From: Stefan B. <ste...@cu...> - 2010-03-23 09:40:13
Attachments:
setkey.8.patch
|
Hi ipsec-tools team! please see attached a patch to document the esp-udp feature for setkey as well as a note about the lack of tcp-md5 algo on linux systems. stefan -- Stefan Bauer ----------------------------------------- PGP: E80A 50D5 2D46 341C A887 F05D 5C81 5858 DCEF 8C34 -------- plzk.de - Linux - because it works ---------- |
From: VANHULLEBUS Y. <va...@fr...> - 2010-04-07 14:46:29
|
On Tue, Mar 23, 2010 at 10:39:31AM +0100, Stefan Bauer wrote: > Hi ipsec-tools team! Hi, and sorry for the late reply. > please see attached a patch to document the esp-udp feature for > setkey as well as a note about the lack of tcp-md5 algo on linux > systems. tcp-md5 is (should be ?) supported on any kernel which provides such support. So, if a linux kernel tomorrow adds such support, it will be available for setkey, so I don't like so much the idea of telling "algo XXX is not supported on OS YYY"..... Yvan. |
From: Stefan B. <ste...@cu...> - 2010-04-07 15:04:18
|
Am 07.04.2010 16:46, VANHULLEBUS Yvan schrieb: > tcp-md5 is (should be ?) supported on any kernel which provides such > support. > So, if a linux kernel tomorrow adds such support, it will be available > for setkey, so I don't like so much the idea of telling "algo XXX is > not supported on OS YYY"..... As there is right now no support on linux i see this as mandatory to point users to the lack of support on this operation system. This information is already part of the debian package and will get removed as soon as there is support. stefan -- Stefan Bauer ----------------------------------------- PGP: E80A 50D5 2D46 341C A887 F05D 5C81 5858 DCEF 8C34 -------- plzk.de - Linux - because it works ---------- |
From: Milan P. S. <mp...@ar...> - 2010-04-07 17:29:22
|
On Wed, 2010-04-07 at 17:03, Stefan Bauer wrote: > Am 07.04.2010 16:46, VANHULLEBUS Yvan schrieb: > > tcp-md5 is (should be ?) supported on any kernel which provides such > > support. > > So, if a linux kernel tomorrow adds such support, it will be available > > for setkey, so I don't like so much the idea of telling "algo XXX is > > not supported on OS YYY"..... > > As there is right now no support on linux i see this as mandatory to > point users to the lack of support on this operation system. > > This information is already part of the debian package and will get > removed as soon as there is support. What about to add note that the tcp-md5 _is not yet_ in Linux? Or something similar. -- Kind regards, Milan |