Hi, > Not sure what you mean by all. > --disable-aes > --disable-des > --disable-fips-prf > --disable-gmp > --disable-md5 > --disable-sha1 > --disable-sha2
Yes, these I meant by "all" :-). > --disable-hmac > --disable-x509 > --disable-xcbc The x509 plugin is required if you want to use certificates. Certificate functionality is not yet provided by openssl. The HMAC/XCBC wrappers are also required for these mode of operations, the openssl plugin currently provides raw hasher/ciphers only. > --disable-pem > --disable-pgp To load PEM encoded keys/certificates, pem is required. Same for pgp encoded keys. > --disable-pkcs1 The openssl plugin uses the OpenSSL ASN1 parser functionality, no need for pkcs1. > --disable-pubkey The pubkey plugin can be used for authentication with raw RSA keys, but is usually not needed. > I assume that by starter you mean 'ipsec start', I'm confused as to > which option(s) would disable starter. Please enlighten me. If you --disable-pluto and --disable-stroke, starter and ipsec.conf based configuration is disabled, too. Regards Martin _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
