[Swan-dev] expirimental : ipsec device/interface aka XFRMi
antony at phenome.org
Thu Feb 6 12:04:32 UTC 2020
I applied this patch and enabled it for CentOS 6,7,8, travis test failed on
It seems CentOS 8 ship with a newer if_link.h inspite kernel-headers version
Looks like something got back proted? I wonder full xfrmi or just headers
CentOS 8, 4.18 kernel
Would some one test xfrmi on CentOS 8 kernel?
Travisi compile log:
/home/build/libreswan/programs/pluto/linux-extra-if-link/if_link_extra.h:7:9: error: redeclaration of enumerator 'IFLA_XFRM_UNSPEC'
In file included from /usr/include/linux/rtnetlink.h:7,
/usr/include/linux/if_link.h:467:2: note: previous definition of 'IFLA_XFRM_UNSPEC' was here
On Thu, Jan 30, 2020 at 09:06:48AM -0500, Andrew Cagney wrote:
> On Thu, 30 Jan 2020 at 06:39, Paul Wouters <paul at nohats.ca> wrote:
> > On Thu, 30 Jan 2020, Antony Antony wrote:
> > > Here is my proposed patch to compile xfrmi on CentOS8.
> > > Any adjustments?
> > Looks good. Perhaps just add a note saying "if you see IFLA_XFRM_IF_ID
> > undefined, try enabling this" just before the
> > USE_XFRM_INTERFACE_IFLA_HEADER option ?
> I assume you mean in the code and not in the .mk file. For instance,
> if the build could barf due to a missing header, add a note at the
> #include point.
> > >> 036 ipsec-interface=1 not supported. may be missing CONFIG_XFRM_INTERFACE support in kernel
> > Note this should not return a 0XX code because we fail to load the
> > connection. It is a fatal error (4xx)
> > We might not be fully consistent with these in our code though, so I'm
> > happy to look at this after merging it in.
> > Paul
> > _______________________________________________
> > Swan-dev mailing list
> > Swan-dev at lists.libreswan.org
> > https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev