KEY_EXCHANGE_IKEV2
} keyexchange_t;
+typedef enum {
+ STRICT_NO,
+ STRICT_YES,
+ STRICT_IFURI
+} strict_t;
+
typedef struct starter_end starter_end_t;
struct starter_end {
char *cert;
char *ca;
char *groups;
- char *iface;
+ char *iface;
ip_address addr;
ip_address nexthop;
ip_address srcip;
- ip_subnet subnet;
+ ip_subnet subnet;
bool has_client;
bool has_client_wildcard;
- bool has_port_wildcard;
+ bool has_port_wildcard;
bool has_srcip;
+ bool has_natip;
bool modecfg;
certpolicy_t sendcert;
bool firewall;
bool hostaccess;
+ bool allow_any;
char *updown;
u_int16_t port;
u_int8_t protocol;
-#ifdef VIRTUAL_IP
char *virt;
-#endif
};
typedef struct also also_t;
starter_state_t state;
keyexchange_t keyexchange;
+ int eap;
lset_t policy;
time_t sa_ike_life_seconds;
time_t sa_ipsec_life_seconds;
char *crluri;
char *crluri2;
char *ocspuri;
+ char *ocspuri2;
bool strict;
bool charonstart;
bool plutostart;
- /* pluto keywords */
- char **plutodebug;
- char *prepluto;
- char *postpluto;
- bool uniqueids;
- u_int overridemtu;
- u_int crlcheckinterval;
- bool cachecrls;
- bool strictcrlpolicy;
- bool nocrsend;
- bool nat_traversal;
- u_int keep_alive;
- char *virtual_private;
- char *pkcs11module;
- bool pkcs11keepstate;
- bool pkcs11proxy;
+ /* pluto/charon keywords */
+ char **plutodebug;
+ char *charondebug;
+ char *prepluto;
+ char *postpluto;
+ bool uniqueids;
+ u_int overridemtu;
+ u_int crlcheckinterval;
+ bool cachecrls;
+ strict_t strictcrlpolicy;
+ bool nocrsend;
+ bool nat_traversal;
+ u_int keep_alive;
+ char *virtual_private;
+ char *eapdir;
+ char *pkcs11module;
+ char *pkcs11initargs;
+ bool pkcs11keepstate;
+ bool pkcs11proxy;
/* KLIPS keywords */
char **klipsdebug;
defaultroute_t defaultroute;
/* number of encountered parsing errors */
- u_int err;
+ u_int err;
+ u_int non_fatal_err;
/* do we parse also statements */
bool parse_also;
projects / strongswan.git / blobdiff