diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2014-06-24 18:28:26 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2014-06-30 13:16:17 +0200 |
| commit | 01e48ddd59c8ace76ddf488a105128cea8db49a4 (patch) | |
| tree | 0a4be181cf04c1490881a8092beb8aca6a1f6f3a /doc | |
| parent | 0909bf6c0ab9b7fb2ff91a5a4e0af4142a7e125c (diff) | |
| download | strongswan-01e48ddd59c8ace76ddf488a105128cea8db49a4.tar.bz2 strongswan-01e48ddd59c8ace76ddf488a105128cea8db49a4.tar.xz | |
doc: Remove obsolete architecture description and empty known bugs list
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/Known-bugs.txt | 5 | ||||
| -rw-r--r-- | doc/architecture.h | 56 |
2 files changed, 0 insertions, 61 deletions
diff --git a/doc/Known-bugs.txt b/doc/Known-bugs.txt deleted file mode 100644 index d32a5b2f0..000000000 --- a/doc/Known-bugs.txt +++ /dev/null @@ -1,5 +0,0 @@ - Known bugs in charon -====================== - - - diff --git a/doc/architecture.h b/doc/architecture.h deleted file mode 100644 index a95bffae9..000000000 --- a/doc/architecture.h +++ /dev/null @@ -1,56 +0,0 @@ -/** @mainpage - -@section design strongSwans overall design - -IKEv1 and IKEv2 is handled in different keying daemons. The ole IKEv1 stuff is -completely handled in pluto, as it was all the times. IKEv2 is handled in the -new keying daemon, which is called #charon. -Daemon control is done over unix sockets. Pluto uses whack, as it did for years. -Charon uses another socket interface, called stroke. Stroke uses another -format as whack and therefore is not compatible to whack. The starter utility, -which does fast configuration parsing, speaks both the protocols, whack and -stroke. It also handles daemon startup and termination. -Pluto uses starter for some commands, for other it uses the whack utility. To be -as close to pluto as possible, charon has the same split up of commands to -starter and stroke. All commands are wrapped together in the ipsec script, which -allows transparent control of both daemons. -@verbatim - - +-----------------------------------------+ - | ipsec | - +-----+--------------+---------------+----+ - | | | - | | | - | +-----+-----+ | - +-----+----+ | | +-----+----+ - | | | starter | | | - | stroke | | | | whack | - | | +---+--+----+ | | - +------+---+ | | +--+-------+ - | | | | - +---+------+ | | +------+--+ - | | | | | | - | charon +----+ +----+ pluto | - | | | | - +-----+----+ +----+----+ - | | - +-----+----+ | - | LSF | | - +-----+----+ | - | | - +-----+----+ +----+----+ - | RAW Sock | | UDP/500 | - +----------+ +---------+ - -@endverbatim -Since IKEv2 uses the same port as IKEv1, both daemons must listen to UDP port -500. Under Linux, there is no clean way to set up two sockets at the same port. -To reslove this problem, charon uses a RAW socket, as they are used in network -sniffers. An installed Linux Socket Filter (LSF) filters out all none-IKEv2 -traffic. Pluto receives any IKE message, independent of charon's behavior. -Therefore plutos behavior is changed to discard any IKEv2 traffic silently. - -To gain some reusability of the code, generic crypto and utility functions are -separeted in a shared library, libstrongswan. - -*/ |