Date: Tue, 4 Aug 2015 03:23:41 +0200 From: Sydney Meyer <meyer.sydney@googlemail.com> To: FreeBSD CURRENT <freebsd-current@freebsd.org> Subject: Re: IPSEC stop works after r285336 Message-ID: <435162D4-683C-43DA-A7E9-439713F557D4@googlemail.com> In-Reply-To: <20150804001821.GI78154@funkthat.com> References: <20150729071732.GA78154@funkthat.com> <55B8CD6C.7080804@shurik.kiev.ua> <18D9D532-15B2-4B30-B088-74E7E4566254@googlemail.com> <20150801200137.GK78154@funkthat.com> <422BE6C0-B106-44E2-927A-7AE04885251F@googlemail.com> <20150802035359.GO78154@funkthat.com> <D7F8E74C-F58E-4051-A35A-3FCC44A0007F@googlemail.com> <20150804001821.GI78154@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 04 Aug 2015, at 02:18, John-Mark Gurney <jmg@funkthat.com> wrote: >=20 > Sydney Meyer wrote this message on Mon, Aug 03, 2015 at 01:15 +0200: >> the revision i built included gnn's patches to setkey already. >>=20 >> I have tried to setup a tunnel using strongswan with gcm as esp = cipher mode, but the connection fails with "algorithm AES_GCM_16 not = supported by kernel".. >=20 > It looks like GCM isn't compiled by default by the port... Try the > attached patch to > src/libhydra/plugings/kernel_pfkey/kernel_pfkey_ipsec.c... it may > require more modifications... It works. I had/thought GCM ticked already as a option from "make = config", but these 2 lines made it work. >=20 > Someone else would be better to work on this... Off course, at last, this isn't an issue with CURRENT. I'm going to take = this to the port maintainer.. Thank you anyway, for your help and the great work. >=20 > --=20 > John-Mark Gurney Voice: +1 415 225 5579 >=20 > "All that I will do, has been done, All that I have, has not." > <strongswan.patch>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?435162D4-683C-43DA-A7E9-439713F557D4>