3 files changed, 19 insertions, 7 deletions

diff --git a/src/stroke/Makefile.am b/src/stroke/Makefile.am
index 6ea64753c..aaedfc787 100644
--- a/src/stroke/Makefile.am
+++ b/src/stroke/Makefile.am
@@ -1,9 +1,10 @@
 ipsec_PROGRAMS = stroke
 
-stroke_SOURCES = stroke.c stroke.h stroke_keywords.c stroke_keywords.h
+stroke_SOURCES = stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
 EXTRA_DIST = stroke_keywords.txt
 MAINTAINERCLEANFILES = stroke_keywords.c
+AM_CFLAGS = -DIPSEC_PIDDIR=\"${piddir}\"
 
 stroke_keywords.c:	stroke_keywords.txt stroke_keywords.h
 		$(GPERF) -C -G -t < stroke_keywords.txt > stroke_keywords.c
diff --git a/src/stroke/stroke.c b/src/stroke/stroke.c
index 3365add54..6b2e33d1f 100644
--- a/src/stroke/stroke.c
+++ b/src/stroke/stroke.c
@@ -28,7 +28,7 @@
 #include <stdio.h>
 #include <stddef.h>
 
-#include "stroke.h"
+#include "stroke_msg.h"
 #include "stroke_keywords.h"
 
 struct stroke_token {
diff --git a/src/stroke/stroke.h b/src/stroke/stroke_msg.h
index 7ccddfb3e..1af3c6ec7 100644
--- a/src/stroke/stroke.h
+++ b/src/stroke/stroke_msg.h
@@ -1,5 +1,5 @@
 /**
- * @file stroke.h
+ * @file stroke_msg.h
  *
  * @brief Definition of stroke_msg_t.
  *
@@ -22,15 +22,15 @@
  * RCSID $Id$
  */
 
-#ifndef STROKE_H_
-#define STROKE_H_
+#ifndef STROKE_MSG_H_
+#define STROKE_MSG_H_
 
 #include <sys/types.h>
 
 /**
  * Socket which is used to communicate between charon and stroke
  */
-#define STROKE_SOCKET "/var/run/charon.ctl"
+#define STROKE_SOCKET IPSEC_PIDDIR "/charon.ctl"
 
 #define STROKE_BUF_LEN		2048
 
@@ -103,6 +103,16 @@ enum purge_flag_t {
 	PURGE_OCSP =		0x0001,
 };
 
+/**
+ * CRL certificate validation policy
+ */
+typedef enum {
+	CRL_STRICT_NO,
+	CRL_STRICT_YES,
+	CRL_STRICT_IFURI,
+} crl_policy_t;
+
+
 typedef struct stroke_end_t stroke_end_t;
 
 /**
@@ -187,6 +197,7 @@ struct stroke_msg_t {
 			int mode;
 			int mobike;
 			int force_encap;
+			crl_policy_t crl_policy;
 			struct {
 				char *ike;
 				char *esp;
@@ -246,4 +257,4 @@ struct stroke_msg_t {
 	char buffer[STROKE_BUF_LEN];
 };
 
-#endif /* STROKE_H_ */
+#endif /* STROKE_MSG_H_ */