On Mon, 13 Mar 2017, Tuomo Soini wrote:
On Sun, 12 Mar 2017, Viktor Keremedchiev wrote:
Subject: Re: [Swan] Android VPN not passing any traffic, OSX does
work
Android will only do sha2_256 with broken hash truncation for esp. They
dropped sha1 support from android and don't support sha2_512, aes_gcm
or any other working hashing solution for esp.
AES_GCM is not defined for IKEv1, so that they don't support that makes
sense. But if they are not supporting SHA1 or SHA2_512, then this is a
huge problem. Which android version dropped SHA1 ?
https://libreswan.org/wiki/FAQ#Using_SHA2_256_for_ESP_connection_establishes_but_no_traffic_passes_.28especially_Android_6.0.29
Our FAQ is not aware that the problem has gotten worse ? It would be
good to get the information to update the entry.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
