aboutsummaryrefslogtreecommitdiffstats
path: root/Source/doc
diff options
context:
space:
mode:
Diffstat (limited to 'Source/doc')
-rw-r--r--Source/doc/Architecture.txt56
-rw-r--r--Source/doc/Known-bugs.txt6
-rw-r--r--Source/doc/Todo-list.txt49
3 files changed, 0 insertions, 111 deletions
diff --git a/Source/doc/Architecture.txt b/Source/doc/Architecture.txt
deleted file mode 100644
index 14b99274c..000000000
--- a/Source/doc/Architecture.txt
+++ /dev/null
@@ -1,56 +0,0 @@
-/** @mainpage
-
-@section design strongSwans overall design
-
-IKEv1 and IKEv2 is handled in different keying daemons. The ole IKEv1 stuff is
-completely handled in pluto, as it was all the times. IKEv2 is handled in the
-new keying daemon, which is called #charon.
-Daemon control is done over unix sockets. Pluto uses whack, as it did for years.
-Charon uses another socket interface, called stroke. Stroke uses another
-format as whack and therefore is not compatible to whack. The starter utility,
-wich does fast configuration parsing, speaks both the protocols, whack and
-stroke. It also handles daemon startup and termination.
-Pluto uses starter for some commands, for other it uses the whack utility. To be
-as close to pluto as possible, charon has the same split up of commands to
-starter and stroke. All commands are wrapped together in the ipsec script, which
-allows transparent control of both daemons.
-@verbatim
-
- +-----------------------------------------+
- | ipsec |
- +-----+--------------+---------------+----+
- | | |
- | | |
- | +-----+-----+ |
- +-----+----+ | | +-----+----+
- | | | starter | | |
- | stroke | | | | whack |
- | | +---+--+----+ | |
- +------+---+ | | +--+-------+
- | | | |
- +---+------+ | | +------+--+
- | | | | | |
- | charon +----+ +----+ pluto |
- | | | |
- +-----+----+ +----+----+
- | |
- +-----+----+ |
- | LSF | |
- +-----+----+ |
- | |
- +-----+----+ +----+----+
- | RAW Sock | | UDP/500 |
- +----------+ +---------+
-
-@endverbatim
-Since IKEv2 uses the same port as IKEv1, both daemons must listen to UDP port
-500. Under Linux, there is no clean way to set up two sockets at the same port.
-To reslove this problem, charon uses a RAW socket, as they are used in network
-sniffers. An installed Linux Socket Filter (LSF) filters out all none-IKEv2
-traffic. Pluto receives any IKE message, independant of charons behavior.
-Therefore plutos behavior is changed to discard any IKEv2 traffic silently.
-
-To gain some reusability of the code, generic crypto and utility functions are
-separeted in a shared library, libstrongswan.
-
-*/ \ No newline at end of file
diff --git a/Source/doc/Known-bugs.txt b/Source/doc/Known-bugs.txt
deleted file mode 100644
index 3f594ad79..000000000
--- a/Source/doc/Known-bugs.txt
+++ /dev/null
@@ -1,6 +0,0 @@
- Known bugs in charon
-======================
-
-- intiating the same connection twice makes trouble
-- leak_detective gets confused from libpthread (invalid frees)
-- installing to many SAs in the kernel at the same time causes troubles. Threading issue?
diff --git a/Source/doc/Todo-list.txt b/Source/doc/Todo-list.txt
deleted file mode 100644
index 11b30fb7d..000000000
--- a/Source/doc/Todo-list.txt
+++ /dev/null
@@ -1,49 +0,0 @@
- Todo-List for charon
-======================
-
-+ = done, / = partial, - = todo, ordered by priority
-
-
-+ private key loading: der, without passphrase
-+ load all private keys from ipsec.d/private/ in stroke.c
-+ handle leftcert and rightcert in starterstroke.c/stroke.c
-+ load specified certs in stroke.c
-+ extract public keys from certs
-+ public key authentication
-+ release for Andreas
-
-+ stroke loglevels
-+ stroke up
-+ ike_sa_manager checkout_by_hosts
-+ stroke down
-+ stroke output redirection
-+ stroke status
-
-+ libx509
- + new charon build - libstrong?
- + transforms
- + utils (plus host)
- + logger_manager instance in lib
- + leak detective usable for charon and pluto and anything else
- + integrate asn1 parser/oid (asn1/oid)
- + integrate basic PEM loading
- + port x509 stuff
-
-+ doxygen cleanup (charon/lib)
-
-/ useable certificate support
- + more id types (use atodn from pluto)
- + rewrite certificate storage the clean way
- - further subjectAltName support
- - certificate validation/chaining
- - certificate exchange
-
-- implement 3DES to load encrypted pem files
-- ipsec.secrets parsing
-
-- trapping
-- delete notify, when to send?
-- notifys on connection setup failure
-- create child sa message/rekeying
-
-- new build environment (autotools?)