1f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh/*	$NetBSD: remoteconf.h,v 1.16 2011/03/14 15:50:36 vanhu Exp $	*/
20a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
30a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Id: remoteconf.h,v 1.26 2006/05/06 15:52:44 manubsd Exp */
40a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
50a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/*
60a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
70a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * All rights reserved.
80a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *
90a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Redistribution and use in source and binary forms, with or without
100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * modification, are permitted provided that the following conditions
110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * are met:
120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 1. Redistributions of source code must retain the above copyright
130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *    notice, this list of conditions and the following disclaimer.
140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 2. Redistributions in binary form must reproduce the above copyright
150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *    notice, this list of conditions and the following disclaimer in the
160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *    documentation and/or other materials provided with the distribution.
170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 3. Neither the name of the project nor the names of its contributors
180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *    may be used to endorse or promote products derived from this software
190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *    without specific prior written permission.
200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *
210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * SUCH DAMAGE.
320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */
330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#ifndef _REMOTECONF_H
350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define _REMOTECONF_H
360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* remote configuration */
380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <sys/queue.h>
400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "genlist.h"
410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#ifdef ENABLE_HYBRID
420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "isakmp_var.h"
430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "isakmp_xauth.h"
440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif
450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
46f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstruct ph1handle;
47f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstruct secprotospec;
480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct etypes {
500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int type;
510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct etypes *next;
520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang};
530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
54f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh/* ISAKMP SA specification */
55f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstruct isakmpsa {
56f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int prop_no;
57f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int trns_no;
58f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	time_t lifetime;
59f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	size_t lifebyte;
60f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int enctype;
61f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int encklen;
62f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int authmethod;
63f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int hashtype;
64f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int vendorid;
65f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#ifdef HAVE_GSSAPI
66f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	vchar_t *gssid;
67f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#endif
68f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int dh_group;			/* don't use it if aggressive mode */
69f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	struct dhgroup *dhgrp;		/* don't use it if aggressive mode */
70f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
71f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	struct isakmpsa *next;		/* next transform */
72f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh};
73f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
74f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh/* Certificate information */
75f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstruct rmconf_cert {
76f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	vchar_t *data;			/* certificate payload */
77f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	char *filename;			/* name of local file */
78f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh};
79f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Script hooks */
810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define SCRIPT_PHASE1_UP	0
820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define SCRIPT_PHASE1_DOWN	1
83f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define SCRIPT_PHASE1_DEAD	2
84f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define SCRIPT_MAX		2
850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern char *script_names[SCRIPT_MAX + 1];
860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct remoteconf {
88f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	char *name;			/* remote configuration name */
890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct sockaddr *remote;	/* remote IP address */
900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang					/* if family is AF_UNSPEC, that is
910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang					 * for anonymous configuration. */
920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct etypes *etypes;		/* exchange type list. the head
940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang					 * is a type to be sent first. */
950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int doitype;			/* doi type */
960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int sittype;			/* situation type */
970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int idvtype;			/* my identifier type */
990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	vchar_t *idv;			/* my identifier */
1000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	vchar_t *key;			/* my pre-shared key */
1010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct genlist *idvl_p;         /* peer's identifiers list */
1020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	char *myprivfile;		/* file name of my private key file */
104f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	char *mycertfile;		/* file name of my certificate */
105f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	vchar_t *mycert;		/* my certificate */
1060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	char *peerscertfile;		/* file name of peer's certifcate */
107f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	vchar_t *peerscert;		/* peer's certificate */
1080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	char *cacertfile;		/* file name of CA */
109f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	vchar_t *cacert;		/* CA certificate */
110f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
1110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int send_cert;			/* send to CERT or not */
1120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int send_cr;			/* send to CR or not */
113f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int match_empty_cr;		/* does this match if CR is empty */
1140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int verify_cert;		/* verify a CERT strictly */
1150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int verify_identifier;		/* vefify the peer's identifier */
1160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int nonce_size;			/* the number of bytes of nonce */
1170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int passive;			/* never initiate */
1180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int ike_frag;			/* IKE fragmentation */
1190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int esp_frag;			/* ESP fragmentation */
1200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int mode_cfg;			/* Gets config through mode config */
1210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int support_proxy;		/* support mip6/proxy */
122f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define GENERATE_POLICY_NONE	0
123f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define GENERATE_POLICY_REQUIRE	1
124f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define GENERATE_POLICY_UNIQUE	2
1250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int gen_policy;			/* generate policy if no policy found */
1260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int ini_contact;		/* initial contact */
1270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int pcheck_level;		/* level of propocl checking */
1280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int nat_traversal;		/* NAT-Traversal */
1290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	vchar_t *script[SCRIPT_MAX + 1];/* script hooks paths */
1300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int dh_group;			/* use it when only aggressive mode */
1310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct dhgroup *dhgrp;		/* use it when only aggressive mode */
1320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang					/* above two can't be defined by user*/
1330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int dpd;				/* Negociate DPD support ? */
1350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int dpd_retry;			/* in seconds */
1360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int dpd_interval;		/* in seconds */
137f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int dpd_maxfails;
138f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
139f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int rekey;			/* rekey ph1 when active ph2s? */
140f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define REKEY_OFF		FALSE
141f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define REKEY_ON		TRUE
142f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define REKEY_FORCE		2
1430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
144f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	uint32_t ph1id; /* ph1id to be matched with sainfo sections */
1450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int weak_phase1_check;		/* act on unencrypted deletions ? */
1470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct isakmpsa *proposal;	/* proposal list */
1490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct remoteconf *inherited_from;	/* the original rmconf
1500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang						   from which this one
1510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang						   was inherited */
152f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
153f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	time_t lifetime;		/* for isakmp/ipsec */
154f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int lifebyte;			/* for isakmp/ipsec */
155f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	struct secprotospec *spspec;	/* the head is always current spec. */
1560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct genlist	*rsa_private,	/* lists of PlainRSA keys to use */
1580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang			*rsa_public;
1590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#ifdef ENABLE_HYBRID
1610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	struct xauth_rmconf *xauth;
1620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif
1630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	TAILQ_ENTRY(remoteconf) chain;	/* next remote conf */
1650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang};
1660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
167f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define RMCONF_NONCE_SIZE(rmconf) \
168f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	(rmconf != NULL ? rmconf->nonce_size : DEFAULT_NONCE_SIZE)
1690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
170f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstruct dhgroup;
1710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
1720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct idspec {
1730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	int idtype;                     /* identifier type */
1740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang	vchar_t *id;                    /* identifier */
1750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang};
1760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
177f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstruct rmconfselector {
178f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int flags;
179f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	struct sockaddr *remote;
180f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	int etype;
181f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	struct isakmpsa *approval;
182f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	vchar_t *identity;
183f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	vchar_t *certificate_request;
184f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh};
185f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
186f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern void rmconf_selector_from_ph1 __P((struct rmconfselector *rmsel,
187f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh					  struct ph1handle *iph1));
188f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern int enumrmconf __P((struct rmconfselector *rmsel,
189f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh			   int (* enum_func)(struct remoteconf *rmconf, void *arg),
190f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh			   void *enum_arg));
191f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
192f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define GETRMCONF_F_NO_ANONYMOUS	0x0001
193f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define GETRMCONF_F_NO_PASSIVE		0x0002
194f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
195f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#define RMCONF_ERR_MULTIPLE		((struct remoteconf *) -1)
196f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
197f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern int rmconf_match_identity __P((struct remoteconf *rmconf,
198f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh				      vchar_t *id_p));
199f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern struct remoteconf *getrmconf __P((struct sockaddr *remote, int flags));
200f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern struct remoteconf *getrmconf_by_ph1 __P((struct ph1handle *iph1));
201f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern struct remoteconf *getrmconf_by_name __P((const char *name));
2020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
2030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern struct remoteconf *newrmconf __P((void));
204f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern struct remoteconf *duprmconf_shallow __P((struct remoteconf *));
205f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern int duprmconf_finish __P((struct remoteconf *));
2060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void delrmconf __P((struct remoteconf *));
2070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void deletypes __P((struct etypes *));
2080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern struct etypes * dupetypes __P((struct etypes *));
2090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void insrmconf __P((struct remoteconf *));
2100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void remrmconf __P((struct remoteconf *));
2110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void flushrmconf __P((void));
212f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern void dupspspec_list __P((struct remoteconf *, struct remoteconf *));
213f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern void flushspspec __P((struct remoteconf *));
2140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void initrmconf __P((void));
215f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern void rmconf_start_reload __P((void));
216f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern void rmconf_finish_reload __P((void));
2170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
218f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern int check_etypeok __P((struct remoteconf *, void *));
2190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
2200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern struct isakmpsa *newisakmpsa __P((void));
2210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern struct isakmpsa *dupisakmpsa __P((struct isakmpsa *));
222f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern void delisakmpsa __P((struct isakmpsa *));
2230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void insisakmpsa __P((struct isakmpsa *, struct remoteconf *));
224f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#ifdef ENABLE_HYBRID
225f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern int isakmpsa_switch_authmethod __P((int authmethod));
226f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#else
227f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstatic inline int isakmpsa_switch_authmethod(int authmethod)
228f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh{
229f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh	return authmethod;
230f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh}
231f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh#endif
232f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehextern struct isakmpsa * checkisakmpsa __P((int pcheck,
233f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh					    struct isakmpsa *proposal,
234f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh					    struct isakmpsa *acceptable));
235f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh
2360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
2370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void dumprmconf __P((void));
2380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
2390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern struct idspec *newidspec __P((void));
2400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
2410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern vchar_t *script_path_add __P((vchar_t *));
2420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang
2430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif /* _REMOTECONF_H */
244