From e2b8c7e6ed6ced931c8593cccdde4e5f276018ea Mon Sep 17 00:00:00 2001
From: Ruben Tytgat <ruben_tytgat@hotmail.com>
Date: Thu, 5 Jul 2018 17:54:42 +0200
Subject: [PATCH] kernel-pfkey: Enable macOS native AES_GCM_ICV16 support

macOS supports AES_GCM_ICV16 natively using PF_KEYv2.

This change enables AES_GCM if the corresponding definition is detected
in the headers.

With this change it is no longer necessary to use the libipsec module to
use AES_GCM on macOS.

Closes strongswan/strongswan#107.
---
 src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
index b937a769ec..34089f9127 100644
--- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -890,6 +890,8 @@ static kernel_algorithm_t encryption_algs[] = {
 	{ENCR_AES_GCM_ICV8,			SADB_X_EALG_AES_GCM_ICV8	},
 	{ENCR_AES_GCM_ICV12,		SADB_X_EALG_AES_GCM_ICV12	},
 	{ENCR_AES_GCM_ICV16,		SADB_X_EALG_AES_GCM_ICV16	},
+#elif defined(SADB_X_EALG_AES_GCM) /* macOS */
+	{ENCR_AES_GCM_ICV16,		SADB_X_EALG_AES_GCM			},
 #endif
 #ifdef SADB_X_EALG_CAMELLIACBC
 	{ENCR_CAMELLIA_CBC,			SADB_X_EALG_CAMELLIACBC		},
-- 
2.47.3