[Openswan Users] AUTH_ALGORITHM_HMAC_SHA1 not implemented yet

Paul Wouters paul at nohats.ca
Wed Dec 4 19:54:29 UTC 2013

On Wed, 4 Dec 2013, 葉立誠 wrote:

> I am using openswan-2.6.18 in embedded linux with kernel 2.6.35.
> In kernel config,I compile all crypto API in the kernel.
> When I set phase2alg=aes-sha1;modp1024 and start openswan,I got the message auth AUTH_ALGORITHM_HMAC_SHA1 not
> implemented yet.
> But I set phase2alg=aes-md5;modp1024 openswan can create connection success.

That is strange, because all versions of freeswan/openswan/libreswan
have supported SHA1 for both IKE and ESP (netkey and klips)

However, 2.6.18 is _very_ old (rhel5 based system?) and you should
really upgrade. Also possibly the embedded people changed the source
code for some reason?

Libreswan Developer - https://libreswan.org/
Red Hat Security - http://people.redhat.com/pwouters/
Personal Blog - https://nohats.ca/

More information about the Users mailing list