strongSwan History

Before 5.0.0 the IKEv1 part of strongSwan was a fork from the discontinued FreeS/WAN project. The keying daemon pluto had been extended by the strongSwan project in the 2.x series.

When development of IKEv2 started in 2005, integration of the new protocol into pluto was considered to be too complicated. Therefore a new daemon, charon, was built from scratch. The new daemon is multi-threaded and uses object-oriented design principles, but is still written in plain C. Its modular design allows customization through an increasing number of plugins.

The 4.x releases contained both daemons, which were controlled by the starter daemon and two helper utilities (stroke, whack) using distinct UNIX socket interfaces. To share the same UDP ports (IKEv1 and IKEv2 both use ports 500 and 4500) charon used RAW sockets.

With 5.0.0 IKEv1 was implemented in charon and pluto and libfreeswan were subsequently removed. With the exception of parts of starter and some crypto plugins no code from the FreeS/WAN project is left in the current strongSwan codebase.