2 files changed, 21 insertions, 12 deletions

diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h
index 2274a99..6339e74 100644
--- a/lib/include/radsec/radsec-impl.h
+++ b/lib/include/radsec/radsec-impl.h
@@ -18,10 +18,19 @@
 /* Data types.  */
 enum rs_cred_type {
     RS_CRED_NONE = 0,
-    RS_CRED_TLS_PSK_RSA,	/* RFC 4279.  */
+    /* TLS pre-shared keys, RFC 4279.  */
+    RS_CRED_TLS_PSK,
+    /* RS_CRED_TLS_DH_PSK, */
+    /* RS_CRED_TLS_RSA_PSK, */
 };
 typedef unsigned int rs_cred_type_t;
 
+enum rs_key_encoding {
+    RS_KEY_ENCODING_UTF8 = 1,
+    RS_KEY_ENCODING_ASCII_HEX = 2,
+};
+typedef unsigned int rs_key_encoding_t;
+
 #if defined (__cplusplus)
 extern "C" {
 #endif
@@ -30,6 +39,8 @@ struct rs_credentials {
     enum rs_cred_type type;
     char *identity;
     char *secret;
+    enum rs_key_encoding secret_encoding;
+    unsigned int secret_len;
 };
 
 struct rs_error {
@@ -41,8 +52,10 @@ struct rs_error {
 struct rs_peer {
     struct rs_connection *conn;
     struct rs_realm *realm;
-    struct evutil_addrinfo *addr;
-    char *secret;
+    char *hostname;
+    char *service;
+    char *secret;               /* RADIUS secret.  */
+    struct evutil_addrinfo *addr_cache;
     struct rs_peer *next;
 };
 
@@ -56,6 +69,7 @@ struct rs_realm {
     char *cacertpath;
     char *certfile;
     char *certkeyfile;
+    struct rs_credentials *transport_cred;
     struct rs_peer *peers;
     struct rs_realm *next;
 };
@@ -77,7 +91,6 @@ struct rs_connection {
     struct rs_realm *realm;	/* Owned by ctx.  */
     struct event_base *evb;	/* Event base.  */
     struct event *tev;		/* Timeout event.  */
-    struct rs_credentials transport_credentials;
     struct rs_conn_callbacks callbacks;
     void *user_data;
     struct rs_peer *peers;
@@ -118,12 +131,6 @@ struct rs_packet {
     struct rs_packet *next;	/* Used for UDP output queue.  */
 };
 
-/* Nonpublic functions (in radsec.c -- FIXME: move?).  */
-struct rs_error *rs_resolv (struct evutil_addrinfo **addr,
-			    rs_conn_type_t type,
-			    const char *hostname,
-			    const char *service);
-
 #if defined (__cplusplus)
 }
 #endif
diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h
index 6e967af..6c4f6a7 100644
--- a/lib/include/radsec/radsec.h
+++ b/lib/include/radsec/radsec.h
@@ -42,7 +42,7 @@ enum rs_error_code {
     RSE_TIMEOUT_CONN = 16,	/* Connection timeout.  */
     RSE_INVAL = 17,		/* Invalid argument.  */
     RSE_TIMEOUT_IO = 18,	/* I/O timeout.  */
-    RSE_TIMEOUT= 19,		/* High level timeout.  */
+    RSE_TIMEOUT = 19,		/* High level timeout.  */
     RSE_DISCO = 20,
     RSE_INUSE = 21,
     RSE_PACKET_TOO_SMALL = 22,
@@ -66,7 +66,9 @@ enum rs_error_code {
     RSE_INVALID_RESPONSE_SRC = 40,
     RSE_NO_PACKET_DATA = 41,
     RSE_VENDOR_UNKNOWN = 42,
-    RSE_MAX = RSE_VENDOR_UNKNOWN
+    RSE_CRED = 43,
+    RSE_CERT = 44,
+    RSE_MAX = RSE_CERT
 };
 
 enum rs_conn_type {