Pluto internals: Difference between revisions
Jump to navigation
Jump to search
Paul Wouters (talk | contribs) (Created page with " == The pluto IKE daemon == The pluto daemon handles the IKE protocol layer and instructs the kernel about IPsec SA's. * pluto implements the IKEv1 and IKEv2 protocols * plu...") |
Paul Wouters (talk | contribs) No edit summary |
||
| Line 7: | Line 7: | ||
* pluto communicates via the [[ whack interface ]] | * pluto communicates via the [[ whack interface ]] | ||
* [[ pluto packet processing ]] | |||
The pluto main binary can call pluto helpers: | The pluto main binary can call pluto helpers: | ||
Revision as of 07:05, 20 February 2014
The pluto IKE daemon
The pluto daemon handles the IKE protocol layer and instructs the kernel about IPsec SA's.
- pluto implements the IKEv1 and IKEv2 protocols
- pluto communicates via the whack interface
The pluto main binary can call pluto helpers:
- sub-process adns helper (the libisc lwdnsq helper has been obsoleted)
- sub-process crypto helper
- thread authentication helper
- thread X.509 CRL helper
- sub-process addconn helper
pluto uses the following concepts
pluto consists several parts:
- programs/pluto (main program)
- libswan (internal low level functions)
- libwhack (the whack interface)
- libcrypto (glue code to NSS functions)
- libipsecconf (configuration file parser)
- libbsdpfkey (BSD/OSX glue code)