X-Git-Url: https://git.saurik.com/apple/ipsec.git/blobdiff_plain/52b7d2ce06d68d0a9160d16f6e7c08c21c149d0d..6b88cae0d0da46a0b1b6418a44da86af3e4527c3:/ipsec-tools/racoon/isakmp_xauth.h

diff --git a/ipsec-tools/racoon/isakmp_xauth.h b/ipsec-tools/racoon/isakmp_xauth.h
index 5d4bdbb..1ea8ed5 100644
--- a/ipsec-tools/racoon/isakmp_xauth.h
+++ b/ipsec-tools/racoon/isakmp_xauth.h
@@ -1,3 +1,5 @@
+/*	$NetBSD: isakmp_xauth.h,v 1.4 2006/09/09 16:22:09 manu Exp $	*/
+
 /*	$KAME$ */
 
 /*
@@ -29,6 +31,11 @@
  * SUCH DAMAGE.
  */
 
+#ifndef _ISAKMP_XAUTH_H
+#define _ISAKMP_XAUTH_H
+
+#include "racoon_types.h"
+
 /* ISAKMP mode config attribute types specific to the Xauth vendor ID */
 #define	XAUTH_TYPE                16520
 #define	XAUTH_USER_NAME           16521
@@ -51,8 +58,9 @@
 #define	XAUTH_STATUS_FAIL       0
 #define	XAUTH_STATUS_OK         1
 
+/* For phase 1 Xauth status */
 struct xauth_state {
-	int status;
+	int status; /* authentication status, used only on server side */
 	int vendorid;
 	int authtype;
 	union {
@@ -63,6 +71,18 @@ struct xauth_state {
 	} authdata;
 };
 
+/* What's been sent */
+#define XAUTH_SENT_USERNAME 1
+#define XAUTH_SENT_PASSWORD 2
+#define XAUTH_SENT_EVERYTHING (XAUTH_SENT_USERNAME | XAUTH_SENT_PASSWORD)
+
+/* For rmconf Xauth data */
+struct xauth_rmconf {
+	vchar_t *login;	/* xauth login */
+	vchar_t *pass;	/* xauth password */
+	int state;      /* what's been sent */
+};
+
 /* status */
 #define XAUTHST_NOTYET	0
 #define XAUTHST_REQSENT	1
@@ -75,22 +95,20 @@ struct xauth_reply_arg {
 	int res;
 };
 
-struct ph1handle;
-void xauth_sendreq(struct ph1handle *);
-void xauth_attr_reply(struct ph1handle *, struct isakmp_data *, int);
-int xauth_login_system(char *, char *);
-void xauth_sendstatus(struct ph1handle *, int, int);
-int xauth_check(struct ph1handle *);
-vchar_t *isakmp_xauth_req(struct ph1handle *, struct isakmp_data *);
-vchar_t *isakmp_xauth_set(struct ph1handle *, struct isakmp_data *);
-void xauth_rmstate(struct xauth_state *);
-void xauth_reply_stub(void *);
-void xauth_reply(struct ph1handle *, int, int, int);
+struct isakmp_data;
+void xauth_sendreq (phase1_handle_t *);
+int xauth_attr_reply (phase1_handle_t *, struct isakmp_data *, int);
+int xauth_login_system (char *, char *);
+void xauth_sendstatus (phase1_handle_t *, int, int);
+int xauth_check (phase1_handle_t *);
+int group_check (phase1_handle_t *, char **, int);
+vchar_t *isakmp_xauth_req (phase1_handle_t *, struct isakmp_data *);
+vchar_t *isakmp_xauth_set (phase1_handle_t *, struct isakmp_data *);
+void xauth_rmstate (struct xauth_state *);
+void xauth_reply_stub (void *);
+int xauth_reply (phase1_handle_t *, int, int, int);
+int xauth_rmconf_used (struct xauth_rmconf **);
+void xauth_rmconf_delete (struct xauth_rmconf **);
+
 
-#ifdef HAVE_LIBRADIUS
-int xauth_login_radius(struct ph1handle *, char *, char *);
-int xauth_radius_init(void);
-#endif
-#ifdef HAVE_LIBPAM
-int xauth_login_pam(int, struct sockaddr *, char *, char *);
-#endif
+#endif /* _ISAKMP_XAUTH_H */