[Openswan dev] [RFC 1/1] Labeled IPsec communication
paul at xelerance.com
Tue Oct 30 18:42:37 EDT 2007
On Tue, 30 Oct 2007, Venkat Yekkirala wrote:
> This patch adds the ability for pluto to negotiate labeled security
> associations (racoon already supports this) for use by SELinux and
> such LSMs.
Thanks for the patch!
> context for inter-operation with racoon, but I would appreciate your
> review and comments.
Please look at proving patches for openswan 2.5.x (git #testing), as the
2.4.x is in maintenance release, and no new features are being added.
Also, like other functionality that not everyone may want, it needs to
be a build option via Makefile.inc, so that it is easy to build with and
without selinux support.
I can pick this up in a few weeks to convert it to 2.5 and to use a
USE_SELINUX= flag, but feel free to send in a newer patch.
Also, we are not very familiar with SElinux. It would be very good to
add various testcases in testing/pluto/ so that we can keep the code
in a working shape.
More information about the Dev