strongSwan Developer Documentation » History » Version 50

Version 49 (Tobias Brunner, 02.08.2017 17:02) → Version 50/56 (Tobias Brunner, 16.02.2018 10:25)

h1. strongSwan Developer Documentation

h2. Contributions

Before starting development, please read our [[Contributions|contribution requirements]].

h2. Getting the Source Code

The easiest way to get the source code is checking it out from our "Git": repository:
git clone git://
</pre>The repository is also mirrored to "GitHub":

h2. Browsing the Source Code

The Git repository can be browsed online using either "Gitweb": or the integrated "repository browser": (slower).

h2. Source Code Documentation

The newer parts of strongSwan use extractable inline documentation extensively. This documentation is extracted with "Doxygen": for the latest release
and uploaded to "": Use @make apidoc@ to generate it yourself from the sources.

h2. Code style

For our code we heavily use an [[ObjectOrientedC|object oriented programming style]] for C. Also have a look to our basic [[ProgrammingStyle|programming style]] guidelines.

h2. Quality Assurance

h3. Unit Tests

Our libraries are tested with an increasing number of unit tests. To run them use @make check@.

The following environment variables change the behavior of the test runner:

|TESTS_PLUGINS|A space-separated list of plugins to load (not implemented by all test runners). Since version:5.3.3.|
|TESTS_REDUCED_KEYLENGTHS|If this is set test cases that generate keys will do so only for reduced key lengths to avoid blocking on hosts with low entropy.|
|TESTS_STRONGSWAN_CONF|Path to a custom strongswan.conf file used for the tests. Since version:5.2.0.|
|TESTS_SUITES|A comma-separated list of test suites to run (all suites are run if this is not specified).|
|TESTS_SUITES_EXCLUDE|A comma-separated list of test suites excluded from running. Since version:5.2.1.|
|TESTS_VERBOSITY|The log level used when running the tests (-1 to 4, see [[LoggerConfiguration]]), defaults to -1.|
|LEAK_DETECTIVE_DISABLE|If our custom memory allocator is enabled with _--enable-leak-detective_ it can be disabled temporarily by setting this variable in order to speed up running the tests.|

Coverage reports can be generated with @make coverage@ (requires [[Autoconf|configuring]] with _--enable-coverage_, which is not recommended for production builds as it disables all optimizations).

The unit tests also run automatically on "Travis CI": !!: !!: !!:

h3. Testing Environment

Our [[TestingEnvironment|integration and regression testing environment]] helps us ensure the quality of future releases.

The "results for the latest release": are published online.

h2. Components

The _src_ directory in the strongSwan distribution contains the following a set of components:

|aikgen|Utility to generate an Attestation Identity Key bound to a TPM|
|[[charon]]|The IKE keying daemon|
|[[charon-cmd]]|A command line IKE client|
|[[NetworkManager|charon-nm]]|The back end for the [[NetworkManager]] plugin|
|[[charon-svc]]|A Windows IKE service|
|[[charon-systemd]]|An IKE daemon similar to charon, but is specifically designed for use with _systemd_|
|charon-tkm|A variant of charon that is backed by a "Trusted Key Manager": (TKM)|
|[[IntegrityTest|checksum]]|Utility to generate checksums of built executables and libraries|
|[[IpsecConftest|conftest]]|Conformance test tool|
|[[DynamicUmlMeshModeler|dumm]]|An experimental UML testing framework|
|[[AndroidVpnClient|frontends/android]]|VPN client for Android 4+|
|[[NetworkManager|frontends/gnome]]|[[NetworkManager]] plugin|
|[[Maemo|frontends/maemo]]|[[Maemo]] applet|
|[[MacOSX|frontends/osx]]|charon-xpc helper daemon for the native [[MacOSX|Mac OS X application]]|
|[[IpsecCommand|ipsec]]|The legacy ipsec command line tool wrapping commands and other tools|
|libcharon|Contains most of the code and the plugins of the charon daemon|
|[[libfast]]|A lightweight framework to build native web applications using ClearSilver and FastCGI|
|libhydra|Contains daemon-specific code and plugins used by the charon and starter daemons|
|libimcv|Contains [[TrustedNetworkConnect|IMCs, IMVs]] and code shared by them|
|libipsec|An IPsec implementation used by [[kernel-libipsec]] and the [[AndroidVPNClient|Android app]]|
|libpts|Contains code for [[TrustedNetworkConnect|TPM-based remote attestation]] and SWID tag handling|
|libpttls|Implements the [[TrustedNetworkConnect|PT-TLS protocol]]|
|libradius|RADIUS protocol implementation used by e.g. the [[EAPRadius|eap-radius]] and tnc-pdp plugins|
|libsimaka|Contains code shared by several EAP-SIM/AKA plugins|
|[[libstrongswan]]|The strongSwan library with basic functions used by the daemons and utilities| utilities |
|[[EapTls|libtls]]|TLS implementation used by the [[EapTls|eap-tls]], eap-ttls, eap-peap and other plugins|
|libtnccs|Contains [[TrustedNetworkConnect|IF-TNCCS]] implementations|
|libtncif|Contains [[TrustedNetworkConnect|IF-IMC/IMV]] code|
|[[Manager|manager]]|A deprecated graphical management application for charon based on libfast|
|medsrv|An experimental management front end for mediation servers based on libfast|
|[[IpsecPKI|pki]]|Public Key Infrastructure utility|
|[[Ipsecpool|pool]]|Utility to manage attributes and IP address pools provided by the [[attrsql|attr-sql]] plugin|
|pt-tls-client|[[TrustedNetworkConnect|PT-TLS protocol]] client|
|[[ScepClient|scepclient]]|Utility to enroll certificates using the SCEP protocol|
|[[IpsecStarter|starter]]|Legacy daemon that reads [[ipsec.conf]] |[[IpsecStarter|starter]]|Reads _ipsec.conf_ and controls the keying daemon charon|
|[[IpsecStroke|stroke]]|Legacy command |[[IpsecStroke|stroke]]|Command line utility to control charon via the stroke protocol|
|[[swanctl]]|Configuration and control utility that communicates via [[vici]] interface|
|tpm_extendpcr|Tool that extends a digest into a TPM PCR|
| _updown[_espmark]|Default script called by the [[updown]] plugin on tunnel up/down events|

h3. h2. Removed Components with [[5.0.0]]

|\2(level2).Removed with version:5.5.1|
|[[Maemo|frontends/maemo]]|[[Maemo]] applet|
|\2(level2).Removed with version:5.4.0|
|libhydra|Contained daemon-specific code and plugins used by the charon and starter daemons|
|\2(level2).Removed with version:5.0.0|
|[[pluto]]|The old IKEv1 keying daemon.|
|libfreeswan|The deprecated library used by pluto.|
|whack|Command line utility to control pluto via the whack protocol.|