Pluto internals
Jump to navigation
Jump to search
The pluto IKE daemon
The pluto daemon handles the IKE protocol layer and instructs the kernel about IPsec SA's.
- pluto implements the IKEv1 and IKEv2 protocols
- pluto communicates via the whack interface
The pluto main binary can call pluto helpers:
- sub-process adns helper (the libisc lwdnsq helper has been obsoleted)
- sub-process crypto helper
- thread authentication helper
- thread X.509 CRL helper
- sub-process addconn helper
pluto uses the following concepts
pluto consists several parts:
- programs/pluto (main program)
- libswan (internal low level functions)
- libwhack (the whack interface)
- libcrypto (glue code to NSS functions)
- libipsecconf (configuration file parser)
- libbsdpfkey (BSD/OSX glue code)