Project

General

Profile

SQLite HOWTO » History » Version 15

Andreas Steffen, 25.11.2010 09:46
changed right to rightid

1 9 Martin Willi
h1. SQLite HOWTO
2 9 Martin Willi
3 9 Martin Willi
4 12 Tobias Brunner
SQLite tables defined in source:testing/hosts/default/etc/ipsec.d/tables.sql
5 1 Martin Willi
6 1 Martin Willi
7 9 Martin Willi
h2. TABLE identities
8 1 Martin Willi
9 9 Martin Willi
10 12 Tobias Brunner
*type* defined in source:src/libstrongswan/utils/identification.h#L58
11 1 Martin Willi
12 15 Andreas Steffen
|  0|ID_ANY              |matches any id                       |rightid=%any                                             |
13 15 Andreas Steffen
|  1|ID_IPV4_ADDR        |IPv4 address                         |rightid=192.168.0.1                                      |
14 15 Andreas Steffen
|  2|ID_FQDN             |fully qualified domain name          |rightid=@moon.strongswan.org                             |
15 15 Andreas Steffen
|  3|ID_RFC822_ADDR      |RFC822 email address                 |rightid=carol@strongswan.org                             |
16 15 Andreas Steffen
|  5|ID_IPV6_ADDR        |IPv6 address                         |rightid=fec0::1                                          |
17 15 Andreas Steffen
|  9|ID_DER_ASN1_DN      |ASN.1 distinguished name             |rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" |
18 15 Andreas Steffen
| 11|ID_KEY_ID           |opaque octet string                  |rightid=@#e5e410876c2ac4bead854942a6de7658303a9fc1       |
19 1 Martin Willi
20 9 Martin Willi
*ID_ANY*: scripts/id2sql "%any"
21 1 Martin Willi
22 9 Martin Willi
<pre>
23 1 Martin Willi
INSERT INTO identities (
24 6 Martin Willi
  type, data
25 6 Martin Willi
) VALUES (
26 9 Martin Willi
  0, X_
27 12 Tobias Brunner
);
28 9 Martin Willi
</pre>
29 1 Martin Willi
30 9 Martin Willi
*ID_IPV4_ADDR*: scripts/id2sql "192.168.0.1"
31 6 Martin Willi
32 9 Martin Willi
<pre>
33 6 Martin Willi
INSERT INTO identities (
34 6 Martin Willi
  type, data
35 1 Martin Willi
) VALUES (
36 1 Martin Willi
  1, X'c0a80001'
37 12 Tobias Brunner
);
38 9 Martin Willi
</pre>
39 7 Martin Willi
40 9 Martin Willi
*ID_FQDN*: scripts/id2sql "@moon.strongswan.org"
41 6 Martin Willi
42 9 Martin Willi
<pre>
43 1 Martin Willi
INSERT INTO identities (
44 1 Martin Willi
  type, data
45 6 Martin Willi
) VALUES (
46 6 Martin Willi
  2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
47 12 Tobias Brunner
);
48 9 Martin Willi
</pre>
49 1 Martin Willi
50 9 Martin Willi
*ID_RFC822_ADDR*: scripts/id2sql "carol@strongswan.org"
51 1 Martin Willi
52 9 Martin Willi
<pre>
53 6 Martin Willi
INSERT INTO identities (
54 6 Martin Willi
  type, data
55 6 Martin Willi
) VALUES (
56 1 Martin Willi
  3, X'6361726f6c407374726f6e677377616e2e6f7267'
57 12 Tobias Brunner
);
58 9 Martin Willi
</pre>
59 6 Martin Willi
60 9 Martin Willi
*ID_IPV6_ADDR*: scripts/id2sql "fec0::1"
61 6 Martin Willi
62 9 Martin Willi
<pre>
63 1 Martin Willi
INSERT INTO identities (
64 1 Martin Willi
  type, data
65 1 Martin Willi
) VALUES (
66 6 Martin Willi
  5, X'fec00000000000000000000000000001'
67 12 Tobias Brunner
);
68 9 Martin Willi
</pre>
69 6 Martin Willi
70 9 Martin Willi
*ID_DER_ASN1_DN*: scripts/id2sql "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
71 1 Martin Willi
72 9 Martin Willi
<pre>
73 1 Martin Willi
INSERT INTO identities (
74 1 Martin Willi
  type, data
75 1 Martin Willi
) VALUES (
76 1 Martin Willi
  9, X'3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f7267'
77 12 Tobias Brunner
);
78 9 Martin Willi
</pre>
79 1 Martin Willi
80 9 Martin Willi
*ID_KEY_ID*: scripts/id2sql "@#e5e410876c2ac4bead854942a6de7658303a9fc1"
81 1 Martin Willi
82 9 Martin Willi
<pre>
83 7 Martin Willi
INSERT INTO identities (
84 7 Martin Willi
  type, data
85 7 Martin Willi
) VALUES (
86 7 Martin Willi
  11, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
87 12 Tobias Brunner
);
88 1 Martin Willi
</pre>
89 9 Martin Willi
90 13 Andreas Steffen
*ID_PUBKEY_INFO_SHA1*: scripts/key2keyid < moonKey.der
91 1 Martin Willi
92 9 Martin Willi
<pre>
93 1 Martin Willi
INSERT INTO identities (
94 7 Martin Willi
  type, data
95 7 Martin Willi
) VALUES (
96 13 Andreas Steffen
  11, X'd70dbd46d5133519064f12f100525ead0802ca95'
97 1 Martin Willi
);
98 9 Martin Willi
</pre>
99 1 Martin Willi
100 13 Andreas Steffen
*ID_PUBKEY_SHA1*: scripts/key2keyid < moonKey.der
101 1 Martin Willi
102 1 Martin Willi
<pre>
103 1 Martin Willi
INSERT INTO identities (
104 7 Martin Willi
  type, data
105 7 Martin Willi
) VALUES (
106 13 Andreas Steffen
  11, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
107 12 Tobias Brunner
);
108 9 Martin Willi
</pre>
109 1 Martin Willi
110 1 Martin Willi
111 9 Martin Willi
h2. TABLE private_keys
112 7 Martin Willi
113 1 Martin Willi
114 12 Tobias Brunner
*type* defined in source:src/libstrongswan/credentials/keys/public_key.h#L35
115 9 Martin Willi
116 10 Andreas Steffen
|1 |KEY_RSA   |RSA key in PKCS!#1 format      |
117 10 Andreas Steffen
|2 |KEY_ECDSA |ECDSA key in ANSI X9.62 format |
118 7 Martin Willi
119 7 Martin Willi
120 9 Martin Willi
h2. TABLE certificates
121 3 Martin Willi
122 1 Martin Willi
123 12 Tobias Brunner
*type* defined in source:src/libstrongswan/credentials/certificates/certificate.h#L35
124 9 Martin Willi
125 10 Andreas Steffen
|1 |CERT_X509           |X.509 certificate                 |
126 1 Martin Willi
|2 |CERT_X509_CRL       |X.509 certificate revocation list |
127 12 Tobias Brunner
|5 |CERT_X509_AC        |X.509 attribute certificate       |
128 3 Martin Willi
|6 |CERT_TRUSTED_PUBKEY |trusted public key                |
129 1 Martin Willi
130 9 Martin Willi
h2. TABLE shared_secrets
131 3 Martin Willi
132 9 Martin Willi
133 12 Tobias Brunner
*type* defined in source:src/libstrongswan/credentials/keys/shared_key.h#L33
134 9 Martin Willi
135 10 Andreas Steffen
|1 |SHARED_IKE              |: PSK <secret>           |
136 10 Andreas Steffen
|2 |SHARED_EAP              |: EAP <secret>           |
137 10 Andreas Steffen
|3 |SHARED_PRIVATE_KEY_PASS |: RSA <keyfile> <secret> |
138 10 Andreas Steffen
|4 |SHARED_PIN              |: PIN <secret>           |
139 4 Martin Willi
140 4 Martin Willi
141 9 Martin Willi
h2. TABLE peer_configs
142 3 Martin Willi
143 3 Martin Willi
144 14 Tobias Brunner
*auth_method* defined in source:src/libcharon/config/peer_cfg.h#L87
145 4 Martin Willi
146 11 Andreas Steffen
|1 |CONF_AUTH_PUBKEY |authentication using public key        |authby=rsasig, authby=ecdsasig |
147 11 Andreas Steffen
|2 |CONF_AUTH_PSK    |authentication using pre-shared secret |authby=psk                     |
148 11 Andreas Steffen
|3 |CONF_AUTH_EAP    |authentication using EAP               |authby=eap                     |
149 9 Martin Willi
150 14 Tobias Brunner
*eap_type* defined in source:src/libcharon/sa/authenticators/eap/eap_method.h#L48
151 9 Martin Willi
152 10 Andreas Steffen
| 4 |EAP_MD5 |
153 10 Andreas Steffen
|18 |EAP_SIM |
154 10 Andreas Steffen
|23 |EAP_AKA |
155 8 Martin Willi
156 8 Martin Willi
157 9 Martin Willi
h2. TABLE traffic_selectors
158 9 Martin Willi
159 9 Martin Willi
160 14 Tobias Brunner
*type* defined in source:src/libstrongswan/selectors/traffic_selector.h#L35
161 1 Martin Willi
162 10 Andreas Steffen
|7 |TS_IPV4_ADDR_RANGE |
163 10 Andreas Steffen
|8 |TS_IPV6_ADDR_RANGE |