[strongSwan] Strongswan on android gingerbread
Tobias Brunner
tobias at strongswan.org
Fri Oct 21 10:22:21 CEST 2011
Hi Federico,
> I still get some .orig files after patching although no .rej file is
> produced and no error messages are given when I patch.
Perhaps patch is aliased to 'patch -b' on your system (check with
'alias' in a console window).
> Problem is that it looks like when I try to use the VPN, charon
> doesn't start.
Did you apply all the patches? Please have a look the the init.rc file
in system/core/rootdir in the Android sources. There you should have a
service entry for charon. Also make sure charon does actually run.
Just connect to the emulator via 'adb shell' and execute charon.
>> We are planning to use IPsec on a IPv6 network. Does the StrongSwan
>> IKEv2 port for android fully support IPv6, or only IPv4?
>
> It should (although I did not test it) if the corresponding modules are
> activated in the kernel (see [1]).
Unfortunately, I have to amend this statement. It looks like strongSwan
currently does not support IPv6 on Android because there seems to be no
way to get and set the local IP address when sending/receiving packets
over an IPv6 UDP socket. At least struct in6_pktinfo is not defined in
Android's header files, not sure if that's intentional or not (strangely
IPV6_PKTINFO and IPV6_RECVPKTINFO are defined). It might work if we
define that struct ourselves, as the kernel is supposed to understand it
anyway...
Regards,
Tobias
More information about the Users
mailing list