summaryrefslogtreecommitdiff
path: root/src/starter/confread.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/starter/confread.h')
-rw-r--r--src/starter/confread.h324
1 files changed, 163 insertions, 161 deletions
diff --git a/src/starter/confread.h b/src/starter/confread.h
index 24a8d073e..b20c2e0d3 100644
--- a/src/starter/confread.h
+++ b/src/starter/confread.h
@@ -11,8 +11,6 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * RCSID $Id: confread.h 4612 2008-11-11 06:37:37Z andreas $
*/
#ifndef _IPSEC_CONFREAD_H_
@@ -20,205 +18,209 @@
#ifndef _FREESWAN_H
#include <freeswan.h>
-#include "../pluto/constants.h"
#endif
#include "parser.h"
#include "interfaces.h"
typedef enum {
- STARTUP_NO,
- STARTUP_ADD,
- STARTUP_ROUTE,
- STARTUP_START
+ STARTUP_NO,
+ STARTUP_ADD,
+ STARTUP_ROUTE,
+ STARTUP_START
} startup_t;
typedef enum {
- STATE_IGNORE,
- STATE_TO_ADD,
- STATE_ADDED,
- STATE_REPLACED,
- STATE_INVALID
+ STATE_IGNORE,
+ STATE_TO_ADD,
+ STATE_ADDED,
+ STATE_REPLACED,
+ STATE_INVALID
} starter_state_t;
typedef enum {
- KEY_EXCHANGE_IKE,
- KEY_EXCHANGE_IKEV1,
- KEY_EXCHANGE_IKEV2
+ KEY_EXCHANGE_IKE,
+ KEY_EXCHANGE_IKEV1,
+ KEY_EXCHANGE_IKEV2
} keyexchange_t;
typedef enum {
- STRICT_NO,
- STRICT_YES,
- STRICT_IFURI
+ STRICT_NO,
+ STRICT_YES,
+ STRICT_IFURI
} strict_t;
typedef struct starter_end starter_end_t;
struct starter_end {
- lset_t seen;
- char *id;
- char *rsakey;
- char *cert;
- char *ca;
- char *groups;
- char *iface;
- ip_address addr;
- ip_address nexthop;
- char *subnet;
- bool has_client;
- bool has_client_wildcard;
- bool has_port_wildcard;
- bool has_natip;
- bool has_virt;
- bool modecfg;
- certpolicy_t sendcert;
- bool firewall;
- bool hostaccess;
- bool allow_any;
- bool dns_failed;
- char *updown;
- u_int16_t port;
- u_int8_t protocol;
- char *srcip;
+ lset_t seen;
+ char *auth;
+ char *auth2;
+ char *id;
+ char *id2;
+ char *rsakey;
+ char *cert;
+ char *cert2;
+ char *ca;
+ char *ca2;
+ char *groups;
+ char *iface;
+ ip_address addr;
+ ip_address nexthop;
+ char *subnet;
+ bool has_client;
+ bool has_client_wildcard;
+ bool has_port_wildcard;
+ bool has_natip;
+ bool has_virt;
+ bool modecfg;
+ certpolicy_t sendcert;
+ bool firewall;
+ bool hostaccess;
+ bool allow_any;
+ bool dns_failed;
+ char *updown;
+ u_int16_t port;
+ u_int8_t protocol;
+ char *srcip;
};
typedef struct also also_t;
struct also {
- char *name;
- bool included;
- also_t *next;
+ char *name;
+ bool included;
+ also_t *next;
};
typedef struct starter_conn starter_conn_t;
struct starter_conn {
- lset_t seen;
- char *name;
- also_t *also;
- kw_list_t *kw;
- u_int visit;
- startup_t startup;
- starter_state_t state;
-
- keyexchange_t keyexchange;
- u_int32_t eap_type;
- u_int32_t eap_vendor;
- char *eap_identity;
- lset_t policy;
- time_t sa_ike_life_seconds;
- time_t sa_ipsec_life_seconds;
- time_t sa_rekey_margin;
- unsigned long sa_keying_tries;
- unsigned long sa_rekey_fuzz;
- sa_family_t addr_family;
- sa_family_t tunnel_addr_family;
- bool install_policy;
- starter_end_t left, right;
-
- unsigned long id;
-
- char *esp;
- char *ike;
- char *pfsgroup;
-
- time_t dpd_delay;
- time_t dpd_timeout;
- dpd_action_t dpd_action;
- int dpd_count;
-
- bool me_mediation;
- char *me_mediated_by;
- char *me_peerid;
-
- starter_conn_t *next;
+ lset_t seen;
+ char *name;
+ also_t *also;
+ kw_list_t *kw;
+ u_int visit;
+ startup_t startup;
+ starter_state_t state;
+
+ keyexchange_t keyexchange;
+ u_int32_t eap_type;
+ u_int32_t eap_vendor;
+ char *eap_identity;
+ lset_t policy;
+ time_t sa_ike_life_seconds;
+ time_t sa_ipsec_life_seconds;
+ time_t sa_rekey_margin;
+ unsigned long sa_keying_tries;
+ unsigned long sa_rekey_fuzz;
+ sa_family_t addr_family;
+ sa_family_t tunnel_addr_family;
+ bool install_policy;
+ starter_end_t left, right;
+
+ unsigned long id;
+
+ char *esp;
+ char *ike;
+ char *pfsgroup;
+
+ time_t dpd_delay;
+ time_t dpd_timeout;
+ dpd_action_t dpd_action;
+ int dpd_count;
+
+ bool me_mediation;
+ char *me_mediated_by;
+ char *me_peerid;
+
+ starter_conn_t *next;
};
typedef struct starter_ca starter_ca_t;
struct starter_ca {
- lset_t seen;
- char *name;
- also_t *also;
- kw_list_t *kw;
- u_int visit;
- startup_t startup;
- starter_state_t state;
-
- char *cacert;
- char *ldaphost;
- char *ldapbase;
- char *crluri;
- char *crluri2;
- char *ocspuri;
- char *ocspuri2;
- char *certuribase;
-
- bool strict;
-
- starter_ca_t *next;
+ lset_t seen;
+ char *name;
+ also_t *also;
+ kw_list_t *kw;
+ u_int visit;
+ startup_t startup;
+ starter_state_t state;
+
+ char *cacert;
+ char *ldaphost;
+ char *ldapbase;
+ char *crluri;
+ char *crluri2;
+ char *ocspuri;
+ char *ocspuri2;
+ char *certuribase;
+
+ bool strict;
+
+ starter_ca_t *next;
};
typedef struct starter_config starter_config_t;
struct starter_config {
- struct {
- lset_t seen;
- char **interfaces;
- char *dumpdir;
- bool charonstart;
- bool plutostart;
-
- /* pluto/charon keywords */
- char **plutodebug;
- char *charondebug;
- char *prepluto;
- char *postpluto;
- char *plutostderrlog;
- bool uniqueids;
- u_int overridemtu;
- u_int crlcheckinterval;
- bool cachecrls;
- strict_t strictcrlpolicy;
- bool nocrsend;
- bool nat_traversal;
- u_int keep_alive;
- u_int force_keepalive;
- char *virtual_private;
- char *pkcs11module;
- char *pkcs11initargs;
- bool pkcs11keepstate;
- bool pkcs11proxy;
-
- /* KLIPS keywords */
- char **klipsdebug;
- bool fragicmp;
- char *packetdefault;
- bool hidetos;
- } setup;
-
- /* information about the default route */
- defaultroute_t defaultroute;
-
- /* number of encountered parsing errors */
- u_int err;
- u_int non_fatal_err;
-
- /* do we parse also statements */
- bool parse_also;
-
- /* ca %default */
- starter_ca_t ca_default;
-
- /* connections list (without %default) */
- starter_ca_t *ca_first, *ca_last;
-
- /* conn %default */
- starter_conn_t conn_default;
-
- /* connections list (without %default) */
- starter_conn_t *conn_first, *conn_last;
+ struct {
+ lset_t seen;
+ char **interfaces;
+ char *dumpdir;
+ bool charonstart;
+ bool plutostart;
+
+ /* pluto/charon keywords */
+ char **plutodebug;
+ char *charondebug;
+ char *prepluto;
+ char *postpluto;
+ char *plutostderrlog;
+ bool uniqueids;
+ u_int overridemtu;
+ u_int crlcheckinterval;
+ bool cachecrls;
+ strict_t strictcrlpolicy;
+ bool nocrsend;
+ bool nat_traversal;
+ u_int keep_alive;
+ u_int force_keepalive;
+ char *virtual_private;
+ char *pkcs11module;
+ char *pkcs11initargs;
+ bool pkcs11keepstate;
+ bool pkcs11proxy;
+
+ /* KLIPS keywords */
+ char **klipsdebug;
+ bool fragicmp;
+ char *packetdefault;
+ bool hidetos;
+ } setup;
+
+ /* information about the default route */
+ defaultroute_t defaultroute;
+
+ /* number of encountered parsing errors */
+ u_int err;
+ u_int non_fatal_err;
+
+ /* do we parse also statements */
+ bool parse_also;
+
+ /* ca %default */
+ starter_ca_t ca_default;
+
+ /* connections list (without %default) */
+ starter_ca_t *ca_first, *ca_last;
+
+ /* conn %default */
+ starter_conn_t conn_default;
+
+ /* connections list (without %default) */
+ starter_conn_t *conn_first, *conn_last;
};
extern starter_config_t *confread_load(const char *file);