18 files changed, 0 insertions, 1373 deletions
diff --git a/src/charon/doc/Architecture.txt b/src/charon/charon/Architecture.txt
index 14b99274c..14b99274c 100644
--- a/src/charon/doc/Architecture.txt
+++ b/src/charon/charon/Architecture.txt
diff --git a/src/charon/doc/Known-bugs.txt b/src/charon/charon/Known-bugs.txt
index 7fdf258e3..7fdf258e3 100644
--- a/src/charon/doc/Known-bugs.txt
+++ b/src/charon/charon/Known-bugs.txt
diff --git a/src/charon/doc/Todo-list.txt b/src/charon/charon/Todo-list.txt
index 7bff26d84..7bff26d84 100644
--- a/src/charon/doc/Todo-list.txt
+++ b/src/charon/charon/Todo-list.txt
diff --git a/src/charon/patches/strongswan-2.7.0.patch b/src/charon/patches/strongswan-2.7.0.patch
deleted file mode 100644
index b21e1013b..000000000
--- a/src/charon/patches/strongswan-2.7.0.patch
+++ /dev/null
@@ -1,874 +0,0 @@
-diff -Naur strongswan-2.7.0/Makefile.inc strongswan-2.7.0-patched/Makefile.inc
---- strongswan-2.7.0/Makefile.inc	2006-01-25 18:23:15.000000000 +0100
-+++ strongswan-2.7.0-patched/Makefile.inc	2006-04-28 08:56:38.000000000 +0200
-@@ -84,6 +84,8 @@
- FINALLIBDIR=$(INC_USRLOCAL)/lib/ipsec
- LIBDIR=$(DESTDIR)$(FINALLIBDIR)
- 
-+# sharedlibdir is where shared libraries go
-+SHAREDLIBDIR=$(DESTDIR)$(INC_USRLOCAL)/lib
- 
- # where the appropriate manpage tree is located
- # location within INC_USRLOCAL
-@@ -284,6 +286,9 @@
- # include PKCS11-based smartcard support
- USE_SMARTCARD?=false
- 
-+# support IKEv2 via charon
-+USE_IKEV2?=true
-+
- # Default PKCS11 library
- # Uncomment this line if using OpenSC <= 0.9.6
- PKCS11_DEFAULT_LIB=\"/usr/lib/pkcs11/opensc-pkcs11.so\"
-diff -Naur strongswan-2.7.0/programs/Makefile strongswan-2.7.0-patched/programs/Makefile
---- strongswan-2.7.0/programs/Makefile	2006-04-17 13:04:45.000000000 +0200
-+++ strongswan-2.7.0-patched/programs/Makefile	2006-04-28 08:56:38.000000000 +0200
-@@ -32,6 +32,10 @@
- SUBDIRS+=showpolicy
- endif
- 
-+ifeq ($(USE_IKEV2),true)
-+SUBDIRS+=charon
-+endif
-+
- def:
- 	@echo "Please read doc/intro.html or INSTALL before running make"
- 	@false
-diff -Naur strongswan-2.7.0/programs/ipsec/ipsec.in strongswan-2.7.0-patched/programs/ipsec/ipsec.in
---- strongswan-2.7.0/programs/ipsec/ipsec.in	2006-03-09 21:09:33.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/ipsec/ipsec.in	2006-04-28 08:56:38.000000000 +0200
-@@ -26,6 +26,7 @@
- export IPSEC_DIR IPSEC_CONFS IPSEC_LIBDIR IPSEC_EXECDIR
- 
- IPSEC_STARTER_PID="/var/run/starter.pid"
-+IPSEC_CHARON_PID="/var/run/charon.pid"
- 
- # standardize PATH, and export it for everything else's benefit
- PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin
-@@ -123,6 +124,10 @@
- down)
- 	shift
- 	$IPSEC_EXECDIR/whack --name "$1" --terminate
-+	if test -e $IPSEC_CHARON_PID
-+	then
-+	    $IPSEC_EXECDIR/stroke down "$1"
-+	fi
- 	exit 0
- 	;;
- listalgs|listpubkeys|listcerts|listcacerts|\
-@@ -134,6 +139,10 @@
- 	op="$1"
- 	shift
-         $IPSEC_EXECDIR/whack "$@" "--$op"
-+	if test -e $IPSEC_CHARON_PID
-+	then
-+            $IPSEC_EXECDIR/stroke "$op"
-+        fi
- 	exit 0
- 	;;
- ready)
-@@ -180,8 +189,16 @@
- 	if test $# -eq 0
- 	then
- 	    $IPSEC_EXECDIR/whack "--$op"
-+	    if test -e $IPSEC_CHARON_PID
-+	    then
-+	    	$IPSEC_EXECDIR/stroke "$op"
-+	    fi
- 	else
- 	    $IPSEC_EXECDIR/whack --name "$1" "--$op"
-+	    if test -e $IPSEC_CHARON_PID
-+	    then
-+	    	$IPSEC_EXECDIR/stroke "$op" "$1"
-+	    fi
- 	fi
- 	exit 0
- 	;;
-@@ -198,6 +215,10 @@
- up)
- 	shift
- 	$IPSEC_EXECDIR/whack --name "$1" --initiate
-+	if test -e $IPSEC_CHARON_PID
-+	then
-+	    $IPSEC_EXECDIR/stroke up "$1"
-+	fi
- 	exit 0
- 	;;
- update)
-diff -Naur strongswan-2.7.0/programs/pluto/Makefile strongswan-2.7.0-patched/programs/pluto/Makefile
---- strongswan-2.7.0/programs/pluto/Makefile	2006-01-25 18:22:19.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/pluto/Makefile	2006-04-28 08:56:38.000000000 +0200
-@@ -170,6 +170,11 @@
-   LIBSPLUTO+= -ldl
- endif
- 
-+# enable IKEv2 support
-+ifeq ($(USE_IKEV2),true)
-+  DEFINES+= -DIKEV2
-+endif
-+
- # This compile option activates the leak detective
- ifeq ($(USE_LEAK_DETECTIVE),true)
-   DEFINES+= -DLEAK_DETECTIVE
-diff -Naur strongswan-2.7.0/programs/pluto/demux.c strongswan-2.7.0-patched/programs/pluto/demux.c
---- strongswan-2.7.0/programs/pluto/demux.c	2005-02-18 22:08:59.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/pluto/demux.c	2006-04-28 08:56:13.000000000 +0200
-@@ -1196,6 +1196,21 @@
- 	}
- #endif
- 
-+#ifdef IKEV2
-+#define IKEV2_VERSION_OFFSET	17
-+#define IKEV2_VERSION		0x20
-+
-+    /* ignore IKEv2 packets - they will be handled by charon */
-+    if (pbs_room(&md->packet_pbs) > IKEV2_VERSION_OFFSET
-+    &&  md->packet_pbs.start[IKEV2_VERSION_OFFSET] == IKEV2_VERSION)
-+    {
-+	DBG(DBG_CONTROLMORE,
-+	    DBG_log("  ignoring IKEv2 packet")
-+	)
-+	return FALSE;
-+    }
-+#endif /* IKEV2 */
-+
-     return TRUE;
- }
- 
-@@ -1229,6 +1244,7 @@
- 	if (md->packet_pbs.roof - md->packet_pbs.cur >= (ptrdiff_t)isakmp_hdr_desc.size)
- 	{
- 	    struct isakmp_hdr *hdr = (struct isakmp_hdr *)md->packet_pbs.cur;
-+
- 	    if ((hdr->isa_version >> ISA_MAJ_SHIFT) != ISAKMP_MAJOR_VERSION)
- 	    {
- 		SEND_NOTIFICATION(INVALID_MAJOR_VERSION);
-diff -Naur strongswan-2.7.0/programs/starter/Makefile strongswan-2.7.0-patched/programs/starter/Makefile
---- strongswan-2.7.0/programs/starter/Makefile	2006-02-17 20:34:02.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/Makefile	2006-04-28 08:56:38.000000000 +0200
-@@ -34,6 +34,11 @@
-   DEFINES+= -DLEAK_DETECTIVE
- endif
- 
-+# Enable charon support
-+ifeq ($(USE_IKEV2),true)
-+  DEFINES+= -DIKEV2
-+endif
-+
- INCLUDES=-I${FREESWANDIR}/linux/include
- CFLAGS=$(DEFINES) $(INCLUDES) -Wall
- CFLAGS+=-DIPSEC_EXECDIR=\"${FINALLIBEXECDIR}\" -DIPSEC_CONFDDIR=\"${FINALCONFDDIR}\"
-@@ -46,6 +51,11 @@
-      starterwhack.o klips.o netkey.o interfaces.o exec.o cmp.o confread.o \
-      loglite.o ${PLUTO_OBJS}
- 
-+# Build charon-only objs
-+ifeq ($(USE_IKEV2),true)
-+  OBJS+= invokecharon.o starterstroke.o
-+endif
-+
- DISTSRC=$(OBJS:.o=.c)
- DISTSRC+=cmp.h confread.h confwrite.h exec.h files.h interfaces.h klips.h netkey.h
- DISTSRC+=parser.h args.h invokepluto.h starterwhack.h keywords.h keywords.txt
-diff -Naur strongswan-2.7.0/programs/starter/args.c strongswan-2.7.0-patched/programs/starter/args.c
---- strongswan-2.7.0/programs/starter/args.c	2006-04-17 12:32:36.000000000 +0200
-+++ strongswan-2.7.0-patched/programs/starter/args.c	2006-04-28 08:56:38.000000000 +0200
-@@ -86,6 +86,10 @@
- 
- static const char *LST_keyexchange[] = {
-     "ike",
-+#ifdef IKEV2
-+    "ikev1",
-+    "ikev2",
-+#endif /* IKEV2 */
-      NULL
- };
- 
-diff -Naur strongswan-2.7.0/programs/starter/files.h strongswan-2.7.0-patched/programs/starter/files.h
---- strongswan-2.7.0/programs/starter/files.h	2006-02-04 19:52:58.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/files.h	2006-04-28 08:56:38.000000000 +0200
-@@ -37,8 +37,15 @@
- #define SECRETS_FILE	IPSEC_CONFDIR"/ipsec.secrets"
- 
- #define PLUTO_CMD       IPSEC_EXECDIR"/pluto"
--#define CTL_FILE        DEFAULT_CTLBASE CTL_SUFFIX
--#define PID_FILE        DEFAULT_CTLBASE PID_SUFFIX
-+#define PLUTO_CTL_FILE  DEFAULT_CTLBASE CTL_SUFFIX
-+#define PLUTO_PID_FILE  DEFAULT_CTLBASE PID_SUFFIX
-+
-+#ifdef IKEV2
-+#define CHARON_CMD		IPSEC_EXECDIR"/charon"
-+#define CHARON_BASE		"/var/run/charon"
-+#define CHARON_CTL_FILE CHARON_BASE CTL_SUFFIX
-+#define CHARON_PID_FILE CHARON_BASE PID_SUFFIX
-+#endif /* IKEV2 */
- 
- #define DYNIP_DIR       "/var/run/dynip"
- #define INFO_FILE       "/var/run/ipsec.info"
-diff -Naur strongswan-2.7.0/programs/starter/invokecharon.c strongswan-2.7.0-patched/programs/starter/invokecharon.c
---- strongswan-2.7.0/programs/starter/invokecharon.c	1970-01-01 01:00:00.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/invokecharon.c	2006-04-28 08:56:38.000000000 +0200
-@@ -0,0 +1,174 @@
-+/* strongSwan charon launcher
-+ * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security
-+ * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil
-+ *
-+ * Ported from invokepluto.c to fit charons needs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: invokecharon.c $
-+ */
-+
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <unistd.h>
-+#include <signal.h>
-+#include <string.h>
-+#include <stdlib.h>
-+#include <errno.h>
-+
-+#include <freeswan.h>
-+
-+#include "../pluto/constants.h"
-+#include "../pluto/defs.h"
-+#include "../pluto/log.h"
-+
-+#include "confread.h"
-+#include "invokecharon.h"
-+#include "files.h"
-+
-+static int _charon_pid = 0;
-+static int _stop_requested;
-+
-+pid_t
-+starter_charon_pid(void)
-+{
-+    return _charon_pid;
-+}
-+
-+void
-+starter_charon_sigchild(pid_t pid)
-+{
-+	if (pid == _charon_pid)
-+    {
-+		_charon_pid = 0;
-+	if (!_stop_requested)
-+	{
-+	    plog("charon has died -- restart scheduled (%dsec)"
-+		, CHARON_RESTART_DELAY);
-+	    alarm(CHARON_RESTART_DELAY);   // restart in 5 sec
-+	}
-+	unlink(CHARON_PID_FILE);
-+    }
-+}
-+
-+int
-+starter_stop_charon (void)
-+{
-+    pid_t pid;
-+    int i;
-+
-+    pid = _charon_pid;
-+    if (pid)
-+    {
-+	_stop_requested = 1;
-+
-+	/* be more and more aggressive */
-+	for (i = 0; i < 20 && (pid = _charon_pid) != 0; i++)
-+	{
-+		if (i == 0)
-+			kill(pid, SIGINT);
-+	    else if (i < 10)
-+			kill(pid, SIGTERM);
-+	    else
-+			kill(pid, SIGKILL);
-+	    usleep(20000);
-+	}
-+	if (_charon_pid == 0)
-+	    return 0;
-+	plog("starter_stop_charon(): can't stop charon !!!");
-+	return -1;
-+    }
-+    else
-+    {
-+	plog("stater_stop_charon(): charon is not started...");
-+    }
-+    return -1;
-+}
-+
-+
-+int
-+starter_start_charon (starter_config_t *cfg, bool debug)
-+{
-+    int pid, i;
-+    struct stat stb;
-+    int argc = 1;
-+    char *arg[] = {
-+	CHARON_CMD, NULL, NULL,
-+    };
-+
-+    if (!debug)
-+    {
-+	arg[argc++] = "--use-syslog";
-+    }
-+	
-+    if (_charon_pid)
-+    {
-+	plog("starter_start_charon(): charon already started...");
-+	return -1;
-+    }
-+    else
-+    {
-+	unlink(CHARON_CTL_FILE);
-+	_stop_requested = 0;
-+
-+	pid = fork();
-+	switch (pid)
-+	{
-+	case -1:
-+	    plog("can't fork(): %s", strerror(errno));
-+	    return -1;
-+	case 0:
-+	    /* child */
-+	    setsid();
-+	    sigprocmask(SIG_SETMASK, 0, NULL);
-+	    execv(arg[0], arg);
-+	    plog("can't execv(%s,...): %s", arg[0], strerror(errno));
-+	    exit(1);
-+	default:
-+	    /* father */
-+		_charon_pid = pid;
-+		for (i = 0; i < 50 && _charon_pid; i++)
-+	    {
-+		/* wait for charon */
-+		usleep(20000);
-+		if (stat(CHARON_PID_FILE, &stb) == 0)
-+		{
-+		    DBG(DBG_CONTROL,
-+			DBG_log("charon (%d) started", _charon_pid)
-+		    )
-+		    return 0;
-+		}
-+	    }
-+	    if (_charon_pid)
-+	    {
-+		/* If charon is started but with no ctl file, stop it */
-+		plog("charon too long to start... - kill kill");
-+		for (i = 0; i < 20 && (pid = _charon_pid) != 0; i++)
-+		{
-+			if (i == 0)
-+			kill(pid, SIGINT);
-+		    else if (i < 10)
-+			kill(pid, SIGTERM);
-+		    else
-+			kill(pid, SIGKILL);
-+		    usleep(20000);
-+		}
-+	    }
-+	    else
-+	    {
-+		plog("charon refused to be started");
-+	    }
-+	    return -1;
-+	}
-+    }
-+    return -1;
-+}
-diff -Naur strongswan-2.7.0/programs/starter/invokecharon.h strongswan-2.7.0-patched/programs/starter/invokecharon.h
---- strongswan-2.7.0/programs/starter/invokecharon.h	1970-01-01 01:00:00.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/invokecharon.h	2006-04-28 08:56:38.000000000 +0200
-@@ -0,0 +1,31 @@
-+/* strongSwan charon launcher
-+ * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security
-+ * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil
-+ *
-+ * Ported from invokepluto.h to fit charons needs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: invokecharon.h $
-+ */
-+
-+#ifndef _STARTER_CHARON_H_
-+#define _STARTER_CHARON_H_
-+
-+#define CHARON_RESTART_DELAY    5
-+
-+extern void starter_charon_sigchild (pid_t pid);
-+extern pid_t starter_charon_pid (void);
-+extern int starter_stop_charon (void);
-+extern int starter_start_charon(struct starter_config *cfg, bool debug);
-+
-+#endif /* _STARTER_CHARON_H_ */
-+
-diff -Naur strongswan-2.7.0/programs/starter/invokepluto.c strongswan-2.7.0-patched/programs/starter/invokepluto.c
---- strongswan-2.7.0/programs/starter/invokepluto.c	2006-02-17 22:41:50.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/invokepluto.c	2006-04-28 08:56:38.000000000 +0200
-@@ -54,7 +54,7 @@
- 		, PLUTO_RESTART_DELAY);
- 	    alarm(PLUTO_RESTART_DELAY);   // restart in 5 sec
- 	}
--	unlink(PID_FILE);
-+	unlink(PLUTO_PID_FILE);
-     }
- }
- 
-@@ -203,7 +203,7 @@
-     }
-     else
-     {
--	unlink(CTL_FILE);
-+	unlink(PLUTO_CTL_FILE);
- 	_stop_requested = 0;
- 
- 	if (cfg->setup.prepluto)
-@@ -252,7 +252,7 @@
- 	    {
- 		/* wait for pluto */
- 		usleep(20000);
--		if (stat(CTL_FILE, &stb) == 0)
-+		if (stat(PLUTO_CTL_FILE, &stb) == 0)
- 		{
- 		    DBG(DBG_CONTROL,
- 			DBG_log("pluto (%d) started", _pluto_pid)
-diff -Naur strongswan-2.7.0/programs/starter/starter.c strongswan-2.7.0-patched/programs/starter/starter.c
---- strongswan-2.7.0/programs/starter/starter.c	2006-02-15 19:37:46.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/starter.c	2006-04-28 08:56:38.000000000 +0200
-@@ -37,6 +37,7 @@
- #include "files.h"
- #include "starterwhack.h"
- #include "invokepluto.h"
-+#include "invokecharon.h"
- #include "klips.h"
- #include "netkey.h"
- #include "cmp.h"
-@@ -47,6 +48,9 @@
- #define FLAG_ACTION_RELOAD        0x04
- #define FLAG_ACTION_QUIT          0x08
- #define FLAG_ACTION_LISTEN        0x10
-+#ifdef IKEV2
-+#define FLAG_ACTION_START_CHARON  0x20
-+#endif /* IKEV2 */
- 
- static unsigned int _action_ = 0;
- 
-@@ -65,6 +69,10 @@
- 	    {
- 		if (pid == starter_pluto_pid())
- 		    name = " (Pluto)";
-+#ifdef IKEV2
-+		if (pid == starter_charon_pid())
-+		    name = " (Charon)";
-+#endif /* IKEV2 */
- 		if (WIFSIGNALED(status))
- 		    DBG(DBG_CONTROL,
- 			DBG_log("child %d%s has been killed by sig %d\n",
-@@ -87,6 +95,10 @@
- 
- 		if (pid == starter_pluto_pid())
- 		    starter_pluto_sigchild(pid);
-+#ifdef IKEV2
-+		if (pid == starter_charon_pid())
-+		    starter_charon_sigchild(pid);
-+#endif /* IKEV2 */
- 	    }
- 	}
- 	break;
-@@ -97,6 +109,9 @@
- 
-     case SIGALRM:
- 	_action_ |= FLAG_ACTION_START_PLUTO;
-+#ifdef IKEV2
-+	_action_ |= FLAG_ACTION_START_CHARON;
-+#endif /* IKEV2 */
- 	break;
- 
-     case SIGHUP:
-@@ -193,6 +208,9 @@
-     signal(SIGQUIT, fsig);
-     signal(SIGALRM, fsig);
-     signal(SIGUSR1, fsig);
-+	
-+	
-+	plog("Starting strongSwan IPsec %s [starter]...", ipsec_version_code());
- 
-     /* verify that we can start */
-     if (getuid() != 0)
-@@ -201,12 +219,24 @@
- 	exit(1);
-     }
- 
--    if (stat(PID_FILE, &stb) == 0)
-+    if (stat(PLUTO_PID_FILE, &stb) == 0)
-     {
--	plog("pluto is already running (%s exists) -- aborting", PID_FILE);
--	exit(1);
-+	plog("pluto is already running (%s exists) -- skipping pluto start", PLUTO_PID_FILE);
-     }
--
-+    else
-+    {
-+	_action_ |= FLAG_ACTION_START_PLUTO;
-+    }
-+#ifdef IKEV2
-+    if (stat(CHARON_PID_FILE, &stb) == 0)
-+    {
-+	plog("charon is already running (%s exists) -- skipping charon start", CHARON_PID_FILE);
-+    }
-+    else
-+    {
-+	_action_ |= FLAG_ACTION_START_CHARON;
-+    }
-+#endif /* IKEV2 */
-     if (stat(DEV_RANDOM, &stb) != 0)
-     {
- 	plog("unable to start strongSwan IPsec -- no %s!", DEV_RANDOM);
-@@ -247,7 +277,11 @@
- 
-     last_reload = time(NULL);
- 
--    plog("Starting strongSwan IPsec %s [starter]...", ipsec_version_code());
-+    if (stat(MY_PID_FILE, &stb) == 0)
-+    {
-+	plog("starter is already running (%s exists) -- no fork done", MY_PID_FILE);
-+	exit(0);
-+    }
- 
-     /* fork if we're not debugging stuff */
-     if (!no_fork)
-@@ -296,17 +330,19 @@
- 		      , &cfg->defaultroute);
-     }
- 
--    _action_ = FLAG_ACTION_START_PLUTO;
--
-     for (;;)
-     {
- 	/*
--	 * Stop pluto (if started) and exit
--         */
-+	 * Stop pluto/charon (if started) and exit
-+	 */
- 	if (_action_ & FLAG_ACTION_QUIT)
- 	{
- 	    if (starter_pluto_pid())
- 		starter_stop_pluto();
-+#ifdef IKEV2
-+		if (starter_charon_pid())
-+		starter_stop_charon();
-+#endif IKEV2
- 	    if (has_netkey)
- 		starter_netkey_cleanup();
- 	    else
-@@ -337,6 +373,9 @@
- 		    if (conn->state == STATE_ADDED)
- 		    {
- 			starter_whack_del_conn(conn);
-+#ifdef IKEV2
-+			starter_stroke_del_conn(conn);
-+#endif /* IKEV2 */
- 			conn->state = STATE_TO_ADD;
- 		    }
- 		}
-@@ -427,6 +466,9 @@
- 		    {
- 			if (conn->state == STATE_ADDED)
- 			    starter_whack_del_conn(conn);
-+#ifdef IKEV2
-+			    starter_stroke_del_conn(conn);
-+#endif /* IKEV2 */
- 		    }
- 
- 		    /* Look for new ca sections that are already loaded */
-@@ -502,6 +544,27 @@
- 		    conn->state = STATE_TO_ADD;
- 	    }
- 	}
-+	
-+#ifdef IKEV2
-+	/*
-+	 * Start charon
-+	 */
-+	if (_action_ & FLAG_ACTION_START_CHARON)
-+	{
-+		if (starter_charon_pid() == 0)
-+		{
-+			DBG(DBG_CONTROL,
-+				DBG_log("Attempting to start charon...")
-+			   )
-+			if (starter_start_charon(cfg, no_fork) != 0)
-+			{
-+				/* schedule next try */
-+				alarm(PLUTO_RESTART_DELAY);
-+			}
-+		}
-+		_action_ &= ~FLAG_ACTION_START_CHARON;
-+	}
-+#endif /* IKEV2 */
- 
- 	/*
- 	 * Tell pluto to reread its interfaces
-@@ -536,11 +599,36 @@
- 			conn->id = id++;
- 		    }
- 		    starter_whack_add_conn(conn);
-+#ifdef IKEV2
-+		    starter_stroke_add_conn(conn);
-+#endif /* IKEV2 */
- 		    conn->state = STATE_ADDED;
- 		    if (conn->startup == STARTUP_START)
--			starter_whack_initiate_conn(conn);
-+		    {
-+#ifdef IKEV2
-+			if (conn->keyexchange == 2)
-+			{
-+			    starter_stroke_initiate_conn(conn);
-+			}
-+			else
-+#endif /* IKEV2 */
-+			{
-+			    starter_whack_initiate_conn(conn);
-+			}
-+		    }
- 		    else if (conn->startup == STARTUP_ROUTE)
--			starter_whack_route_conn(conn);
-+		    {
-+#ifdef IKEV2
-+			if (conn->keyexchange == 2)
-+			{
-+				starter_stroke_route_conn(conn);
-+			}
-+			else
-+#endif /* IKEV2 */
-+			{
-+				starter_whack_route_conn(conn);	
-+			}
-+		    }
- 		}
- 	    }
- 	}
-diff -Naur strongswan-2.7.0/programs/starter/starterstroke.c strongswan-2.7.0-patched/programs/starter/starterstroke.c
---- strongswan-2.7.0/programs/starter/starterstroke.c	1970-01-01 01:00:00.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/starterstroke.c	2006-04-28 08:56:38.000000000 +0200
-@@ -0,0 +1,161 @@
-+/* Stroke for charon is the counterpart to whack from pluto
-+ * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: starterstroke.c $
-+ */
-+
-+#include <sys/types.h>
-+#include <sys/socket.h>
-+#include <sys/un.h>
-+#include <linux/stddef.h>
-+#include <unistd.h>
-+#include <stdlib.h>
-+#include <errno.h>
-+#include <netinet/in.h>
-+#include <arpa/inet.h>
-+
-+#include <freeswan.h>
-+
-+#include "../pluto/constants.h"
-+#include "../pluto/defs.h"
-+#include "../pluto/log.h"
-+
-+#include "../charon/stroke/stroke.h"
-+
-+#include "starterstroke.h"
-+#include "confread.h"
-+#include "files.h"
-+
-+static char* push_string(stroke_msg_t **strm, char *string)
-+{
-+	stroke_msg_t *stroke_msg;
-+	size_t string_length;
-+	
-+	if (string == NULL)
-+	{
-+		return NULL;
-+	}
-+	stroke_msg = *strm;
-+	string_length = strlen(string) + 1;
-+	stroke_msg->length += string_length;
-+	
-+	stroke_msg = realloc(stroke_msg, stroke_msg->length);
-+	strcpy((char*)stroke_msg + stroke_msg->length - string_length, string);
-+	
-+	*strm = stroke_msg;
-+	return (char*)(u_int)stroke_msg->length - string_length;
-+}
-+
-+static int
-+send_stroke_msg (stroke_msg_t *msg)
-+{
-+	struct sockaddr_un ctl_addr = { AF_UNIX, CHARON_CTL_FILE };
-+	int sock;
-+	
-+	sock = socket(AF_UNIX, SOCK_STREAM, 0);
-+	if (sock < 0)
-+	{
-+	plog("socket() failed: %s", strerror(errno));
-+	return -1;
-+	}
-+	if (connect(sock, (struct sockaddr *)&ctl_addr,
-+	offsetof(struct sockaddr_un, sun_path) + strlen(ctl_addr.sun_path)) < 0)
-+	{
-+	plog("connect(charon_ctl) failed: %s", strerror(errno));
-+	close(sock);
-+	return -1;
-+	}
-+	
-+	/* send message */
-+	if (write(sock, msg, msg->length) != msg->length)
-+	{
-+	plog("write(charon_ctl) failed: %s", strerror(errno));
-+	close(sock);
-+	return -1;
-+	}
-+	
-+	close(sock);
-+	return 0;
-+}
-+
-+static char *
-+connection_name(starter_conn_t *conn)
-+{
-+    /* if connection name is '%auto', create a new name like conn_xxxxx */
-+    static char buf[32];
-+
-+    if (streq(conn->name, "%auto"))
-+    {
-+	sprintf(buf, "conn_%ld", conn->id);
-+	return buf;
-+    }
-+    return conn->name;
-+}
-+
-+
-+int starter_stroke_add_conn(starter_conn_t *conn)
-+{
-+	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-+	int res;
-+	
-+	msg->length = sizeof(stroke_msg_t);
-+	msg->type = STR_ADD_CONN;
-+	
-+	msg->add_conn.name = push_string(&msg, connection_name(conn));
-+	
-+	msg->add_conn.me.id = push_string(&msg, conn->left.id);
-+	msg->add_conn.me.cert = push_string(&msg, conn->left.cert);
-+	msg->add_conn.me.address = push_string(&msg, inet_ntoa(conn->left.addr.u.v4.sin_addr));
-+	msg->add_conn.me.subnet = push_string(&msg, inet_ntoa(conn->left.subnet.addr.u.v4.sin_addr));
-+	msg->add_conn.me.subnet_mask = conn->left.subnet.maskbits;
-+	
-+	msg->add_conn.other.id = push_string(&msg, conn->right.id);
-+	msg->add_conn.other.cert = push_string(&msg, conn->right.cert);
-+	msg->add_conn.other.address = push_string(&msg, inet_ntoa(conn->right.addr.u.v4.sin_addr));
-+	msg->add_conn.other.subnet = push_string(&msg, inet_ntoa(conn->right.subnet.addr.u.v4.sin_addr));
-+	msg->add_conn.other.subnet_mask = conn->right.subnet.maskbits;
-+	
-+	res = send_stroke_msg(msg);
-+	free(msg);
-+	return res;
-+}
-+
-+int starter_stroke_del_conn(starter_conn_t *conn)
-+{
-+	return 0;
-+}
-+int starter_stroke_route_conn(starter_conn_t *conn)
-+{
-+	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-+	int res;
-+	
-+	msg->length = sizeof(stroke_msg_t);
-+	msg->type = STR_INSTALL;
-+	msg->install.name = push_string(&msg, connection_name(conn));
-+	res = send_stroke_msg(msg);
-+	free(msg);
-+	return res;
-+}
-+
-+int starter_stroke_initiate_conn(starter_conn_t *conn)
-+{
-+	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-+	int res;
-+	
-+	msg->length = sizeof(stroke_msg_t);
-+	msg->type = STR_INITIATE;
-+	msg->initiate.name = push_string(&msg, connection_name(conn));
-+	res = send_stroke_msg(msg);
-+	free(msg);
-+	return res;
-+}
-diff -Naur strongswan-2.7.0/programs/starter/starterstroke.h strongswan-2.7.0-patched/programs/starter/starterstroke.h
---- strongswan-2.7.0/programs/starter/starterstroke.h	1970-01-01 01:00:00.000000000 +0100
-+++ strongswan-2.7.0-patched/programs/starter/starterstroke.h	2006-04-28 08:56:38.000000000 +0200
-@@ -0,0 +1,27 @@
-+/* Stroke for charon is the counterpart to whack from pluto
-+ * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: starterstroke.h $
-+ */
-+
-+#ifndef _STARTER_STROKE_H_
-+#define _STARTER_STROKE_H_
-+
-+#include "confread.h"
-+
-+extern int starter_stroke_add_conn(starter_conn_t *conn);
-+extern int starter_stroke_del_conn(starter_conn_t *conn);
-+extern int starter_stroke_route_conn(starter_conn_t *conn);
-+extern int starter_stroke_initiate_conn(starter_conn_t *conn);
-+
-+#endif /* _STARTER_STROKE_H_ */
-diff -Naur strongswan-2.7.0/programs/starter/starterwhack.c strongswan-2.7.0-patched/programs/starter/starterwhack.c
---- strongswan-2.7.0/programs/starter/starterwhack.c	2006-04-17 12:32:36.000000000 +0200
-+++ strongswan-2.7.0-patched/programs/starter/starterwhack.c	2006-04-28 08:56:38.000000000 +0200
-@@ -54,7 +54,7 @@
- static int
- send_whack_msg (whack_message_t *msg)
- {
--    struct sockaddr_un ctl_addr = { AF_UNIX, CTL_FILE };
-+    struct sockaddr_un ctl_addr = { AF_UNIX, PLUTO_CTL_FILE };
-     int sock;
-     ssize_t len;
-     char *str_next, *str_roof;
diff --git a/src/charon/scripts/alice-key.der b/src/charon/scripts/alice-key.der
deleted file mode 100644
index 5a8aef6cb..000000000
--- a/src/charon/scripts/alice-key.der
+++ /dev/null
diff --git a/src/charon/scripts/alice.der b/src/charon/scripts/alice.der
deleted file mode 100644
index 8154defd9..000000000
--- a/src/charon/scripts/alice.der
+++ /dev/null
diff --git a/src/charon/scripts/bob-key.der b/src/charon/scripts/bob-key.der
deleted file mode 100644
index f944dec9f..000000000
--- a/src/charon/scripts/bob-key.der
+++ /dev/null
diff --git a/src/charon/scripts/bob.der b/src/charon/scripts/bob.der
deleted file mode 100644
index 401611888..000000000
--- a/src/charon/scripts/bob.der
+++ /dev/null
diff --git a/src/charon/scripts/complex1.der b/src/charon/scripts/complex1.der
deleted file mode 100644
index ba460cbee..000000000
--- a/src/charon/scripts/complex1.der
+++ /dev/null
diff --git a/src/charon/scripts/complex2.der b/src/charon/scripts/complex2.der
deleted file mode 100644
index 160b21f47..000000000
--- a/src/charon/scripts/complex2.der
+++ /dev/null
diff --git a/src/charon/scripts/daemon-loop.sh b/src/charon/scripts/daemon-loop.sh
deleted file mode 100755
index 9a361e012..000000000
--- a/src/charon/scripts/daemon-loop.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/bash
-
-while [ 1 ]
-do
-	ip x p f
-	ip x s f
-	rm /var/run/charon.*
-	make
-	bin/charon
-	echo ""
-	echo "----------------------------"
-	echo ""
-done
diff --git a/src/charon/scripts/deleteline b/src/charon/scripts/deleteline
deleted file mode 100755
index 9f529dccc..000000000
--- a/src/charon/scripts/deleteline
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-FILES=`find . -name '*.[ch]'`
-for FILE in $FILES
-do
-	TMP=${FILE}_tmp
-	sed "/$1/d" < $FILE > $TMP
-	mv $TMP $FILE
-done
diff --git a/src/charon/scripts/replace b/src/charon/scripts/replace
deleted file mode 100755
index adfc8e09a..000000000
--- a/src/charon/scripts/replace
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-FILES=`find . -name '*.[ch]'`
-for FILE in $FILES
-do
-	TMP=${FILE}_tmp
-	sed "s/$1/$2/g" < $FILE > $TMP
-	mv $TMP $FILE
-done
diff --git a/src/charon/scripts/to-alice.sh b/src/charon/scripts/to-alice.sh
deleted file mode 100755
index 01ba27f5b..000000000
--- a/src/charon/scripts/to-alice.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/bash
-
-# enable ip forwarding for gateway
-echo 1 > /proc/sys/net/ipv4/ip_forward
-
-# add connection to alice
-MY_ADDR=192.168.0.2                           # Address of local peer
-OTHER_ADDR=192.168.0.1                        # Address of remote peer
-MY_ID="C=CH, O=Linux strongSwan, CN=bob"      # ID of local peer
-OTHER_ID="C=CH, O=Linux strongSwan, CN=alice" # ID of remote peer
-MY_NET=10.2.0.0                               # protected local subnet
-OTHER_NET=10.1.0.0                            # protected remote subnet
-MY_BITS=16                                    # size of subnet
-OTHER_BITS=16                                 # size of subnet
-CONN_NAME=to-alice                            # connection name
-
-bin/stroke add $CONN_NAME "$MY_ID" "$OTHER_ID" $MY_ADDR $OTHER_ADDR $MY_NET $OTHER_NET $MY_BITS $OTHER_BITS
-
-# initiate
-i=0
-LIMIT=1
-
-while [ "$i" -lt "$LIMIT" ]
-do
-  bin/stroke up $CONN_NAME
-  let "i += 1"
-done
diff --git a/src/charon/scripts/to-bob.sh b/src/charon/scripts/to-bob.sh
deleted file mode 100755
index df30bd893..000000000
--- a/src/charon/scripts/to-bob.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/bash
-
-# enable ip forwarding for gateway
-echo 1 > /proc/sys/net/ipv4/ip_forward
-
-# add connection to bob
-MY_ADDR=192.168.0.1                           # Address of local peer
-OTHER_ADDR=192.168.0.2                        # Address of remote peer
-MY_ID="C=CH, O=Linux strongSwan, CN=alice"    # ID of local peer
-OTHER_ID="C=CH, O=Linux strongSwan, CN=bob"   # ID of remote peer
-MY_NET=10.1.0.0                               # protected local subnet
-OTHER_NET=10.2.0.0                            # protected remote subnet
-MY_BITS=16                                    # size of subnet
-OTHER_BITS=16                                 # size of subnet
-CONN_NAME=to-bob                              # connection name
-
-bin/stroke add $CONN_NAME "$MY_ID" "$OTHER_ID" $MY_ADDR $OTHER_ADDR $MY_NET $OTHER_NET $MY_BITS $OTHER_BITS
-
-# initiate
-i=0
-LIMIT=0
-
-while [ "$i" -lt "$LIMIT" ]
-do
-  bin/stroke up $CONN_NAME
-  let "i += 1"
-done
diff --git a/src/charon/stroke/Makefile.stroke b/src/charon/stroke/Makefile.stroke
deleted file mode 100644
index c87445095..000000000
--- a/src/charon/stroke/Makefile.stroke
+++ /dev/null
@@ -1,17 +0,0 @@
-# Copyright (C) 2006 Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-# for more details.
-#
-STROKE_DIR= $(MAIN_DIR)stroke/
-
-$(BUILD_DIR)stroke.o :			$(STROKE_DIR)stroke.c $(STROKE_DIR)stroke.h
-								$(CC) $(CFLAGS) -c -o $@ $<
diff --git a/src/charon/stroke/stroke.c b/src/charon/stroke/stroke.c
deleted file mode 100644
index 7a734a05f..000000000
--- a/src/charon/stroke/stroke.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* Stroke for charon is the counterpart to whack from pluto
- * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/fcntl.h>
-#include <unistd.h>
-#include <dirent.h>
-#include <errno.h>
-#include <stdio.h>
-#include <linux/stddef.h>
-
-#include "stroke.h"
-
-static char* push_string(stroke_msg_t **strm, char *string)
-{
-	stroke_msg_t *stroke_msg;
-	size_t string_length;
-	
-	if (string == NULL)
-	{
-		return NULL;
-	}
-	stroke_msg = *strm;
-	string_length = strlen(string) + 1;
-	stroke_msg->length += string_length;
-	
-	stroke_msg = realloc(stroke_msg, stroke_msg->length);
-	strcpy((char*)stroke_msg + stroke_msg->length - string_length, string);
-	
-	*strm = stroke_msg;
-	return (char*)(u_int)stroke_msg->length - string_length;
-}
-
-static int send_stroke_msg (stroke_msg_t *msg)
-{
-	struct sockaddr_un ctl_addr = { AF_UNIX, STROKE_SOCKET };
-	int sock;
-	char buffer[64];
-	int byte_count;
-	
-	sock = socket(AF_UNIX, SOCK_STREAM, 0);
-	if (sock < 0)
-	{
-		fprintf(stderr, "Opening unix socket %s: %s\n", STROKE_SOCKET, strerror(errno));
-		return -1;
-	}
-	if (connect(sock, (struct sockaddr *)&ctl_addr,
-				offsetof(struct sockaddr_un, sun_path) + strlen(ctl_addr.sun_path)) < 0)
-	{
-		fprintf(stderr, "Connect to socket failed: %s\n", strerror(errno));
-		close(sock);
-		return -1;
-	}
-	
-	/* send message */
-	if (write(sock, msg, msg->length) != msg->length)
-	{
-		fprintf(stderr, "writing to socket failed: %s\n", strerror(errno));
-		close(sock);
-		return -1;
-	}
-	
-	while ((byte_count = read(sock, buffer, sizeof(buffer)-1)) > 0)
-	{
-		buffer[byte_count] = '\0';
-		printf("%s", buffer);
-	}
-	if (byte_count < 0)
-	{
-		fprintf(stderr, "reading from socket failed: %s\n", strerror(errno));
-	}
-	
-	close(sock);
-	return 0;
-}
-
-static int add_connection(char *name,
-						  char *my_id, char *other_id, 
-						  char *my_addr, char *other_addr,
-						  char *my_net, char *other_net,
-						  u_int my_netmask, u_int other_netmask)
-{
-	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-	int res;
-	
-	msg->length = sizeof(stroke_msg_t);
-	msg->type = STR_ADD_CONN;
-	
-	msg->add_conn.name = push_string(&msg, name);
-	
-	msg->add_conn.me.id = push_string(&msg, my_id);
-	msg->add_conn.me.address = push_string(&msg, my_addr);
-	msg->add_conn.me.subnet = push_string(&msg, my_net);
-	msg->add_conn.me.subnet_mask = my_netmask;
-	msg->add_conn.me.cert = NULL;
-	
-	msg->add_conn.other.id = push_string(&msg, other_id);
-	msg->add_conn.other.address = push_string(&msg, other_addr);
-	msg->add_conn.other.subnet = push_string(&msg, other_net);
-	msg->add_conn.other.subnet_mask = other_netmask;
-	msg->add_conn.other.cert = NULL;
-	
-	res = send_stroke_msg(msg);
-	free(msg);
-	return res;
-}
-
-static int initiate_connection(char *name)
-{
-	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-	int res;
-	
-	msg->length = sizeof(stroke_msg_t);
-	msg->type = STR_INITIATE;
-	msg->initiate.name = push_string(&msg, name);
-	res = send_stroke_msg(msg);
-	free(msg);
-	return res;
-}
-
-static int terminate_connection(char *name)
-{
-	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-	int res;
-	
-	msg->length = sizeof(stroke_msg_t);
-	msg->type = STR_TERMINATE;
-	msg->initiate.name = push_string(&msg, name);
-	res = send_stroke_msg(msg);
-	free(msg);
-	return res;
-}
-
-static int show_status(char *mode, char *connection)
-{
-	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-	int res;
-	
-	msg->length = sizeof(stroke_msg_t);
-	if (strcmp(mode, "statusall") == 0)
-	{
-		msg->type = STR_STATUS_ALL;
-	}
-	else
-	{
-		msg->type = STR_STATUS;
-	}
-	msg->status.name = push_string(&msg, connection);
-	res = send_stroke_msg(msg);
-	free(msg);
-	return res;
-}
-
-static int set_logtype(char *context, char *type, int enable)
-{
-	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-	int res;
-	
-	msg->length = sizeof(stroke_msg_t);
-	msg->type = STR_LOGTYPE;
-	msg->logtype.context = push_string(&msg, context);
-	msg->logtype.type = push_string(&msg, type);
-	msg->logtype.enable = enable;
-	res = send_stroke_msg(msg);
-	free(msg);
-	return res;
-}
-
-static int set_loglevel(char *context, u_int level)
-{
-	stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
-	int res;
-	
-	msg->length = sizeof(stroke_msg_t);
-	msg->type = STR_LOGLEVEL;
-	msg->loglevel.context = push_string(&msg, context);
-	msg->loglevel.level = level;
-	res = send_stroke_msg(msg);
-	free(msg);
-	return res;
-}
-
-static void exit_error(char *error)
-{
-	if (error)
-	{
-		fprintf(stderr, "%s\n", error);
-	}
-	exit(-1);
-}
-
-static void exit_usage(char *error)
-{
-	printf("Usage:\n");
-	printf("  Add a connection:\n");
-	printf("    stroke add NAME MY_ID OTHER_ID MY_ADDR OTHER_ADDR\\\n");
-	printf("           MY_NET OTHER_NET MY_NETBITS OTHER_NETBITS\n");
-	printf("    where: ID is any IKEv2 ID \n");
-	printf("           ADDR is a IPv4 address\n");
-	printf("           NET is a IPv4 address of the subnet to tunnel\n");
-	printf("           NETBITS is the size of the subnet, as the \"24\" in 192.168.0.0/24\n");
-	printf("  Initiate a connection:\n");
-	printf("    stroke up NAME\n");
-	printf("    where: NAME is a connection name added with \"stroke add\"\n");
-	printf("  Terminate a connection:\n");
-	printf("    stroke down NAME\n");
-	printf("    where: NAME is a connection name added with \"stroke add\"\n");
-	printf("  Set logtype for a logging context:\n");
-	printf("    stroke logtype CONTEXT TYPE ENABLE\n");
-	printf("    where: CONTEXT is PARSR|GNRAT|IKESA|SAMGR|CHDSA|MESSG|TPOOL|WORKR|SCHED|\n");
-	printf("                      SENDR|RECVR|SOCKT|TESTR|DAEMN|CONFG|ENCPL|PAYLD\n");
-	printf("           TYPE is CONTROL|ERROR|AUDIT|RAW|PRIVATE\n");
-	printf("           ENABLE is 0|1\n");
-	printf("  Set loglevel for a logging context:\n");
-	printf("    stroke loglevel CONTEXT LEVEL\n");
-	printf("    where: CONTEXT is PARSR|GNRAT|IKESA|SAMGR|CHDSA|MESSG|TPOOL|WORKR|SCHED|\n");
-	printf("                      SENDR|RECVR|SOCKT|TESTR|DAEMN|CONFG|ENCPL|PAYLD\n");
-	printf("           LEVEL is 0|1|2|3\n");
-	printf("  Show connection status:\n");
-	printf("    stroke status\n");
-	exit_error(error);
-}
-
-int main(int argc, char *argv[])
-{
-	int res;
-	char *op;
-	
-	if (argc < 2)
-	{
-		exit_usage(NULL);
-	}
-	
-	op = argv[1];
-
-	if (strcmp(op, "status") == 0 ||
-		strcmp(op, "statusall") == 0)
-	{
-		res = show_status(op, argc > 2 ? argv[2] : NULL);
-	}
-	else if (strcmp(op, "up") == 0)
-	{
-		if (argc < 3)
-		{
-			exit_usage("\"up\" needs a connection name");
-		}
-		res = initiate_connection(argv[2]);
-	}
-	else if (strcmp(op, "down") == 0)
-	{
-		if (argc < 3)
-		{
-			exit_usage("\"down\" needs a connection name");
-		}
-		res = terminate_connection(argv[2]);
-	}
-	else if (strcmp(op, "add") == 0)
-	{
-		if (argc < 11)
-		{
-			exit_usage("\"add\" needs more parameters...");
-		}
-		res = add_connection(argv[2],
-							 argv[3], argv[4], 
-							 argv[5], argv[6], 
-							 argv[7], argv[8], 
-							 atoi(argv[9]), atoi(argv[10]));
-	}
-	else if (strcmp(op, "logtype") == 0)
-	{
-		if (argc < 5)
-		{
-			exit_usage("\"logtype\" needs more parameters...");
-		}
-		res = set_logtype(argv[2], argv[3], atoi(argv[4])); 
-	}
-	else if (strcmp(op, "loglevel") == 0)
-	{
-		if (argc < 4)
-		{
-			exit_usage("\"logtype\" needs more parameters...");
-		}
-		res = set_loglevel(argv[2], atoi(argv[3])); 
-	}
-	else
-	{
-		exit_usage(NULL);
-	}
-	
-	return res;
-}
diff --git a/src/charon/stroke/stroke.h b/src/charon/stroke/stroke.h
deleted file mode 100644
index cb40cf843..000000000
--- a/src/charon/stroke/stroke.h
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * @file stroke.h
- *
- * @brief Definition of stroke_msg_t.
- *
- */
-
-/*
- * Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#ifndef STROKE_H_
-#define STROKE_H_
-
-/**
- * Socket which is used to communicate between charon and stroke
- */
-#define STROKE_SOCKET "/var/run/charon.ctl"
-
-
-typedef struct stroke_msg_t stroke_msg_t;
-
-/**
- * @brief A stroke message sent over the unix socket.
- */
-struct stroke_msg_t {
-	/* length of this message with all strings */
-	u_int16_t length;
-	/* type of the message */
-	enum {
-		/* initiate a connection */
-		STR_INITIATE,
-		/* install SPD entries for a connection */
-		STR_INSTALL,
-		/* add a connection */
-		STR_ADD_CONN,
-		/* delete a connection */
-		STR_DEL_CONN,
-		/* terminate connection */
-		STR_TERMINATE,
-		/* show connection status */
-		STR_STATUS,
-		/* show verbose connection status */
-		STR_STATUS_ALL,
-		/* set a log type to log/not log */
-		STR_LOGTYPE,
-		/* set the verbosity of a logging context */
-		STR_LOGLEVEL,
-		/* more to come */
-	} type;
-	union {
-		/* data for STR_INITIATE, STR_INSTALL, STR_UP, STR_DOWN */
-		struct {
-			char *name;
-		} initiate, install, terminate, status;
-		/* data for STR_ADD_CONN */
-		struct {
-			char *name;
-			struct {
-				char *id;
-				char *cert;
-				char *address;
-				char *subnet;
-				u_int8_t subnet_mask;
-			} me, other;
-		} add_conn;
-		struct {
-			char *context;
-			char *type;
-			int enable;
-		} logtype;
-		struct {
-			char *context;
-			u_int level;
-		} loglevel;
-	};
-	u_int8_t buffer[];
-};
-
-#endif /* STROKE_H_ */