Project

General

Profile

SQL configuration and credential plugin » History » Version 3

« Previous - Version 3/10 (diff) - Next » - Current version
Martin Willi, 03.04.2008 08:58


= SQL configuration and credential plugin =

The SQL plugin for [wiki:charon] allows to store the complete connection configuration in a relational database. Further, the daemon reads credentials, such as certificates, private keys or passwords from the database to do all kind of authentication. Logging to the database is also possible.

Status
The SQL plugin is still experimental and in [browser:trunk/src/charon/plugins/sql developement]. It currently works on top of MySQL or SQLite.
There is no frontend yet to configure the database, but we'll extend [wiki:Manager the manager] to allow such tasks. Database setup
There are three SQL scripts to help you in the database setup: * [browser:trunk/src/charon/plugins/sql/mysql.sql MySQL tables] * [browser:trunk/src/charon/plugins/sql/sqlite.sql SQLite tables] * [browser:trunk/src/charon/plugins/sql/test.sql Test data] Configuration
Make sure to build strongSwan with the appropriate modules: {{{
./configure --enable-sql --enable-mysql --enable-sqlite [...]
}}}

The plugin uses ''strongswan.conf'' from ''/usr/local/libexec/ipsec'' for database configuration: {{{
charon {
plugins {
sql {
database = mysql://user:pass@localhost/database
}
}
}
}}}