[Openswan Users] KLIPS + kernel 2.4.31 + CriptoAPI
GuillermoOntañón
gontanon at pandasoftware.es
Fri Dec 2 11:49:15 CET 2005
On Fri, 2005-12-02 at 08:59 +0100, Guillermo Ontañón wrote:
> On Thu, 2005-12-01 at 18:43 +0100, Paul Wouters wrote:
> > I've created a bug report on this.
> >
> > What version are you using. I believe HEAD now has the extra variable
> > USE_EXTRACRYPTO in Makefile.inc that needs to be enabled.
>
> I'm using 2.4.4, I compiled pluto with USE_EXTRACRYPTO=true and I still
> have the same problem for esp, ike algorithms do get loaded though:
I think the problem is that ipsec_cryptoapi_init() is not being invoked
when ipsec_alg_cryptoapi is compiled as a module. I just tried compiling
it directly inside ipsec.o and the encryption algorithms got loaded:
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=64, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=64, keysizemin=96, keysizemax=448
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=128, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=128, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=128, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=9, name=AUTH_ALGORITHM_AES_CBC, keysizemin=128, keysizemax=128
As for the hash algorithms, I guess this line:
#ifdef NOT_YET
explains why they are still not loaded :). Do you know how far away is
ipsec_alg_cryptoapi from supporting the hash algs?
thanks,
--
Guillermo Ontañón <gontanon at pandasoftware.es>
More information about the Users
mailing list