2 files changed, 83 insertions, 42 deletions
diff --git a/Source/charon/doc/Architecture.txt b/Source/charon/doc/Architecture.txt
index 81b3e2f97..3e8855fa9 100644
--- a/Source/charon/doc/Architecture.txt
+++ b/Source/charon/doc/Architecture.txt
@@ -9,35 +9,35 @@ Charon uses another socket interface, called stroke. Stroke uses another
 format as whack and therefore is not compatible to whack. The starter utility,
 wich does fast configuration parsing, speaks both the protocols, whack and
 stroke. It also handles daemon startup and termination. 
-Pluto uses starter for some commans, for other it uses the whack utility. To be
+Pluto uses starter for some commands, for other it uses the whack utility. To be
 as close to pluto as possible, charon has the same split up of commands to
 starter and stroke. All commands are wrapped together in the ipsec script, which
 allows transparent control of both daemons.
 
          +-----------------------------------------+
-         Ś                  ipsec                  Ś
+         |                  ipsec                  |
          +-----+--------------+---------------+----+
-               Ś              Ś               Ś
-               Ś              Ś               Ś
-               Ś        +-----+-----+         Ś
-         +-----+----+   Ś           Ś   +-----+----+
-         Ś          Ś   Ś  starter  Ś   Ś          Ś
-         Ś  stroke  Ś   Ś           Ś   Ś   whack  Ś
-         Ś          Ś   +---+--+----+   Ś          Ś
-         +------+---+       Ś  Ś        +--+-------+
-                Ś           Ś  Ś           Ś
-            +---+------+    Ś  Ś    +------+--+
-            Ś          Ś    Ś  Ś    Ś         Ś
-            Ś  charon  +----+  +----+  pluto  Ś
-            Ś          Ś            Ś         Ś
+               |              |               |
+               |              |               |
+               |        +-----+-----+         |
+         +-----+----+   |           |   +-----+----+
+         |          |   |  starter  |   |          |
+         |  stroke  |   |           |   |   whack  |
+         |          |   +---+--+----+   |          |
+         +------+---+       |  |        +--+-------+
+                |           |  |           |
+            +---+------+    |  |    +------+--+
+            |          |    |  |    |         |
+            |  charon  +----+  +----+  pluto  |
+            |          |            |         |
             +-----+----+            +----+----+
-                  Ś                      Ś
-            +-----+----+                 Ś
-            Ś    LSF   Ś                 Ś
-            +-----+----+                 Ś
-                  Ś                      Ś
+                  |                      |
+            +-----+----+                 |
+            |    LSF   |                 |
+            +-----+----+                 |
+                  |                      |
             +-----+----+            +----+----+
-            Ś RAW Sock Ś            Ś UDP/500 Ś
+            | RAW Sock |            | UDP/500 |
             +----------+            +---------+
 
 Since IKEv2 uses the same port as IKEv1, both daemons must listen to UDP port
@@ -60,28 +60,28 @@ execution SA-management. Beside the thread-pool, there are some special purpose
 threads which do their job for the common health of the daemon.
 
                        +------+
-                       Ś E  Q Ś
-                       Ś v  u Ś---+                   +------+  +------+
-                       Ś e  e Ś   Ś                   Ś      Ś  Ś IKE- Ś
-                       Ś n  u Ś  +-----------+        Ś      Ś--Ś SA   Ś
-                       Ś t  e Ś  Ś           Ś        Ś I  M Ś  +------+
-     +------------+    Ś -    Ś  Ś Scheduler Ś        Ś K  a Ś
-     Ś  receiver  Ś    +------+  Ś           Ś        Ś E  n Ś  +------+
-     +----+-------+              +-----------+        Ś -  a Ś  Ś IKE- Ś
-          Ś      Ś     +------+   Ś                   Ś S  g Ś--Ś SA   Ś
-  +-------+--+   +-----Ś J  Q Ś---+  +------------+   Ś A  e Ś  +------+
- -Ś  socket  Ś         Ś o  u Ś      Ś            Ś   Ś -  r Ś
-  +-------+--+         Ś b  e Ś      Ś   Thread-  Ś   Ś      Ś
-          Ś            Ś -  u Ś      Ś   Pool     Ś   Ś      Ś
-     +----+-------+    Ś    e Ś------Ś            Ś---Ś      Ś
-     Ś   sender   Ś    +------+      +------------+   +------+
+                       | E  Q |
+                       | v  u |---+                   +------+  +------+
+                       | e  e |   |                   |      |  | IKE- |
+                       | n  u |  +-----------+        |      |--| SA   |
+                       | t  e |  |           |        | I  M |  +------+
+     +------------+    | -    |  | Scheduler |        | K  a |
+     |  receiver  |    +------+  |           |        | E  n |  +------+
+     +----+-------+              +-----------+        | -  a |  | IKE- |
+          |      |     +------+   |                   | S  g |--| SA   |
+  +-------+--+   +-----| J  Q |---+  +------------+   | A  e |  +------+
+ -|  socket  |         | o  u |      |            |   | -  r |
+  +-------+--+         | b  e |      |   Thread-  |   |      |
+          |            | -  u |      |   Pool     |   |      |
+     +----+-------+    |    e |------|            |---|      |
+     |   sender   |    +------+      +------------+   +------+
      +----+-------+
-          Ś            +------+
-          Ś            Ś S  Q Ś
-          Ś            Ś e  u Ś
-          Ś            Ś n  e Ś
-          +------------Ś d  u Ś
-                       Ś -  e Ś
+          |            +------+
+          |            | S  Q |
+          |            | e  u |
+          |            | n  e |
+          +------------| d  u |
+                       | -  e |
                        +--+---+
 
 The thread-pool is the heart of the architecture. It processes jobs from a
diff --git a/Source/charon/doc/Todo-list.txt b/Source/charon/doc/Todo-list.txt
new file mode 100644
index 000000000..91c02e80d
--- /dev/null
+++ b/Source/charon/doc/Todo-list.txt
@@ -0,0 +1,41 @@
+ TODO-List for charon
+======================
+
++ = done, - = todo, ordered by priority
+
++ private key loading: der, without passphrase
++ load all private keys from ipsec.d/private/ in stroke.c
++ handle leftcert and rightcert in starterstroke.c/stroke.c
++ load specified certs in stroke.c
++ extract public keys from certs
++ public key authentication
++ release for Andreas
+
++ stroke loglevels
++ stroke up
++ ike_sa_manager checkout_by_hosts
++ stroke down
+- stroke output redirection
+- stroke status
+
+- libx509
+  - new charon build - libstrong?
+    - transforms
+    - utils (plus host)
+  - integrate asn1 parser/oid (asn1/oid)
+  - integrate PEM loading (pem)
+  - ... (more to come, for sure)
+
+- ipsec.secrets parsing
+
+- certificate DN parsing
+- certificate subjectAltName parsing
+- certificate lookup via ID
+- certificate validation/chaining
+- certificate exchange
+
+- trapping
+
+- delete notify, when to send?
+- notifys on connection setup failure
+- create child sa message
+\ No newline at end of file