diff options
Diffstat (limited to 'src/charon/sa/ike_sa.h')
-rw-r--r-- | src/charon/sa/ike_sa.h | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/src/charon/sa/ike_sa.h b/src/charon/sa/ike_sa.h index 2430f00a0..6542ffa50 100644 --- a/src/charon/sa/ike_sa.h +++ b/src/charon/sa/ike_sa.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2006-2008 Tobias Brunner * Copyright (C) 2006 Daniel Roethlisberger - * Copyright (C) 2005-2008 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -41,7 +41,7 @@ typedef struct ike_sa_t ike_sa_t; #include <sa/keymat.h> #include <config/peer_cfg.h> #include <config/ike_cfg.h> -#include <credentials/auth_info.h> +#include <config/auth_cfg.h> /** * Timeout in milliseconds after that a half open IKE_SA gets deleted. @@ -82,6 +82,11 @@ enum ike_extension_t { * peer supports HTTP cert lookups as specified in RFC4306 */ EXT_HASH_AND_URL = (1<<2), + + /** + * peer supports multiple authentication exchanges, RFC4739 + */ + EXT_MULTIPLE_AUTH = (1<<3), }; /** @@ -110,7 +115,7 @@ enum ike_condition_t { COND_NAT_FAKE = (1<<3), /** - * peer has ben authenticated using EAP + * peer has been authenticated using EAP at least once */ COND_EAP_AUTHENTICATED = (1<<4), @@ -391,18 +396,12 @@ struct ike_sa_t { void (*set_peer_cfg) (ike_sa_t *this, peer_cfg_t *config); /** - * Get authentication/authorization info for local peer. - * - * @return auth_info for me - */ - auth_info_t* (*get_my_auth)(ike_sa_t *this); - - /** - * Get authentication/authorization info for remote peer. + * Get the authentication config with rules of the current auth round. * - * @return auth_info for me + * @param local TRUE for local rules, FALSE for remote constraints + * @return current cfg */ - auth_info_t* (*get_other_auth)(ike_sa_t *this); + auth_cfg_t* (*get_auth_cfg)(ike_sa_t *this, bool local); /** * Get the selected proposal of this IKE_SA. |