svn commit: r285160 - head/sys/conf
Bruce Simpson
bms at fastmail.net
Sun Jul 5 20:04:09 UTC 2015
On 05/07/15 20:53, Oliver Pinter wrote:
>>> Log:
>>> Ensure all the required files get built when you include the IPSEC
>>> option.
+1. IETF position these days is that IPSEC should be a "standard feature".
Key management is a separate issue, and support for newer ciphers like
ChaCha20 (see NaCL by Daniel Bernstein et al) and authenticated
encryption schemes please.
>> Umm.. This looks more like that IPSEC should require that the crypto
>> device be specified instead of fixing it this way...
+1. Expressing static dependencies at the granularity of "file" rather
than "module" or "subsystem" is a PITA, and leads to having to
depth-first enumerate the deps like this, introducing clutter.
> Is there any way to specify implication rules to config?
> Ergo if I specify IPSEC without device crypto, then it's auto enable/include.
> Similar to linux's Kconfig framework..
+1. I know this can be done at "module" granularity, but I have always
found the "options" and "files" syntax somewhat arcane. I almost always
copy-paste-edit existing stanzas.
More information about the svn-src-head
mailing list