Hi,
I seek a bit of clarity while understanding the libhydra code and
strongswan modularity. From reading the code, the kernel_interface_t in
libhydra is somewhat generic. It cannot really do anything, that is, it
cannot really talk to the kernel without a kernel_ipsec_t being defined,
implemented
Hi Joy,
> Any new plugin for talking
> to the kernel would require a kernel_ipsec_t as well. Is this correct?
Yes.
Regards,
Tobias
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Hi Tobias,
Thank you!
So is it safe to conclude that without a plugin, libhydra does nothing?
(I think you get return of "NOT_SUPPORTED".)
And libhydra is required in order for charon/ike to manage SAs and SPs
with kernel.
Again, thanks!
regards,
Joy
On 11/15/2016 01:53 AM, Tobias Brunner wrote
Hi Joy,
kernel_ipsec_t just defines a standardized strongSwan interface, but
the actual interface code is in the plugins. So if you have an IPsec
ESP implementation of your own, e.g. a HW accelerator then you have
to write a plugin of your own.
Best regards
Andreas
BTW - In the latest strongSwa
