[strongSwan] Integrity Algorithm Implementation

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Thu Apr 27 19:41:43 CEST 2017


Hello Phillip,

On 27.04.2017 19:38, Phillip Goldfarb wrote:
>
> This is the error returned by “ipsec up connName”: “received netlink error: Function not implemented (38)”
>
>  
>
> From what I can tell from Google, this means that my kernel doesn’t implement SHA256. Unfortunately, I’m stuck with the version of the kernel that I have.
>
>  
>
> Is there a configuration option to tell StrongSwan that the integrity algorithm should be used in userland? As I understand it, StrongSwan can use its own implementation or OpenSSL’s, but I’m having difficulty figuring out exactly how to do that.
>
That's not possible just like that, because the traffic does not pass through the daemon.
Maybe you just don't have the module loaded to support SHA2-256?

Kind regards,
Noel

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170427/6bc39871/attachment.sig>


More information about the Users mailing list