doc: Remove obsolete architecture description and empty known bugs list

laforge/swu
Tobias Brunner 9 years ago
parent 0909bf6c0a
commit 01e48ddd59
  1. 5
      doc/Known-bugs.txt
  2. 56
      doc/architecture.h

@ -1,5 +0,0 @@
Known bugs in charon
======================

@ -1,56 +0,0 @@
/** @mainpage
@section design strongSwans overall design
IKEv1 and IKEv2 is handled in different keying daemons. The ole IKEv1 stuff is
completely handled in pluto, as it was all the times. IKEv2 is handled in the
new keying daemon, which is called #charon.
Daemon control is done over unix sockets. Pluto uses whack, as it did for years.
Charon uses another socket interface, called stroke. Stroke uses another
format as whack and therefore is not compatible to whack. The starter utility,
which does fast configuration parsing, speaks both the protocols, whack and
stroke. It also handles daemon startup and termination.
Pluto uses starter for some commands, for other it uses the whack utility. To be
as close to pluto as possible, charon has the same split up of commands to
starter and stroke. All commands are wrapped together in the ipsec script, which
allows transparent control of both daemons.
@verbatim
+-----------------------------------------+
| ipsec |
+-----+--------------+---------------+----+
| | |
| | |
| +-----+-----+ |
+-----+----+ | | +-----+----+
| | | starter | | |
| stroke | | | | whack |
| | +---+--+----+ | |
+------+---+ | | +--+-------+
| | | |
+---+------+ | | +------+--+
| | | | | |
| charon +----+ +----+ pluto |
| | | |
+-----+----+ +----+----+
| |
+-----+----+ |
| LSF | |
+-----+----+ |
| |
+-----+----+ +----+----+
| RAW Sock | | UDP/500 |
+----------+ +---------+
@endverbatim
Since IKEv2 uses the same port as IKEv1, both daemons must listen to UDP port
500. Under Linux, there is no clean way to set up two sockets at the same port.
To reslove this problem, charon uses a RAW socket, as they are used in network
sniffers. An installed Linux Socket Filter (LSF) filters out all none-IKEv2
traffic. Pluto receives any IKE message, independent of charon's behavior.
Therefore plutos behavior is changed to discard any IKEv2 traffic silently.
To gain some reusability of the code, generic crypto and utility functions are
separeted in a shared library, libstrongswan.
*/
Loading…
Cancel
Save