From owner-freebsd-current@freebsd.org Tue Aug 4 01:23:44 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D834A9B1ECA for ; Tue, 4 Aug 2015 01:23:44 +0000 (UTC) (envelope-from meyer.sydney@googlemail.com) Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com [IPv6:2a00:1450:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7F78DBC6 for ; Tue, 4 Aug 2015 01:23:44 +0000 (UTC) (envelope-from meyer.sydney@googlemail.com) Received: by wibxm9 with SMTP id xm9so144513686wib.0 for ; Mon, 03 Aug 2015 18:23:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=tEnKxVUsCW8/e5eJuwJPvyy99+YPDtH8ZSB+SwuUYDU=; b=pAHC7FcD0JvHsrfpU+OOEeshS/WMzpFqDexfVaaDu4bDFF1eV4vaL2F0UnHhvbcQBT VwbrIcHjpIW7v99PYj9D42AcfktCI1JCaxJZaHyRYPv1uLRF5qvGIg6aWnPyyRt8tBDv re0j4yNKh9Lt0E1icHVFQYvYtdknnT/l4rVjGrlR4EZbw5US4F5glsRK8fbwDRAq1KNl 23/+glCKKlFYUWBR4n/u8QPsN0qJ8mCqF41wQPjOl5SvhGLUpi2+vOSeFxB9jBWbQaqy Fz76bAuRUPxV3y0Ywng8S1XaT6nqumVpKZuZlJ7HgREiAqp7n4IdsS/kk6L17CfChgzX Y7KA== X-Received: by 10.180.211.49 with SMTP id mz17mr2237287wic.69.1438651423010; Mon, 03 Aug 2015 18:23:43 -0700 (PDT) Received: from ?IPv6:2a02:a03f:aff:5c00:c978:48cd:be5:82e7? ([2a02:a03f:aff:5c00:c978:48cd:be5:82e7]) by smtp.googlemail.com with ESMTPSA id b13sm431103wic.15.2015.08.03.18.23.42 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 03 Aug 2015 18:23:42 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 9.0 \(3073\)) Subject: Re: IPSEC stop works after r285336 From: Sydney Meyer In-Reply-To: <20150804001821.GI78154@funkthat.com> Date: Tue, 4 Aug 2015 03:23:41 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <435162D4-683C-43DA-A7E9-439713F557D4@googlemail.com> References: <20150729071732.GA78154@funkthat.com> <55B8CD6C.7080804@shurik.kiev.ua> <18D9D532-15B2-4B30-B088-74E7E4566254@googlemail.com> <20150801200137.GK78154@funkthat.com> <422BE6C0-B106-44E2-927A-7AE04885251F@googlemail.com> <20150802035359.GO78154@funkthat.com> <20150804001821.GI78154@funkthat.com> To: FreeBSD CURRENT X-Mailer: Apple Mail (2.3073) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Aug 2015 01:23:44 -0000 > On 04 Aug 2015, at 02:18, John-Mark Gurney wrote: >=20 > Sydney Meyer wrote this message on Mon, Aug 03, 2015 at 01:15 +0200: >> the revision i built included gnn's patches to setkey already. >>=20 >> I have tried to setup a tunnel using strongswan with gcm as esp = cipher mode, but the connection fails with "algorithm AES_GCM_16 not = supported by kernel".. >=20 > It looks like GCM isn't compiled by default by the port... Try the > attached patch to > src/libhydra/plugings/kernel_pfkey/kernel_pfkey_ipsec.c... it may > require more modifications... It works. I had/thought GCM ticked already as a option from "make = config", but these 2 lines made it work. >=20 > Someone else would be better to work on this... Off course, at last, this isn't an issue with CURRENT. I'm going to take = this to the port maintainer.. Thank you anyway, for your help and the great work. >=20 > --=20 > John-Mark Gurney Voice: +1 415 225 5579 >=20 > "All that I will do, has been done, All that I have, has not." >