[strongSwan] How IPSec is implemented in userland

Lê Hoàng Quyền lehoangq at gmail.com
Sat Nov 26 08:24:31 CET 2016


Hi,
I'm trying to understand what IPSec is and how it is implemented in Android
userland by looking at Strongswan's source code. AFIK, RFC 4303 states that
we have to construct the IP header for the ESP packet manually. But in
userland, we can only use BSD socket (no raw socket allowed), which will
construct the IP header & TCP/UDP header automatically for us, we have
little control over these headers. So how do you achieve that in StrongSwan?
Sorry, this is for academic purposes, so there may be some areas i don't
fully understand. So i would be very appreciated if you could help me
understand this topic.

Thanks,

-- 
LHQ
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161126/ae2d1fde/attachment.html>


More information about the Users mailing list