![]() ![]() Other IPsec management interfaces provide detailed errors, but when PF_KEYv2 encounters a problem it reports only a single, generic errno value, like EINVAL (“invalid argument”). It’s a socket-based protocol between the application and the kernel (like the BSD routing interface), so the application developer is responsible for details like socket management, serialization, and padding. Unfortunately, PF_KEYv2 is difficult to use. I want my application to work on OS X and Linux, so I’m targeting PF_KEYv2 instead of OS-specific APIs. PF_KEYv2 is widely-available even systems with more advanced IPsec stacks (like XFRM on Linux) provide a PF_KEYv2-compatible wrapper. PF_KEYv2 is the standard interface for configuring IPsec. ![]() This week, I’ve been working on an application that sets up IPsec connections. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |