From 1f8a0c9d92efb2da0c476e395d5ed5050f06399b Mon Sep 17 00:00:00 2001
From: Julien Nicoulaud <julien.nicoulaud@gmail.com>
Date: Thu, 17 Nov 2011 16:44:44 +0100
Subject: [PATCH] #36 vpnc: complete options

---
 _vpnc | 136 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 136 insertions(+)

diff --git a/_vpnc b/_vpnc
index 49367df..62222b1 100644
--- a/_vpnc
+++ b/_vpnc
@@ -45,6 +45,36 @@
 (( $+functions[_vpnc-connect] )) ||
 _vpnc-connect() {
   _arguments \
+    '(- : *)--version[display version information]' \
+    '(- : *)--'{,long-}'help[display help information]' \
+    '--gateway[IP/name of your IPSec gateway]: :_hosts' \
+    '--id[your group name]: :_groups' \
+    '--username[your username]: :_users' \
+    '--domain[domain name for authentication]: :_domains' \
+    '--xauth-inter[enable interactive extended authentication]' \
+    '--vendor[vendor of your IPSec gateway]: :_vpnc_gateway_vendors' \
+    '--natt-mode[NAT-Traversal method]: :_vpnc_nat_traversal_methods' \
+    '--script[command executed using system() to configure the interface, routing and so on]:command path:_files' \
+    '--dh[name of the IKE DH Group]: :_vpnc_ike_diffie_hellman_groups' \
+    '--pfs[Diffie-Hellman group to use for PFS]: :_vpnc_pfs_diffie_hellman_groups' \
+    '--enable-1des[enable weak single DES encryption]' \
+    '--enable-no-encryption[enable using no encryption for data traffic (key exchanged must be encrypted)]' \
+    '--application-version[application version to report]:application version' \
+    '--ifname[visible name of the TUN/TAP interface]:name' \
+    '--ifmode[mode of TUN/TAP interface]: :_vpnc_tun_tap_modes' \
+    '--debug[show verbose debug messages]: :_vpnc_debug_levels' \
+    '--no-detach[Don'\''t detach from the console after login]' \
+    '--pid-file[store the pid of background process in the file]:pid file:_files' \
+    '--local-addr[local IP to use for ISAKMP/ESP/...]: :_hosts' \
+    '--local-port[local ISAKMP port number to use]: :_vpnc_isakmp_port_numbers' \
+    '--udp-port[local UDP port number to use]: :_vpnc_udp_port_numbers' \
+    '--dpd-idle[send DPD packet after not receiving anything for X seconds]: :_vpnc_dpd_idle_times' \
+    '--non-inter[Don'\''t ask anything, exit on missing options]' \
+    '--auth-mode[authentication mode]: :_vpnc_authentication_modes' \
+    '--ca-file[filename and path to the CA-PEM-File]:CA-PEM file:_files' \
+    '--ca-dir[path of the trusted CA-Directory]:CA directory:_files -/' \
+    '--target-network[target network in dotted decimal or CIDR notation]:target network/netmask' \
+    '--print-config[print your configuration; output can be used as vpnc.conf]' \
     '*: :_vpnc_confs'
 }
 
@@ -60,6 +90,112 @@ _vpnc_confs() {
   _describe -t confs 'VPNC conf' confs "$@"
 }
 
+(( $+functions[_vpnc_gateway_vendors] )) ||
+_vpnc_gateway_vendors() {
+  local vendors; vendors=(
+    'cisco'
+    'netscreen'
+  )
+  _describe -t vendors 'vendor' vendors "$@"
+}
+
+(( $+functions[_vpnc_nat_traversal_methods] )) ||
+_vpnc_nat_traversal_methods() {
+  local methods; methods=(
+    'natt:NAT-T as defined in RFC3947 (default)'
+    'none:disable use of any NAT-T method'
+    'force-natt:always use NAT-T encapsulation even without presence of a NAT device'
+    'cisco-udp:Cisco proprietary UDP encapsulation, commonly over Port 10000'
+  )
+  _describe -t methods 'NAT traversal method' methods "$@"
+}
+
+(( $+functions[_vpnc_ike_diffie_hellman_groups] )) ||
+_vpnc_ike_diffie_hellman_groups() {
+  local groups; groups=(
+    'dh1'
+    'dh2'
+    'dh5'
+  )
+  _describe -t groups 'IKE Diffie Hellman group' groups "$@"
+}
+
+(( $+functions[_vpnc_pfs_diffie_hellman_groups] )) ||
+_vpnc_pfs_diffie_hellman_groups() {
+  local groups; groups=(
+    'nopfs'
+    'dh1'
+    'dh2'
+    'dh5'
+    'server'
+  )
+  _describe -t groups 'PFS Diffie Hellman group' groups "$@"
+}
+
+(( $+functions[_vpnc_tun_tap_modes] )) ||
+_vpnc_tun_tap_modes() {
+  local modes; modes=(
+    'tun:virtual point to point interface (default)'
+    'tap:virtual ethernet interface'
+  )
+  _describe -t modes 'TUN/TAP interface mode' modes "$@"
+}
+
+(( $+functions[_vpnc_debug_levels] )) ||
+_vpnc_debug_levels() {
+  local levels; levels=(
+    '0:do not print debug information'
+    '1:print minimal debug information'
+    '2:show statemachine and packet/payload type information'
+    '3:dump everything exluding authentication data'
+    '99:dump everything INCLUDING AUTHENTICATION data (e.g. PASSWORDS)'
+  )
+  _describe -t levels 'debug level' levels "$@"
+}
+
+(( $+functions[_vpnc_isakmp_port_numbers] )) ||
+_vpnc_isakmp_port_numbers() {
+  local ports; ports=(
+    '0:use random port'
+    '1:minimum port number'
+    '500:default port number'
+    '65535:maximum port number'
+  )
+  _describe -t ports 'ISAKMP port number' ports "$@"
+}
+
+(( $+functions[_vpnc_udp_port_numbers] )) ||
+_vpnc_udp_port_numbers() {
+  local ports; ports=(
+    '0:use random port'
+    '1:minimum port number'
+    '10000:default port number'
+    '65535:maximum port number'
+  )
+  _describe -t ports 'UDP port number' ports "$@"
+}
+
+(( $+functions[_vpnc_dpd_idle_times] )) ||
+_vpnc_dpd_idle_times() {
+  local times; times=(
+    '0:completely disable DPD'
+    '10:minimum value'
+    '300:default value'
+    '86400:maximum value'
+  )
+  _describe -t times 'DPD idle wait time (seconds)' times "$@"
+}
+
+(( $+functions[_vpnc_authentication_modes] )) ||
+_vpnc_authentication_modes() {
+  local modes; modes=(
+    'psk:pre-shared key (default)'
+    'cert:server + client certificate'
+    'hybrid:server certificate + xauth'
+  )
+  _describe -t modes 'authentication mode' modes "$@"
+}
+
 case $service in
   vpnc|vpnc-connect) _call_function ret _vpnc-connect && return ret ;;
   vpnc-disconnect)   _call_function ret _vpnc-disconnect && return ret ;;