[strongSwan-dev] Phase 2 key exchange
Martin Willi
martin at strongswan.org
Fri Jul 13 10:34:13 CEST 2012
Hi Igor,
> Could anyone tell me where is the function which does the phase 2 key
> exchange?
There is not a single function. For IKE exchanges, we use a concept with
so called tasks. These have build() and process() methods to handle
incoming and outgoing messages, controlled through the task manager.
> I look the child_rekey.c
This is the task for rekeying IKEv2 CHILD_SAs. It reuses the
child_create task to handle the actual exchange, build and process
payloads. The same child_create task is used to initially set up a
CHILD_SA, either in a IKE_AUTH or a CREATE_CHILD_SA exchange.
Regards
Martin
More information about the Dev
mailing list