Project

General

Profile

SQL configuration and credential plugin » History » Version 7

Tobias Brunner, 24.03.2010 11:30
Paths adapted to libcharon. sqlite example.

1 5 Martin Willi
h1. SQL configuration and credential plugin
2 1 Martin Willi
3 1 Martin Willi
4 5 Martin Willi
The SQL plugin for [[charon]] allows to store the complete connection configuration in a relational database. Further, the daemon reads credentials, such as certificates, private keys or passwords from the database to do all kind of authentication. Logging to the database is also possible.
5 5 Martin Willi
6 5 Martin Willi
7 5 Martin Willi
h2. Status
8 1 Martin Willi
9 7 Tobias Brunner
The SQL plugin is still experimental and in developement (source:src/libcharon/plugins/sql). It currently works on top of MySQL or SQLite.
10 5 Martin Willi
There is no frontend yet to configure the database, but we'll extend [[Manager|the manager]] to allow such tasks.
11 5 Martin Willi
12 5 Martin Willi
13 5 Martin Willi
h2. Database setup
14 1 Martin Willi
15 1 Martin Willi
There are three SQL scripts to help you in the database setup:
16 7 Tobias Brunner
* MySQL tables source:src/libcharon/plugins/sql/mysql.sql
17 7 Tobias Brunner
* SQLite tables source:src/libcharon/plugins/sql/sqlite.sql
18 7 Tobias Brunner
* Test data source:src/libcharon/plugins/sql/test.sql
19 1 Martin Willi
20 5 Martin Willi
21 5 Martin Willi
h2. Configuration
22 5 Martin Willi
23 1 Martin Willi
Make sure to build strongSwan with the appropriate modules:
24 5 Martin Willi
<pre>
25 4 Martin Willi
 ./configure --enable-sql --enable-mysql --enable-sqlite [...]
26 5 Martin Willi
</pre>
27 1 Martin Willi
28 6 Tobias Brunner
The plugin uses [[strongswanConf|strongswan.conf]] for database configuration:
29 5 Martin Willi
<pre>
30 1 Martin Willi
charon {
31 1 Martin Willi
  plugins {
32 1 Martin Willi
    sql {
33 1 Martin Willi
      database = mysql://user:pass@localhost/database
34 7 Tobias Brunner
      # or using sqlite:
35 7 Tobias Brunner
      # database = sqlite:///etc/ipsec.d/ipsec.db
36 1 Martin Willi
    }
37 1 Martin Willi
  }
38 1 Martin Willi
}
39 5 Martin Willi
</pre>