1/* $NetBSD: isakmp_xauth.h,v 1.4 2006/09/09 16:22:09 manu Exp $ */ 2 3/* $KAME$ */ 4 5/* 6 * Copyright (C) 2004 Emmanuel Dreyfus 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#ifndef _ISAKMP_XAUTH_H 35#define _ISAKMP_XAUTH_H 36 37#include "racoon_types.h" 38 39/* ISAKMP mode config attribute types specific to the Xauth vendor ID */ 40#define XAUTH_TYPE 16520 41#define XAUTH_USER_NAME 16521 42#define XAUTH_USER_PASSWORD 16522 43#define XAUTH_PASSCODE 16523 44#define XAUTH_MESSAGE 16524 45#define XAUTH_CHALLENGE 16525 46#define XAUTH_DOMAIN 16526 47#define XAUTH_STATUS 16527 48#define XAUTH_NEXT_PIN 16528 49#define XAUTH_ANSWER 16529 50 51/* Types for XAUTH_TYPE */ 52#define XAUTH_TYPE_GENERIC 0 53#define XAUTH_TYPE_CHAP 1 54#define XAUTH_TYPE_OTP 2 55#define XAUTH_TYPE_SKEY 3 56 57/* Values for XAUTH_STATUS */ 58#define XAUTH_STATUS_FAIL 0 59#define XAUTH_STATUS_OK 1 60 61/* For phase 1 Xauth status */ 62struct xauth_state { 63 int status; /* authentication status, used only on server side */ 64 int vendorid; 65 int authtype; 66 union { 67 struct authgeneric { 68 char *usr; 69 char *pwd; 70 } generic; 71 } authdata; 72}; 73 74/* What's been sent */ 75#define XAUTH_SENT_USERNAME 1 76#define XAUTH_SENT_PASSWORD 2 77#define XAUTH_SENT_EVERYTHING (XAUTH_SENT_USERNAME | XAUTH_SENT_PASSWORD) 78 79/* For rmconf Xauth data */ 80struct xauth_rmconf { 81 vchar_t *login; /* xauth login */ 82 vchar_t *pass; /* xauth password */ 83 int state; /* what's been sent */ 84}; 85 86/* status */ 87#define XAUTHST_NOTYET 0 88#define XAUTHST_REQSENT 1 89#define XAUTHST_OK 2 90 91struct xauth_reply_arg { 92 isakmp_index index; 93 int port; 94 int id; 95 int res; 96}; 97 98struct isakmp_data; 99void xauth_sendreq (phase1_handle_t *); 100int xauth_attr_reply (phase1_handle_t *, struct isakmp_data *, int); 101int xauth_login_system (char *, char *); 102void xauth_sendstatus (phase1_handle_t *, int, int); 103int xauth_check (phase1_handle_t *); 104int group_check (phase1_handle_t *, char **, int); 105vchar_t *isakmp_xauth_req (phase1_handle_t *, struct isakmp_data *); 106vchar_t *isakmp_xauth_set (phase1_handle_t *, struct isakmp_data *); 107void xauth_rmstate (struct xauth_state *); 108void xauth_reply_stub (void *); 109int xauth_reply (phase1_handle_t *, int, int, int); 110int xauth_rmconf_used (struct xauth_rmconf **); 111void xauth_rmconf_delete (struct xauth_rmconf **); 112 113 114#endif /* _ISAKMP_XAUTH_H */ 115