rosemary: Initial device vendor commit

proprietary/vendor/etc/ipsec/ipsec.conf

@@ -0,0 +1,14 @@
+config setup
+
+conn %default
+	ikelifetime=600m
+	keylife=300m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2        
+	dpdaction=clear
+	dpddelay=120s
+	dpdtimeout=600s
+	reauth=no
+
+include /data/vendor/ipsec/wo_apn.conf

proprietary/vendor/etc/ipsec/ipsec.d/cacerts/Entrust.net_Certification_Authority_2048.cer

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u
+ZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxp
+bWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV
+BAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQx
+NzUwNTFaFw0yOTA3MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3
+d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl
+MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u
+ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOL
+Gp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSr
+hRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzW
+nLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUi
+VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo0IwQDAOBgNVHQ8BAf8E
+BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJ
+KoZIhvcNAQEFBQADggEBADubj1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPy
+T/4xmf3IDExoU8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf
+zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5bu/8j72gZyxKT
+J1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+bYQLCIt+jerXmCHG8+c8eS9e
+nNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/ErfF6adulZkMV8gzURZVE=
+-----END CERTIFICATE-----

proprietary/vendor/etc/ipsec/ipsec.d/cacerts/Root_CA_1003.crt

@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEZTCCA02gAwIBAgICEAEwDQYJKoZIhvcNAQEFBQAwRDEUMBIGA1UECgwLT3Bl
+bkNBIExhYnMxFTATBgNVBAsMDEFwcGxpY2F0aW9uczEVMBMGA1UEAwwMcm9vdCBj
+YSBlcGRnMB4XDTE0MDIyNTA4MzM0NloXDTI0MDIyMzA4MzM0NlowRDEUMBIGA1UE
+CgwLT3BlbkNBIExhYnMxFTATBgNVBAsMDEFwcGxpY2F0aW9uczEVMBMGA1UEAwwM
+cm9vdCBjYSBlcGRnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyJR
+tlJHAWVtZg/zXQg38MZtyschiHGA5WcQOaXsE0ojf5yRQmoY8ipuTvUEWBnKlzur
+5huUf6PJNACI3hCA4wgIuz/Efs0DUjd1pGQTm5Rkv+FkWIafl87R7S1A6uauZe59
+mB4o2EATQtHkhPqWkL2OVuxBqKsvlEBO7wtjpM+MLbliYnfppA54UTX1W0GlkmpD
+zYiIyHHIEKsH+V+G0QMICZipi1Z8u3Zh0nG9ffmCHev534bXwSx9IlOFHHdSL8rA
+VDuipqMT/AzawgHQW2LhqhxK16orIk3WrkkwLnACNKAyFibx4EsY0pjAaXx8Hvjw
+sQy9LmI+0IRsrG/HpwIDAQABo4IBXzCCAVswDwYDVR0TAQH/BAUwAwEB/zALBgNV
+HQ8EBAMCAQYwHQYDVR0OBBYEFKQysYrn04rdld3bPOtvoRyuuW0mMB8GA1UdIwQY
+MBaAFKQysYrn04rdld3bPOtvoRyuuW0mMBwGA1UdEQQVMBOBEXdlYm1hc3RlckBl
+emMuY29tMBwGA1UdEgQVMBOBEXdlYm1hc3RlckBlemMuY29tMIGHBggrBgEFBQcB
+AQR7MHkwNAYIKwYBBQUHMAKGKGh0dHA6Ly9zc3Itc2ltL3BraS9wdWIvY2FjZXJ0
+L2NhY2VydC5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9zc3Itc2ltOjI1NjAvMB8G
+CCsGAQUFBzAMhhNodHRwOi8vc3NyLXNpbTo4MzAvMDUGA1UdHwQuMCwwKqAooCaG
+JGh0dHA6Ly9zc3Itc2ltL3BraS9wdWIvY3JsL2NhY3JsLmNybDANBgkqhkiG9w0B
+AQUFAAOCAQEAJg2zRv5qD8OXiegzfCeaDsYk4uZZ1Vp8hhKtUOkBEg6Qpl8Tpng3
+/nnSmjMIhBvlcYdd7oN6RcQ2PjD4ceKizt48wnFIcppeI5OnK0Eaq5cPDvy8y90Z
+Iw+JBc3YMS6czq0einbX1x1kcZBxQGZCEQnCH3qauDZG9R1xV1o4bsev8VV8TREN
+tk0zeoL2aKdzWtPQxF526PxrQZLfiGlF57UMjNaQKxBi8Zi1TkEHl95XxgxIuxDj
+6W4EQeiusuMd4ZXBvgbAP1gV/CXNPP5Y0ydVDd9U5g1Is0iDFyN2YCkr67gTpa8l
+Q4lom0pEhdl0a/CIPE3HZO7l/IGrAu31aA==
+-----END CERTIFICATE-----

proprietary/vendor/etc/ipsec/ipsec.d/cacerts/gold.cer

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB
+pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz
+IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT
+lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz
+AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5
+VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG
+ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2
+BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG
+AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M
+U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh
+bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C
++C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC
+bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
+uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
+XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
+-----END CERTIFICATE-----

proprietary/vendor/etc/ipsec/strongswan.conf

@@ -0,0 +1,65 @@
+# strongswan.conf - strongSwan configuration file
+
+charon {
+
+	# number of worker threads in charon
+	threads = 16
+	
+	# plugins to load in charon
+	# load = aes des gmp hmac md5 random sha1 sha2 pubkey xcbc x509 stroke
+
+    #NAT keep alive interval.
+	keep_alive = 3m
+	
+	plugins {	
+		sql {		
+			# loglevel to log into sql database
+			loglevel = -1
+			
+			# URI to the database
+			# database = sqlite:///path/to/file.db
+			# database = mysql://user:password@localhost/database
+		}
+		
+		updown {
+			dns_handler = yes
+		}
+
+		android_log {
+			loglevel = -1
+		}
+	}
+
+	# Number of times to retransmit a packet before giving up.
+	retransmit_tries = 4
+	# Timeout in seconds before sending first retransmit.
+	retransmit_timeout = 2
+	# Base to use for calculating exponential back off, see Retransmission.
+	retransmit_base = 1
+	interfaces_use = wlan0
+	install_virtual_ip = no
+	port = 10500
+	port_nat_t = 14500
+	alarm_timer_wake_lock = 1
+
+    filelog {
+#         /data/misc/vpn/charon.log {
+#            time_format = %b %e %T
+#            ike_name = yes
+#            append = no
+#            default = 4
+#            flush_line = yes
+#        }
+#
+#       stderr {
+#            ike = 1
+#            knl = 1
+#       }
+    }
+    syslog {
+    }
+
+#   hash_and_url = yes
+}
+
+#include strongswan.d/*.conf