libstrongswan has been modularized to attach crypto algorithms, credential implementations (keys, certificates) and fetchers dynamically through plugins. Existing code has been ported to plugins:
RSA/Diffie-Hellman implementation using the GNU Multi Precision library
* X509 certificate system supporting CRLs, OCSP and attribute certificates
* Multiple plugins providing crypto algorithms in software
* CURL and OpenLDAP fetcher
libstrongswan gained a relational database API which uses pluggable database providers. Plugins for MySQL and SQLite are available.
The IKEv2 keying daemon charon is more extensible. Generic plugins may provide connection configuration, credentials and EAP methods or control the daemon. Existing code has been ported to plugins:
EAP-AKA, EAP-SIM, EAP-MD5 and EAP-Identity
stroke configuration, credential and control (compatible to pluto)
* XML based management protocol to control and query the daemon
The following new plugins are available:
An experimental SQL configuration, credential and logging plugin on top of either MySQL or SQLite
* A unit testing plugin to run tests at daemon startup
The authentication and credential framework in charon has been heavily refactored to support modular credential providers, proper CERTREQ/CERT payload exchanges and extensible authorization rules.
The framework of strongSwan Manager has envolved to the web application framework libfast (FastCGI Application Server w/ Templates) and is usable by other applications.