<div dir="ltr"><div><div>Hello All<br><br>Attached is a patch which adds control of the SA hardware offload to the starter configuration file. I often use the starter configuration files for static configs. I wonder if this is something that upstream would be interested in adding?<br><br></div>Regards,<br></div>David George<br><div><div><br><br>---<br><br>This patch adds support for configuring the hardware offload of SAs using the starter config file.<br><br>diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c<br>index ac01292..489f609 100644<br>--- a/src/libcharon/plugins/stroke/stroke_config.c<br>+++ b/src/libcharon/plugins/stroke/stroke_config.c<br>@@ -1090,6 +1090,7 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,<br>                    (msg->add_conn.ipcomp ? OPT_IPCOMP : 0) |<br>                    (msg->add_conn.me.hostaccess ? OPT_HOSTACCESS : 0) |<br>                    (msg->add_conn.install_policy ? 0 : OPT_NO_POLICIES) |<br>+                   (msg->add_conn.hw_offload ? OPT_HW_OFFLOAD : 0) |<br>                    (msg->add_conn.sha256_96 ? OPT_SHA256_96 : 0),<br>         .tfc = msg->add_conn.tfc,<br>         .inactivity = msg->add_conn.inactivity,<br>diff --git a/src/starter/args.c b/src/starter/args.c<br>index 477a520..c20f663 100644<br>--- a/src/starter/args.c<br>+++ b/src/starter/args.c<br>@@ -175,6 +175,7 @@ static const token_info_t token_info[] =<br>     { ARG_STR,  offsetof(starter_conn_t, me_peerid), NULL                          },<br>     { ARG_UINT, offsetof(starter_conn_t, reqid), NULL                              },<br>     { ARG_UINT, offsetof(starter_conn_t, replay_window), NULL                      },<br>+    { ARG_ENUM, offsetof(starter_conn_t, hw_offload), LST_bool                     },<br>     { ARG_MISC, 0, NULL  /* KW_MARK */                                             },<br>     { ARG_MISC, 0, NULL  /* KW_MARK_IN */                                          },<br>     { ARG_MISC, 0, NULL  /* KW_MARK_OUT */                                         },<br>diff --git a/src/starter/confread.h b/src/starter/confread.h<br>index 8ee730d..87e1e60 100644<br>--- a/src/starter/confread.h<br>+++ b/src/starter/confread.h<br>@@ -170,6 +170,8 @@ struct starter_conn {<br>         char            *me_mediated_by;<br>         char            *me_peerid;<br> <br>+        bool            hw_offload;<br>+<br>         starter_conn_t *next;<br> };<br> <br>diff --git a/src/starter/keywords.h b/src/starter/keywords.h<br>index 0cb46a7..28ee0b6 100644<br>--- a/src/starter/keywords.h<br>+++ b/src/starter/keywords.h<br>@@ -74,6 +74,7 @@ enum kw_token_t {<br>     KW_ME_PEERID,<br>     KW_REQID,<br>     KW_REPLAY_WINDOW,<br>+    KW_HW_OFFLOAD,<br>     KW_MARK,<br>     KW_MARK_IN,<br>     KW_MARK_OUT,<br>diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt<br>index 3f92dc8..2d77273 100644<br>--- a/src/starter/keywords.txt<br>+++ b/src/starter/keywords.txt<br>@@ -135,6 +135,7 @@ rightgroups,       KW_RIGHTGROUPS<br> rightgroups2,      KW_RIGHTGROUPS2<br> also,              KW_ALSO<br> auto,              KW_AUTO<br>+hw_offload,        KW_HW_OFFLOAD<br> # deprecated/removed keywords<br> interfaces,        KW_SETUP_DEPRECATED<br> dumpdir,           KW_SETUP_DEPRECATED<br>diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c<br>index 90af937..6b0bd00 100644<br>--- a/src/starter/starterstroke.c<br>+++ b/src/starter/starterstroke.c<br>@@ -227,6 +227,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)<br>     push_string(&msg, add_conn.ikeme.peerid, conn->me_peerid);<br>     msg->add_conn.reqid = conn->reqid;<br>     msg->add_conn.replay_window = conn->replay_window;<br>+    msg->add_conn.hw_offload = conn->hw_offload;<br>     msg->add_conn.mark_in.value = conn->mark_in.value;<br>     msg->add_conn.mark_in.mask = conn->mark_in.mask;<br>     msg->add_conn.mark_out.value = conn->mark_out.value;<br>diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h<br>index 60ea002..7bdf3e3 100644<br>--- a/src/stroke/stroke_msg.h<br>+++ b/src/stroke/stroke_msg.h<br>@@ -302,6 +302,7 @@ struct stroke_msg_t {<br>             } mark_in, mark_out;<br>             stroke_end_t me, other;<br>             uint32_t replay_window;<br>+            bool hw_offload;<br>             bool sha256_96;<br>         } add_conn;</div></div></div>