support of PKCS#11 init arguments required by NSS softoken, patch contributed by...
[strongswan.git] / src / starter / confread.h
index 24b0489..970166c 100644 (file)
@@ -46,6 +46,12 @@ typedef enum {
        KEY_EXCHANGE_IKEV2
 } keyexchange_t;
 
        KEY_EXCHANGE_IKEV2
 } keyexchange_t;
 
+typedef enum {
+       STRICT_NO,
+       STRICT_YES,
+       STRICT_IFURI
+} strict_t;
+
 typedef struct starter_end starter_end_t;
 
 struct starter_end {
 typedef struct starter_end starter_end_t;
 
 struct starter_end {
@@ -69,6 +75,7 @@ struct starter_end {
        certpolicy_t    sendcert;
        bool            firewall;
        bool            hostaccess;
        certpolicy_t    sendcert;
        bool            firewall;
        bool            hostaccess;
+       bool            allow_any;
        char            *updown;
        u_int16_t       port;
        u_int8_t        protocol;
        char            *updown;
        u_int16_t       port;
        u_int8_t        protocol;
@@ -95,6 +102,7 @@ struct starter_conn {
        starter_state_t state;
 
        keyexchange_t   keyexchange;
        starter_state_t state;
 
        keyexchange_t   keyexchange;
+       int                     eap;
        lset_t          policy;
        time_t          sa_ike_life_seconds;
        time_t          sa_ipsec_life_seconds;
        lset_t          policy;
        time_t          sa_ike_life_seconds;
        time_t          sa_ipsec_life_seconds;
@@ -137,6 +145,7 @@ struct starter_ca {
        char            *crluri;
        char            *crluri2;
        char            *ocspuri;
        char            *crluri;
        char            *crluri2;
        char            *ocspuri;
+       char            *ocspuri2;
 
        bool            strict;
 
 
        bool            strict;
 
@@ -154,22 +163,24 @@ struct starter_config {
                bool    plutostart;
 
                /* pluto/charon keywords */
                bool    plutostart;
 
                /* pluto/charon keywords */
-               char    **plutodebug;
-               char    *charondebug;
-               char    *prepluto;
-               char    *postpluto;
-               bool    uniqueids;
-               u_int   overridemtu;
-               u_int   crlcheckinterval;
-               bool    cachecrls;
-               bool    strictcrlpolicy;
-               bool    nocrsend;
-               bool    nat_traversal;
-               u_int   keep_alive;
-               char    *virtual_private;
-               char    *pkcs11module;
-               bool    pkcs11keepstate;
-               bool    pkcs11proxy;
+               char     **plutodebug;
+               char     *charondebug;
+               char     *prepluto;
+               char     *postpluto;
+               bool     uniqueids;
+               u_int    overridemtu;
+               u_int    crlcheckinterval;
+               bool     cachecrls;
+               strict_t strictcrlpolicy;
+               bool     nocrsend;
+               bool     nat_traversal;
+               u_int    keep_alive;
+               char     *virtual_private;
+               char     *eapdir;
+               char     *pkcs11module;
+               char     *pkcs11initargs;
+               bool     pkcs11keepstate;
+               bool     pkcs11proxy;
 
                /* KLIPS keywords */
                char    **klipsdebug;
 
                /* KLIPS keywords */
                char    **klipsdebug;
@@ -182,7 +193,8 @@ struct starter_config {
        defaultroute_t defaultroute;
 
        /* number of encountered parsing errors */
        defaultroute_t defaultroute;
 
        /* number of encountered parsing errors */
-       u_int err;      
+       u_int err;
+       u_int non_fatal_err;
 
        /* do we parse also statements */
        bool parse_also;
 
        /* do we parse also statements */
        bool parse_also;