Imported Upstream version 4.6.4

8 files changed, 183 insertions, 53 deletions

diff --git a/src/stroke/Android.mk b/src/stroke/Android.mk
new file mode 100644
index 000000000..69b3e54ca
--- /dev/null
+++ b/src/stroke/Android.mk
@@ -0,0 +1,27 @@
+LOCAL_PATH := $(call my-dir)
+include $(CLEAR_VARS)
+
+# copy-n-paste from Makefile.am
+LOCAL_SRC_FILES := \
+stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
+
+# build stroke -----------------------------------------------------------------
+
+LOCAL_C_INCLUDES += \
+	$(libvstr_PATH) \
+	$(strongswan_PATH)/src/libstrongswan
+
+LOCAL_CFLAGS := $(strongswan_CFLAGS)
+
+LOCAL_MODULE := stroke
+
+LOCAL_MODULE_TAGS := optional
+
+LOCAL_ARM_MODE := arm
+
+LOCAL_PRELINK_MODULE := false
+
+LOCAL_SHARED_LIBRARIES += libstrongswan
+
+include $(BUILD_EXECUTABLE)
+
diff --git a/src/stroke/Makefile.am b/src/stroke/Makefile.am
index 363cde717..f93680b64 100644
--- a/src/stroke/Makefile.am
+++ b/src/stroke/Makefile.am
@@ -1,9 +1,11 @@
 ipsec_PROGRAMS = stroke
 
-stroke_SOURCES = stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
+stroke_SOURCES = \
+stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
+
 stroke_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la $(SOCKLIB)
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
-EXTRA_DIST = stroke_keywords.txt
+EXTRA_DIST = stroke_keywords.txt Android.mk
 BUILT_SOURCES = stroke_keywords.c
 MAINTAINERCLEANFILES = stroke_keywords.c
 AM_CFLAGS = -DIPSEC_PIDDIR=\"${piddir}\"
diff --git a/src/stroke/Makefile.in b/src/stroke/Makefile.in
index 4e8318e0f..946bacc20 100644
--- a/src/stroke/Makefile.in
+++ b/src/stroke/Makefile.in
@@ -169,6 +169,9 @@ am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
 am__tar = @am__tar@
 am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+axis2c_CFLAGS = @axis2c_CFLAGS@
+axis2c_LIBS = @axis2c_LIBS@
 bindir = @bindir@
 build = @build@
 build_alias = @build_alias@
@@ -177,6 +180,7 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
@@ -193,11 +197,13 @@ host_cpu = @host_cpu@
 host_os = @host_os@
 host_vendor = @host_vendor@
 htmldir = @htmldir@
+imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
 libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
@@ -241,6 +247,7 @@ sharedstatedir = @sharedstatedir@
 soup_CFLAGS = @soup_CFLAGS@
 soup_LIBS = @soup_LIBS@
 srcdir = @srcdir@
+starter_plugins = @starter_plugins@
 strongswan_conf = @strongswan_conf@
 sysconfdir = @sysconfdir@
 systemdsystemunitdir = @systemdsystemunitdir@
@@ -251,10 +258,12 @@ top_srcdir = @top_srcdir@
 urandom_device = @urandom_device@
 xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
-stroke_SOURCES = stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
+stroke_SOURCES = \
+stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
+
 stroke_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la $(SOCKLIB)
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
-EXTRA_DIST = stroke_keywords.txt
+EXTRA_DIST = stroke_keywords.txt Android.mk
 BUILT_SOURCES = stroke_keywords.c
 MAINTAINERCLEANFILES = stroke_keywords.c
 AM_CFLAGS = -DIPSEC_PIDDIR=\"${piddir}\"
diff --git a/src/stroke/stroke.c b/src/stroke/stroke.c
index 2c5a03d77..bb299567b 100644
--- a/src/stroke/stroke.c
+++ b/src/stroke/stroke.c
@@ -1,5 +1,5 @@
 /* Stroke for charon is the counterpart to whack from pluto
- * Copyright (C) 2007 Tobias Brunner
+ * Copyright (C) 2007-2012 Tobias Brunner
  * Copyright (C) 2006 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -19,7 +19,6 @@
 #include <sys/stat.h>
 #include <sys/socket.h>
 #include <sys/un.h>
-#include <sys/fcntl.h>
 #include <unistd.h>
 #include <dirent.h>
 #include <errno.h>
@@ -90,9 +89,11 @@ static int send_stroke_msg (stroke_msg_t *msg)
 	{
 		buffer[byte_count] = '\0';
 
-		/* we prompt if we receive the "Passphrase:"/"PIN:" magic keyword */
+		/* we prompt if we receive a magic keyword */
 		if ((byte_count >= 12 &&
 			 strcmp(buffer + byte_count - 12, "Passphrase:\n") == 0) ||
+			(byte_count >= 10 &&
+			 strcmp(buffer + byte_count - 10, "Password:\n") == 0) ||
 			(byte_count >= 5 &&
 			 strcmp(buffer + byte_count - 5, "PIN:\n") == 0))
 		{
@@ -102,7 +103,11 @@ static int send_stroke_msg (stroke_msg_t *msg)
 			{
 				*pass = ' ';
 			}
+#ifdef HAVE_GETPASS
 			pass = getpass(buffer);
+#else
+			pass = "";
+#endif
 			if (pass)
 			{
 				ignore_result(write(sock, pass, strlen(pass)));
@@ -231,7 +236,18 @@ static int show_status(stroke_keyword_t kw, char *connection)
 {
 	stroke_msg_t msg;
 
-	msg.type = (kw == STROKE_STATUS)? STR_STATUS:STR_STATUS_ALL;
+	switch (kw)
+	{
+		case STROKE_STATUSALL:
+			msg.type = STR_STATUS_ALL;
+			break;
+		case STROKE_STATUSALL_NOBLK:
+			msg.type = STR_STATUS_ALL_NOBLK;
+			break;
+		default:
+			msg.type = STR_STATUS;
+			break;
+	}
 	msg.length = offsetof(stroke_msg_t, buffer);
 	msg.status.name = push_string(&msg, connection);
 	return send_stroke_msg(&msg);
@@ -249,6 +265,7 @@ static int list_flags[] = {
 	LIST_CRLS,
 	LIST_OCSP,
 	LIST_ALGS,
+	LIST_PLUGINS,
 	LIST_ALL
 };
 
@@ -326,6 +343,28 @@ static int leases(stroke_keyword_t kw, char *pool, char *address)
 	return send_stroke_msg(&msg);
 }
 
+static int memusage()
+{
+	stroke_msg_t msg;
+
+	msg.type = STR_MEMUSAGE;
+	msg.length = offsetof(stroke_msg_t, buffer);
+	return send_stroke_msg(&msg);
+}
+
+static int user_credentials(char *name, char *user, char *pass)
+{
+	stroke_msg_t msg;
+
+	msg.type = STR_USER_CREDS;
+	msg.length = offsetof(stroke_msg_t, buffer);
+	msg.user_creds.name = push_string(&msg, name);
+	msg.user_creds.username = push_string(&msg, user);
+	msg.user_creds.password = push_string(&msg, pass);
+	return send_stroke_msg(&msg);
+}
+
+
 static int set_loglevel(char *type, u_int level)
 {
 	stroke_msg_t msg;
@@ -369,10 +408,14 @@ static void exit_usage(char *error)
 	printf("    where: START and optional END define the clients source IP\n");
 	printf("  Set loglevel for a logging type:\n");
 	printf("    stroke loglevel TYPE LEVEL\n");
-	printf("    where: TYPE is any|dmn|mgr|ike|chd|job|cfg|knl|net|enc|lib\n");
+	printf("    where: TYPE is any|dmn|mgr|ike|chd|job|cfg|knl|net|asn|enc|tnc|imc|imv|pts|tls|lib\n");
 	printf("           LEVEL is -1|0|1|2|3|4\n");
 	printf("  Show connection status:\n");
 	printf("    stroke status\n");
+	printf("  Show extended status information:\n");
+	printf("    stroke statusall\n");
+	printf("  Show extended status information without blocking:\n");
+	printf("    stroke statusallnb\n");
 	printf("  Show list of authority and attribute certificates:\n");
 	printf("    stroke listcacerts|listocspcerts|listaacerts|listacerts\n");
 	printf("  Show list of end entity certificates, ca info records  and crls:\n");
@@ -393,8 +436,15 @@ static void exit_usage(char *error)
 	printf("    stroke purgeike\n");
 	printf("  Export credentials to the console:\n");
 	printf("    stroke exportx509 DN\n");
+	printf("  Show current memory usage:\n");
+	printf("    stroke memusage\n");
 	printf("  Show leases of a pool:\n");
 	printf("    stroke leases [POOL [ADDRESS]]\n");
+	printf("  Set username and password for a connection:\n");
+	printf("    stroke user-creds NAME USERNAME [PASSWORD]\n");
+	printf("    where: NAME is a connection name added with \"stroke add\"\n");
+	printf("           USERNAME is the username\n");
+	printf("           PASSWORD is the optional password, you'll be asked to enter it if not given\n");
 	exit_error(error);
 }
 
@@ -489,6 +539,7 @@ int main(int argc, char *argv[])
 			break;
 		case STROKE_STATUS:
 		case STROKE_STATUSALL:
+		case STROKE_STATUSALL_NOBLK:
 			res = show_status(token->kw, argc > 2 ? argv[2] : NULL);
 			break;
 		case STROKE_LIST_PUBKEYS:
@@ -501,6 +552,7 @@ int main(int argc, char *argv[])
 		case STROKE_LIST_CRLS:
 		case STROKE_LIST_OCSP:
 		case STROKE_LIST_ALGS:
+		case STROKE_LIST_PLUGINS:
 		case STROKE_LIST_ALL:
 			res = list(token->kw, argc > 2 && strcmp(argv[2], "--utc") == 0);
 			break;
@@ -530,6 +582,17 @@ int main(int argc, char *argv[])
 			res = leases(token->kw, argc > 2 ? argv[2] : NULL,
 						 argc > 3 ? argv[3] : NULL);
 			break;
+		case STROKE_MEMUSAGE:
+			res = memusage();
+			break;
+		case STROKE_USER_CREDS:
+			if (argc < 4)
+			{
+				exit_usage("\"user-creds\" needs a connection name, "
+						   "username and optionally a password");
+			}
+			res = user_credentials(argv[2], argv[3], argc > 4 ? argv[4] : NULL);
+			break;
 		default:
 			exit_usage(NULL);
 	}
diff --git a/src/stroke/stroke_keywords.c b/src/stroke/stroke_keywords.c
index b43f4b475..b5ca2e143 100644
--- a/src/stroke/stroke_keywords.c
+++ b/src/stroke/stroke_keywords.c
@@ -54,12 +54,12 @@ struct stroke_token {
     stroke_keyword_t kw;
 };
 
-#define TOTAL_KEYWORDS 37
+#define TOTAL_KEYWORDS 41
 #define MIN_WORD_LENGTH 2
 #define MAX_WORD_LENGTH 15
 #define MIN_HASH_VALUE 2
-#define MAX_HASH_VALUE 42
-/* maximum key range = 41, duplicates = 0 */
+#define MAX_HASH_VALUE 44
+/* maximum key range = 43, duplicates = 0 */
 
 #ifdef __GNUC__
 __inline
@@ -75,32 +75,32 @@ hash (str, len)
 {
   static const unsigned char asso_values[] =
     {
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 20, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43,  0, 23,  1,
-       1, 15, 43, 21, 43, 23, 43,  9,  0, 43,
-      43, 10,  2, 43,  6,  5,  1,  0, 43, 43,
-       2, 19, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43, 43, 43, 43, 43,
-      43, 43, 43, 43, 43, 43
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 15, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45,  0, 30,  1,
+       1, 15, 45, 15, 45, 30, 45, 13,  0,  0,
+      45,  9,  3, 45,  6, 18,  1,  0, 45, 45,
+       5,  0, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+      45, 45, 45, 45, 45, 45
     };
   register int hval = len;
 
@@ -132,10 +132,10 @@ static const struct stroke_token wordlist[] =
     {"listall",         STROKE_LIST_ALL},
     {"delete",          STROKE_DELETE},
     {"listcrls",        STROKE_LIST_CRLS},
-    {"status",          STROKE_STATUS},
+    {"rekey",           STROKE_REKEY},
     {"listaacerts",     STROKE_LIST_AACERTS},
     {"listcacerts",     STROKE_LIST_CACERTS},
-    {"statusall",       STROKE_STATUSALL},
+    {"listplugins",     STROKE_LIST_PLUGINS},
     {"rereadall",       STROKE_REREAD_ALL},
     {"listcerts",       STROKE_LIST_CERTS},
     {"rereadcrls",      STROKE_REREAD_CRLS},
@@ -144,32 +144,36 @@ static const struct stroke_token wordlist[] =
     {"rereadcacerts",   STROKE_REREAD_CACERTS},
     {"leases",          STROKE_LEASES},
     {"unroute",         STROKE_UNROUTE},
-    {"listocsp",        STROKE_LIST_OCSP},
-    {"rereadsecrets",   STROKE_REREAD_SECRETS},
+    {"listalgs",        STROKE_LIST_ALGS},
+    {"status",          STROKE_STATUS},
     {"listacerts",      STROKE_LIST_ACERTS},
     {"route",           STROKE_ROUTE},
+    {"statusall",       STROKE_STATUSALL},
     {"purgeocsp",       STROKE_PURGE_OCSP},
-    {"listocspcerts",   STROKE_LIST_OCSPCERTS},
-    {"listalgs",        STROKE_LIST_ALGS},
-    {"rekey",           STROKE_REKEY},
+    {"statusallnb",     STROKE_STATUSALL_NOBLK},
     {"rereadocspcerts", STROKE_REREAD_OCSPCERTS},
+    {"user-creds",      STROKE_USER_CREDS},
+    {"down-srcip",      STROKE_DOWN_SRCIP},
     {"purgecrls",       STROKE_PURGE_CRLS},
+    {"listgroups",      STROKE_LIST_GROUPS},
+    {"listocsp",        STROKE_LIST_OCSP},
     {"exportx509",      STROKE_EXPORT_X509},
+    {"rereadsecrets",   STROKE_REREAD_SECRETS},
+    {"loglevel",        STROKE_LOGLEVEL},
     {"purgeike",        STROKE_PURGE_IKE},
+    {"listocspcerts",   STROKE_LIST_OCSPCERTS},
+    {"memusage",        STROKE_MEMUSAGE},
     {"listcainfos",     STROKE_LIST_CAINFOS},
-    {"listpubkeys",     STROKE_LIST_PUBKEYS},
-    {"down-srcip",      STROKE_DOWN_SRCIP},
-    {"loglevel",        STROKE_LOGLEVEL},
-    {"listgroups",      STROKE_LIST_GROUPS},
-    {"purgecerts",      STROKE_PURGE_CERTS}
+    {"purgecerts",      STROKE_PURGE_CERTS},
+    {"listpubkeys",     STROKE_LIST_PUBKEYS}
   };
 
 static const short lookup[] =
   {
     -1, -1,  0,  1,  2,  3, -1,  4,  5,  6, -1,  7,  8,  9,
     10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
-    24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, -1, -1, 35,
-    36
+    24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37,
+    38, 39, 40
   };
 
 #ifdef __GNUC__
diff --git a/src/stroke/stroke_keywords.h b/src/stroke/stroke_keywords.h
index ff2ba36ef..554d071f3 100644
--- a/src/stroke/stroke_keywords.h
+++ b/src/stroke/stroke_keywords.h
@@ -29,6 +29,7 @@ typedef enum {
 	STROKE_LOGLEVEL,
 	STROKE_STATUS,
 	STROKE_STATUSALL,
+	STROKE_STATUSALL_NOBLK,
 	STROKE_LIST_PUBKEYS,
 	STROKE_LIST_CERTS,
 	STROKE_LIST_CACERTS,
@@ -40,6 +41,7 @@ typedef enum {
 	STROKE_LIST_CRLS,
 	STROKE_LIST_OCSP,
 	STROKE_LIST_ALGS,
+	STROKE_LIST_PLUGINS,
 	STROKE_LIST_ALL,
 	STROKE_REREAD_SECRETS,
 	STROKE_REREAD_CACERTS,
@@ -54,6 +56,8 @@ typedef enum {
 	STROKE_PURGE_IKE,
 	STROKE_EXPORT_X509,
 	STROKE_LEASES,
+	STROKE_MEMUSAGE,
+	STROKE_USER_CREDS,
 } stroke_keyword_t;
 
 #define STROKE_LIST_FIRST		STROKE_LIST_PUBKEYS
diff --git a/src/stroke/stroke_keywords.txt b/src/stroke/stroke_keywords.txt
index dafd1ab08..1d7ab8a45 100644
--- a/src/stroke/stroke_keywords.txt
+++ b/src/stroke/stroke_keywords.txt
@@ -36,6 +36,7 @@ rekey,           STROKE_REKEY
 loglevel,        STROKE_LOGLEVEL
 status,          STROKE_STATUS
 statusall,       STROKE_STATUSALL
+statusallnb,     STROKE_STATUSALL_NOBLK
 listpubkeys,     STROKE_LIST_PUBKEYS
 listcerts,       STROKE_LIST_CERTS
 listcacerts,     STROKE_LIST_CACERTS
@@ -47,6 +48,7 @@ listcainfos,     STROKE_LIST_CAINFOS
 listcrls,        STROKE_LIST_CRLS
 listocsp,        STROKE_LIST_OCSP
 listalgs,        STROKE_LIST_ALGS
+listplugins,     STROKE_LIST_PLUGINS
 listall,         STROKE_LIST_ALL
 rereadsecrets,   STROKE_REREAD_SECRETS
 rereadcacerts,   STROKE_REREAD_CACERTS
@@ -61,3 +63,5 @@ purgecerts,      STROKE_PURGE_CERTS
 purgeike,        STROKE_PURGE_IKE
 exportx509,      STROKE_EXPORT_X509
 leases,          STROKE_LEASES
+memusage,        STROKE_MEMUSAGE
+user-creds,      STROKE_USER_CREDS
diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h
index 9800d4319..434122511 100644
--- a/src/stroke/stroke_msg.h
+++ b/src/stroke/stroke_msg.h
@@ -65,8 +65,10 @@ enum list_flag_t {
 	LIST_OCSP =			0x0200,
 	/** list all supported algorithms */
 	LIST_ALGS =			0x0400,
+	/** list plugin information */
+	LIST_PLUGINS =		0x0800,
 	/** all list options */
-	LIST_ALL =			0x07FF,
+	LIST_ALL =			0x0FFF,
 };
 
 typedef enum reread_flag_t reread_flag_t;
@@ -144,6 +146,7 @@ struct stroke_end_t {
 	char *id;
 	char *id2;
 	char *eap_id;
+	char *rsakey;
 	char *cert;
 	char *cert2;
 	char *ca;
@@ -194,6 +197,8 @@ struct stroke_msg_t {
 		STR_STATUS,
 		/* show verbose connection status */
 		STR_STATUS_ALL,
+		/* show verbose connection status, non-blocking variant */
+		STR_STATUS_ALL_NOBLK,
 		/* add a ca information record */
 		STR_ADD_CA,
 		/* delete ca information record */
@@ -212,6 +217,10 @@ struct stroke_msg_t {
 		STR_LEASES,
 		/* export credentials */
 		STR_EXPORT,
+		/* print memory usage details */
+		STR_MEMUSAGE,
+		/* set username and password for a connection */
+		STR_USER_CREDS,
 		/* more to come */
 	} type;
 
@@ -247,6 +256,7 @@ struct stroke_msg_t {
 			time_t inactivity;
 			int proxy_mode;
 			int install_policy;
+			int close_action;
 			u_int32_t reqid;
 			u_int32_t tfc;
 
@@ -333,6 +343,13 @@ struct stroke_msg_t {
 			char *pool;
 			char *address;
 		} leases;
+
+		/* data for STR_USER_CREDS */
+		struct {
+			char *name;
+			char *username;
+			char *password;
+		} user_creds;
 	};
 	char buffer[STROKE_BUF_LEN];
 };