[strongSwan-dev] strongswan dependencies
Martin Willi
martin at strongswan.org
Tue Mar 9 14:05:23 CET 2010
Hi,
> Not sure what you mean by all.
> --disable-aes
> --disable-des
> --disable-fips-prf
> --disable-gmp
> --disable-md5
> --disable-sha1
> --disable-sha2
Yes, these I meant by "all" :-).
> --disable-hmac
> --disable-x509
> --disable-xcbc
The x509 plugin is required if you want to use certificates. Certificate
functionality is not yet provided by openssl.
The HMAC/XCBC wrappers are also required for these mode of operations,
the openssl plugin currently provides raw hasher/ciphers only.
> --disable-pem
> --disable-pgp
To load PEM encoded keys/certificates, pem is required. Same for pgp
encoded keys.
> --disable-pkcs1
The openssl plugin uses the OpenSSL ASN1 parser functionality, no need
for pkcs1.
> --disable-pubkey
The pubkey plugin can be used for authentication with raw RSA keys, but
is usually not needed.
> I assume that by starter you mean 'ipsec start', I'm confused as to
> which option(s) would disable starter. Please enlighten me.
If you --disable-pluto and --disable-stroke, starter and ipsec.conf
based configuration is disabled, too.
Regards
Martin
More information about the Dev
mailing list