +619,10 @@ fi if test x$sqlite = xtrue; then libstrongswan_plugins=${libstrongswan_plugins}" sqlite" fi +if test x$attr_sql = xtrue -o x$sql = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" attr-sql" + pluto_plugins=${pluto_plugins}" attr-sql" +fi if test x$padlock = xtrue; then libstrongswan_plugins=${libstrongswan_plugins}" padlock" fi @@ -676,6 +681,7 @@ AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue) AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue) AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue) AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue) +AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue) AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue) AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue) AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue) @@ -775,6 +781,7 @@ AC_OUTPUT( src/libstrongswan/plugins/ldap/Makefile src/libstrongswan/plugins/mysql/Makefile src/libstrongswan/plugins/sqlite/Makefile + src/libstrongswan/plugins/attr_sql/Makefile src/libstrongswan/plugins/padlock/Makefile src/libstrongswan/plugins/openssl/Makefile src/libstrongswan/plugins/gcrypt/Makefile diff --git a/src/charon/plugins/sql/Makefile.am b/src/charon/plugins/sql/Makefile.am index c6a382c4e..60135bf08 100644 --- a/src/charon/plugins/sql/Makefile.am +++ b/src/charon/plugins/sql/Makefile.am @@ -5,11 +5,8 @@ AM_CFLAGS = -rdynamic \ -DPLUGINS=\""${libstrongswan_plugins}\"" plugin_LTLIBRARIES = libstrongswan-sql.la -libstrongswan_sql_la_SOURCES = sql_plugin.h sql_plugin.c \ - sql_config.h sql_config.c sql_cred.h sql_cred.c \ - sql_attribute.h sql_attribute.c sql_logger.h sql_logger.c +libstrongswan_sql_la_SOURCES = \ + sql_plugin.h sql_plugin.c sql_config.h sql_config.c \ + sql_cred.h sql_cred.c sql_logger.h sql_logger.c libstrongswan_sql_la_LDFLAGS = -module -avoid-version -ipsec_PROGRAMS = pool -pool_SOURCES = pool.c -pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la diff --git a/src/charon/plugins/sql/sql_plugin.c b/src/charon/plugins/sql/sql_plugin.c index 05cdad559..e2e410a8a 100644 --- a/src/charon/plugins/sql/sql_plugin.c +++ b/src/charon/plugins/sql/sql_plugin.c @@ -18,7 +18,6 @@ #include #include "sql_config.h" #include "sql_cred.h" -#include "sql_attribute.h" #include "sql_logger.h" typedef struct private_sql_plugin_t private_sql_plugin_t; @@ -48,11 +47,6 @@ struct private_sql_plugin_t { */ sql_cred_t *cred; - /** - * CFG attributes - */ - sql_attribute_t *attribute; - /** * bus listener/logger */ @@ -67,10 +61,8 @@ static void destroy(private_sql_plugin_t *this) charon->backends->remove_backend(charon->backends, &this->config->backend); charon->credentials->remove_set(charon->credentials, &this->cred->set); charon->bus->remove_listener(charon->bus, &this->logger->listener); - lib->attributes->remove_provider(lib->attributes, &this->attribute->provider); this->config->destroy(this->config); this->cred->destroy(this->cred); - this->attribute->destroy(this->attribute); this->logger->destroy(this->logger); this->db->destroy(this->db); free(this); @@ -104,10 +96,8 @@ plugin_t *plugin_create() } this->config = sql_config_create(this->db); this->cred = sql_cred_create(this->db); - this->attribute = sql_attribute_create(this->db); this->logger = sql_logger_create(this->db); - lib->attributes->add_provider(lib->attributes, &this->attribute->provider); charon->backends->add_backend(charon->backends, &this->config->backend); charon->credentials->add_set(charon->credentials, &this->cred->set); charon->bus->add_listener(charon->bus, &this->logger->listener); diff --git a/src/checksum/Makefile.am b/src/checksum/Makefile.am index 7a8a7a3ca..d0413e64e 100644 --- a/src/checksum/Makefile.am +++ b/src/checksum/Makefile.am @@ -29,8 +29,8 @@ if USE_TOOLS libs += $(top_builddir)/src/scepclient/.libs/scepclient endif -if USE_SQL - libs += $(top_builddir)/src/charon/plugins/sql/.libs/pool +if USE_ATTR_SQL + libs += $(top_builddir)/src/libstrongswan/plugins/attr_sql/.libs/pool endif checksum.c : checksum_builder $(libs) diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index b95658857..d8d027e8e 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -200,6 +200,10 @@ if USE_SQLITE SUBDIRS += plugins/sqlite endif +if USE_ATTR_SQL + SUBDIRS += plugins/attr_sql +endif + if USE_PADLOCK SUBDIRS += plugins/padlock endif diff --git a/src/libstrongswan/plugins/attr_sql/Makefile.am b/src/libstrongswan/plugins/attr_sql/Makefile.am new file mode 100644 index 000000000..5be310abf --- /dev/null +++ b/src/libstrongswan/plugins/attr_sql/Makefile.am @@ -0,0 +1,15 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = -rdynamic \ + -DPLUGINS=\""${libstrongswan_plugins}\"" + +plugin_LTLIBRARIES = libstrongswan-attr-sql.la +libstrongswan_attr_sql_la_SOURCES = \ + attr_sql_plugin.h attr_sql_plugin.c \ + sql_attribute.h sql_attribute.c +libstrongswan_attr_sql_la_LDFLAGS = -module -avoid-version + +ipsec_PROGRAMS = pool +pool_SOURCES = pool.c +pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la diff --git a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c new file mode 100644 index 000000000..cb57af8a5 --- /dev/null +++ b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c @@ -0,0 +1,87 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +#include "attr_sql_plugin.h" +#include "sql_attribute.h" + +typedef struct private_attr_sql_plugin_t private_attr_sql_plugin_t; + +/** + * private data of attr_sql plugin + */ +struct private_attr_sql_plugin_t { + + /** + * implements plugin interface + */ + attr_sql_plugin_t public; + + /** + * database connection instance + */ + database_t *db; + + /** + * configuration attributes + */ + sql_attribute_t *attribute; + +}; + +/** + * Implementation of plugin_t.destroy + */ +static void destroy(private_attr_sql_plugin_t *this) +{ + lib->attributes->remove_provider(lib->attributes, &this->attribute->provider); + this->attribute->destroy(this->attribute); + this->db->destroy(this->db); + free(this); +} + +/* + * see header file + */ +plugin_t *plugin_create() +{ + char *uri; + private_attr_sql_plugin_t *this; + + uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL); + if (!uri) + { + DBG1("attr-sql plugin: database URI not set"); + return NULL; + } + + this = malloc_thing(private_attr_sql_plugin_t); + + this->public.plugin.destroy = (void(*)(plugin_t*))destroy; + + this->db = lib->db->create(lib->db, uri); + if (!this->db) + { + DBG1("attr-sql plugin failed to connect to database"); + free(this); + return NULL; + } + this->attribute = sql_attribute_create(this->db); + lib->attributes->add_provider(lib->attributes, &this->attribute->provider); + + return &this->public.plugin; +} + diff --git a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h new file mode 100644 index 000000000..3a7b8428b --- /dev/null +++ b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup sql sql + * @ingroup cplugins + * + * @defgroup sql_plugin sql_plugin + * @{ @ingroup sql + */ + +#ifndef ATTR_SQL_PLUGIN_H_ +#define ATTR_SQL_PLUGIN_H_ + +#include + +typedef struct attr_sql_plugin_t attr_sql_plugin_t; + +/** + * SQL database attribute configuration plugin + */ +struct attr_sql_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +/** + * Create a sql_plugin instance. + */ +plugin_t *plugin_create(); + +#endif /** ATTR_SQL_PLUGIN_H_ @}*/ diff --git a/src/charon/plugins/sql/pool.c b/src/libstrongswan/plugins/attr_sql/pool.c similarity index 99% rename from src/charon/plugins/sql/pool.c rename to src/libstrongswan/plugins/attr_sql/pool.c index 68c2dac48..f4ccbd1fa 100644 --- a/src/charon/plugins/sql/pool.c +++ b/src/libstrongswan/plugins/attr_sql/pool.c @@ -623,10 +623,10 @@ int main(int argc, char *argv[]) exit(SS_RC_INITIALIZATION_FAILED); } - uri = lib->settings->get_str(lib->settings, "charon.plugins.sql.database", NULL); + uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL); if (!uri) { - fprintf(stderr, "database URI charon.plugins.sql.database not set.\n"); + fprintf(stderr, "database URI libstrongswan.plugins.attr-sql.database not set.\n"); exit(SS_RC_INITIALIZATION_FAILED); } db = lib->db->create(lib->db, uri); diff --git a/src/charon/plugins/sql/sql_attribute.c b/src/libstrongswan/plugins/attr_sql/sql_attribute.c similarity index 97% rename from src/charon/plugins/sql/sql_attribute.c rename to src/libstrongswan/plugins/attr_sql/sql_attribute.c index 9045f7739..405351653 100644 --- a/src/charon/plugins/sql/sql_attribute.c +++ b/src/libstrongswan/plugins/attr_sql/sql_attribute.c @@ -13,11 +13,12 @@ * for more details. */ -#include "sql_attribute.h" - #include -#include +#include +#include + +#include "sql_attribute.h" typedef struct private_sql_attribute_t private_sql_attribute_t; @@ -126,8 +127,8 @@ static host_t* check_lease(private_sql_attribute_t *this, char *name, host = host_create_from_chunk(AF_UNSPEC, address, 0); if (host) { - DBG1(DBG_CFG, "acquired existing lease " - "for address %H in pool '%s'", host, name); + DBG1("acquired existing lease for address %H in pool '%s'", + host, name); return host; } } @@ -201,13 +202,13 @@ static host_t* get_lease(private_sql_attribute_t *this, char *name, host = host_create_from_chunk(AF_UNSPEC, address, 0); if (host) { - DBG1(DBG_CFG, "acquired new lease " - "for address %H in pool '%s'", host, name); + DBG1("acquired new lease for address %H in pool '%s'", + host, name); return host; } } } - DBG1(DBG_CFG, "no available address found in pool '%s'", name); + DBG1("no available address found in pool '%s'", name); return NULL; } diff --git a/src/charon/plugins/sql/sql_attribute.h b/src/libstrongswan/plugins/attr_sql/sql_attribute.h similarity index 100% rename from src/charon/plugins/sql/sql_attribute.h rename to src/libstrongswan/plugins/attr_sql/sql_attribute.h diff --git a/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/strongswan.conf index 5f66bae09..b7c598fca 100644 --- a/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/strongswan.conf @@ -1,12 +1,15 @@ # /etc/strongswan.conf - strongSwan configuration file charon { + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite attr-sql updown +} + +libstrongswan { plugins { - sql { - database = sqlite:///etc/ipsec.d/ipsec.db + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite sql updown } pool { diff --git a/testing/tests/ikev2/ip-split-pools-db/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/ip-split-pools-db/hosts/moon/etc/strongswan.conf index 5f66bae09..b7c598fca 100644 --- a/testing/tests/ikev2/ip-split-pools-db/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev2/ip-split-pools-db/hosts/moon/etc/strongswan.conf @@ -1,12 +1,15 @@ # /etc/strongswan.conf - strongSwan configuration file charon { + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite attr-sql updown +} + +libstrongswan { plugins { - sql { - database = sqlite:///etc/ipsec.d/ipsec.db + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite sql updown } pool { diff --git a/testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/strongswan.conf index c4c43575f..1ce52a848 100644 --- a/testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/strongswan.conf @@ -1,12 +1,15 @@ # /etc/strongswan.conf - strongSwan configuration file charon { + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite attr-sql kernel-netlink updown +} + +libstrongswan { plugins { - sql { - database = sqlite:///etc/ipsec.d/ipsec.db + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite sql kernel-netlink updown } pool { diff --git a/testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/strongswan.conf index c4c43575f..1ce52a848 100644 --- a/testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/strongswan.conf @@ -1,12 +1,15 @@ # /etc/strongswan.conf - strongSwan configuration file charon { + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite attr-sql kernel-netlink updown +} + +libstrongswan { plugins { - sql { - database = sqlite:///etc/ipsec.d/ipsec.db + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite sql kernel-netlink updown } pool { diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf index ca78d0fd0..e377047a4 100644 --- a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf +++ b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf @@ -6,7 +6,15 @@ charon { database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql +} + +libstrongswan { + plugins { + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db + } + } } pool { diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf index ca78d0fd0..e377047a4 100644 --- a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf +++ b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf @@ -6,7 +6,15 @@ charon { database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql +} + +libstrongswan { + plugins { + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db + } + } } pool { diff --git a/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf index ca78d0fd0..e377047a4 100644 --- a/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf +++ b/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf @@ -6,7 +6,15 @@ charon { database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql +} + +libstrongswan { + plugins { + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db + } + } } pool { diff --git a/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf index ca78d0fd0..e377047a4 100644 --- a/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf +++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf @@ -6,7 +6,15 @@ charon { database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql +} + +libstrongswan { + plugins { + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db + } + } } pool { diff --git a/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf index ca78d0fd0..e377047a4 100644 --- a/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf +++ b/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf @@ -6,7 +6,15 @@ charon { database = sqlite:///etc/ipsec.d/ipsec.db } } - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql +} + +libstrongswan { + plugins { + attr-sql { + database = sqlite:///etc/ipsec.d/ipsec.db + } + } } pool {