Import initial strongswan 2.7.0 version into SVN.

1 files changed, 203 insertions, 0 deletions

diff --git a/doc/src/roadmap.html b/doc/src/roadmap.html
new file mode 100644
index 000000000..c9d85047c
--- /dev/null
+++ b/doc/src/roadmap.html
@@ -0,0 +1,203 @@
+<html>
+<head>
+<title>FreeS/WAN roadmap</title>
+<meta name="keywords" content="Linux, IPsec, VPN, security, FreeSWAN">
+
+<!--
+
+Written by Sandy Harris for the Linux FreeS/WAN project
+Freely distributable under the GNU General Public License
+
+More information at www.freeswan.org
+Feedback to users@lists.freeswan.org
+
+CVS information:
+RCS ID:          $Id: roadmap.html,v 1.1 2004/03/15 20:35:24 as Exp $
+Last changed:    $Date: 2004/03/15 20:35:24 $
+Revision number: $Revision: 1.1 $
+
+CVS revision numbers do not correspond to FreeS/WAN release numbers.
+-->
+</head>
+
+<body>
+<h1><a name="roadmap">Distribution Roadmap: What's Where in Linux FreeS/WAN</a></h1>
+
+<p>
+This file is a guide to the locations of files within the FreeS/WAN
+distribution. Everything described here should be on your system once you
+download, gunzip, and untar the distribution.</p>
+
+<p>This distribution contains two major subsystems
+</p>
+<dl>
+  <dt><a href="#klips.roadmap">KLIPS</a></dt>
+    <dd>the kernel code</dd>
+  <dt><a href="#pluto.roadmap">Pluto</a></dt>
+    <dd>the user-level key-management daemon</dd>
+</dl>
+
+<p>plus assorted odds and ends.
+</p>
+<h2><a name="top">Top directory</a></h2>
+
+<p>The top directory has essential information in text files:</p>
+
+<dl>
+  <dt>README</dt>
+    <dd>introduction to the software</dd>
+  <dt>INSTALL</dt>
+    <dd>short experts-only installation procedures. More detalied procedures are in
+      <a href="install.html">installation</a> and
+	<a href="config.html">configuration</a> HTML documents.</dd>
+  <dt>BUGS</dt>
+    <dd>major known bugs in the current release.</dd>
+  <dt>CHANGES</dt>
+    <dd>changes from previous releases</dd>
+  <dt>CREDITS</dt>
+    <dd>acknowledgement of contributors</dd>
+  <dt>COPYING</dt>
+    <dd>licensing and distribution information</dd>
+</dl>
+
+<h2><a name="doc">Documentation</a></h2>
+
+<p>
+The doc directory contains the bulk of the documentation, most of it in
+HTML format. See the <a href="index.html">index file</a> for details.
+</p>
+
+<h2><a name="klips.roadmap">KLIPS: kernel IP security</a></h2>
+</a>
+<p>
+<a href="glossary.html#KLIPS">KLIPS</a> is <strong>K</strong>erne<strong>L</strong>
+<strong>IP</strong> <strong>S</strong>ecurity. It lives in the klips
+directory, of course.
+</p>
+<dl>
+  <dt>klips/doc</dt>
+    <dd>documentation</dd>
+  <dt>klips/patches</dt>
+    <dd>patches for existing kernel files</dd>
+  <dt>klips/test</dt>
+    <dd>test stuff</dd>
+  <dt>klips/utils</dt>
+    <dd>low-level user utilities</dd>
+  <dt>klips/net/ipsec</dt>
+    <dd>actual klips kernel files</dd>
+  <dt>klips/src</dt>
+    <dd>symbolic link to klips/net/ipsec
+      <p>The "make insert" step of installation installs the patches and makes
+      a symbolic link from the kernel tree to klips/net/ipsec. The odd name of
+      klips/net/ipsec is dictated by some annoying limitations of the scripts
+      which build the Linux kernel.  The symbolic-link business is a bit
+      messy, but all the alternatives are worse.</p>
+      <p></p>
+    </dd>
+  <dt>klips/utils</dt>
+    <dd>Utility programs:
+      <p></p>
+      <dl>
+        <dt>eroute</dt>
+          <dd>manipulate IPsec extended routing tables</dd>
+        <dt>klipsdebug</dt>
+          <dd>set Klips (kernel IPsec support) debug features and level</dd>
+        <dt>spi</dt>
+          <dd>manage IPsec Security Associations</dd>
+        <dt>spigrp</dt>
+          <dd>group/ungroup IPsec Security Associations</dd>
+        <dt>tncfg</dt>
+          <dd>associate IPsec virtual interface with real interface</dd>
+      </dl>
+      <p>These are all normally invoked by ipsec(8) with commands such as</p>
+      <pre>        ipsec tncfg <var>arguments</var></pre>
+      There are section 8 man pages for all of these; the names have "ipsec_"
+      as a prefix, so your man command should be something like:
+      <pre>        man 8 ipsec_tncfg</pre>
+    </dd>
+</dl>
+
+<h2><a name="pluto.roadmap">Pluto key and connection management daemon</a></h2>
+
+<p>
+<a href="glossary.html#Pluto">Pluto</a> is our key management and negotiation daemon. It
+lives in the pluto directory, along with its low-level user utility,
+whack.
+</p>
+<p>
+There are no subdirectories. Documentation is a man page,
+<a href="manpage.d/ipsec_pluto.8.html">pluto.8</a>. This covers whack as well.
+</p>
+
+<h2><a name="utils">Utils</a></h2>
+
+<p>
+The utils directory contains a growing collection of higher-level user
+utilities, the commands that administer and control the software.  Most of the
+things that you will actually have to run yourself are in there.
+</p>
+<dl>
+  <dt>ipsec</dt>
+    <dd>invoke IPsec utilities
+      <p>ipsec(8) is normally the only program installed in a standard
+      directory, /usr/local/sbin. It is used to invoke the others, both those
+      listed below and the ones in klips/utils mentioned above.</p>
+      <p></p>
+    </dd>
+  <dt>auto</dt>
+    <dd>control automatically-keyed IPsec connections</dd>
+  <dt>manual</dt>
+    <dd>take manually-keyed IPsec connections up and down</dd>
+  <dt>barf</dt>
+    <dd>generate copious debugging output</dd>
+  <dt>look</dt>
+    <dd>generate moderate amounts of debugging output</dd>
+</dl>
+<p>
+There are .8 manual pages for these. look is covered in barf.8. The man pages
+have an "ipsec_" prefix so your man command should be something like:
+<pre>
+        man 8 ipsec_auto
+</pre>
+<p>
+Examples are in various files with names utils/*.eg</p>
+
+<h2><a name="lib">Libraries</a></h2>
+
+<h3><a name="fswanlib">FreeS/WAN Library</a></h3>
+
+<p>
+The lib directory is the FreeS/WAN library, also steadily growing, used by
+both user-level and kernel code.<br />
+It includes section 3 <a href="manpages.html">man pages</a> for the library routines.
+</p>
+<h3><a name="otherlib">Imported Libraries</a></h3>
+
+<h4>LibDES</h4>
+
+The libdes library, originally from SSLeay, is used by both Klips and Pluto
+for <a href="glossary.html#3DES">Triple DES</a> encryption. Single DES is not
+used because <a href="politics.html#desnotsecure">it is
+insecure</a>.
+<p>
+Note that this library has its own license, different from the
+<a href="glossary.html#GPL">GPL</a> used for other code in FreeS/WAN.
+ </p>
+<p>
+The library includes its own documentation.
+
+
+<h4>GMP</h4>
+
+The GMP (GNU multi-precision) library is used for multi-precision arithmetic
+in Pluto's key-exchange code and public key code.
+<p>
+Older versions (up to 1.7) of FreeS/WAN included a copy of this library in
+the FreeS/WAN distribution.
+<p>
+Since 1.8, we have begun to rely on the system copy of GMP.
+</p>
+
+</body>
+</html>
+