[strongSwan-dev] strongswan dependencies
martin at strongswan.org
Tue Mar 9 14:05:23 CET 2010
> Not sure what you mean by all.
Yes, these I meant by "all" :-).
The x509 plugin is required if you want to use certificates. Certificate
functionality is not yet provided by openssl.
The HMAC/XCBC wrappers are also required for these mode of operations,
the openssl plugin currently provides raw hasher/ciphers only.
To load PEM encoded keys/certificates, pem is required. Same for pgp
The openssl plugin uses the OpenSSL ASN1 parser functionality, no need
The pubkey plugin can be used for authentication with raw RSA keys, but
is usually not needed.
> I assume that by starter you mean 'ipsec start', I'm confused as to
> which option(s) would disable starter. Please enlighten me.
If you --disable-pluto and --disable-stroke, starter and ipsec.conf
based configuration is disabled, too.
More information about the Dev