ipsec-332.tar.gz

[apple/ipsec.git] / ipsec-tools / racoon / isakmp_xauth.h

diff --git a/ipsec-tools/racoon/isakmp_xauth.h b/ipsec-tools/racoon/isakmp_xauth.h
index 5d4bdbbc731955ebb5c57651f74e2f98296e5464..1ea8ed591341782d794dc5eb221896e04abb449a 100644 (file)
--- a/ipsec-tools/racoon/isakmp_xauth.h
+++ b/ipsec-tools/racoon/isakmp_xauth.h
@@ -1,3 +1,5 @@
+/*     $NetBSD: isakmp_xauth.h,v 1.4 2006/09/09 16:22:09 manu Exp $    */
+
 /*     $KAME$ */
 
 /*
@@ -29,6 +31,11 @@
  * SUCH DAMAGE.
  */
 
+#ifndef _ISAKMP_XAUTH_H
+#define _ISAKMP_XAUTH_H
+
+#include "racoon_types.h"
+
 /* ISAKMP mode config attribute types specific to the Xauth vendor ID */
 #define        XAUTH_TYPE                16520
 #define        XAUTH_USER_NAME           16521
@@ -51,8 +58,9 @@
 #define        XAUTH_STATUS_FAIL       0
 #define        XAUTH_STATUS_OK         1
 
+/* For phase 1 Xauth status */
 struct xauth_state {
-       int status;
+       int status; /* authentication status, used only on server side */
        int vendorid;
        int authtype;
        union {
@@ -63,6 +71,18 @@ struct xauth_state {
        } authdata;
 };
 
+/* What's been sent */
+#define XAUTH_SENT_USERNAME 1
+#define XAUTH_SENT_PASSWORD 2
+#define XAUTH_SENT_EVERYTHING (XAUTH_SENT_USERNAME | XAUTH_SENT_PASSWORD)
+
+/* For rmconf Xauth data */
+struct xauth_rmconf {
+       vchar_t *login; /* xauth login */
+       vchar_t *pass;  /* xauth password */
+       int state;      /* what's been sent */
+};
+
 /* status */
 #define XAUTHST_NOTYET 0
 #define XAUTHST_REQSENT        1
@@ -75,22 +95,20 @@ struct xauth_reply_arg {
        int res;
 };
 
-struct ph1handle;
-void xauth_sendreq(struct ph1handle *);
-void xauth_attr_reply(struct ph1handle *, struct isakmp_data *, int);
-int xauth_login_system(char *, char *);
-void xauth_sendstatus(struct ph1handle *, int, int);
-int xauth_check(struct ph1handle *);
-vchar_t *isakmp_xauth_req(struct ph1handle *, struct isakmp_data *);
-vchar_t *isakmp_xauth_set(struct ph1handle *, struct isakmp_data *);
-void xauth_rmstate(struct xauth_state *);
-void xauth_reply_stub(void *);
-void xauth_reply(struct ph1handle *, int, int, int);
+struct isakmp_data;
+void xauth_sendreq (phase1_handle_t *);
+int xauth_attr_reply (phase1_handle_t *, struct isakmp_data *, int);
+int xauth_login_system (char *, char *);
+void xauth_sendstatus (phase1_handle_t *, int, int);
+int xauth_check (phase1_handle_t *);
+int group_check (phase1_handle_t *, char **, int);
+vchar_t *isakmp_xauth_req (phase1_handle_t *, struct isakmp_data *);
+vchar_t *isakmp_xauth_set (phase1_handle_t *, struct isakmp_data *);
+void xauth_rmstate (struct xauth_state *);
+void xauth_reply_stub (void *);
+int xauth_reply (phase1_handle_t *, int, int, int);
+int xauth_rmconf_used (struct xauth_rmconf **);
+void xauth_rmconf_delete (struct xauth_rmconf **);
+
 
-#ifdef HAVE_LIBRADIUS
-int xauth_login_radius(struct ph1handle *, char *, char *);
-int xauth_radius_init(void);
-#endif
-#ifdef HAVE_LIBPAM
-int xauth_login_pam(int, struct sockaddr *, char *, char *);
-#endif
+#endif /* _ISAKMP_XAUTH_H */