OpenVPN
ssl_common.h
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 * Copyright (C) 2010-2021 Fox Crypto B.V. <openvpn@foxcrypto.com>
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2
13 * as published by the Free Software Foundation.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, see <https://www.gnu.org/licenses/>.
22 */
23
29#ifndef SSL_COMMON_H_
30#define SSL_COMMON_H_
31
32#include "session_id.h"
33#include "socket_util.h"
34#include "packet_id.h"
35#include "crypto.h"
36#include "options.h"
37
38#include "ssl_backend.h"
39
40/* passwords */
41#define UP_TYPE_AUTH "Auth"
42#define UP_TYPE_PRIVATE_KEY "Private Key"
43
77/* clang-format off */
78#define S_ERROR (-2)
79#define S_ERROR_PRE (-1)
82#define S_UNDEF 0
84#define S_INITIAL 1
87#define S_PRE_START_SKIP 2
90#define S_PRE_START 3
93#define S_START 4
95#define S_SENT_KEY 5
97#define S_GOT_KEY 6
100#define S_ACTIVE 7
105#define S_GENERATED_KEYS 8
108/* clang-format on */
109/* Note that earlier versions also had a S_OP_NORMAL state that was
110 * virtually identical with S_ACTIVE and the code still assumes everything
111 * >= S_ACTIVE to be fully operational */
121{
122 uint8_t pre_master[48];
125 uint8_t random1[32];
128 uint8_t random2[32];
130};
131
132
139{
142};
143
144
163
171
172/* key_state_test_auth_control_file return values, these specify the
173 * current status of a deferred authentication */
181
188
208{
209 int state;
212
218
223 uint32_t peer_id;
224
225 struct key_state_ssl ks_ssl; /* contains SSL object and BIOs for the control channel */
226
227 time_t initial; /* when we created this session */
228 time_t established; /* when our state went S_ACTIVE */
229 time_t must_negotiate; /* key negotiation times out if not finished before this time */
230 time_t must_die; /* this object is destroyed at this time */
231 time_t peer_last_packet; /* Last time we received a packet in this control session */
232
233 int initial_opcode; /* our initial P_ opcode */
234 struct session_id session_id_remote; /* peer's random session ID */
235 struct link_socket_actual remote_addr; /* peer's IP addr */
236
237 struct crypto_options crypto_options; /* data channel crypto options */
238
239 struct key_source2 *key_src; /* source entropy for key expansion */
240
244
245 struct reliable *send_reliable; /* holds a copy of outgoing packets until ACK received */
246 struct reliable *rec_reliable; /* order incoming ciphertext packets before we pass to TLS */
247 struct reliable_ack *rec_ack; /* buffers all packet IDs we want to ACK back to sender */
248 struct reliable_ack *lru_acks; /* keeps the most recently acked packages*/
249
253 counter_type n_bytes; /* how many bytes sent/recvd since last key exchange */
254 counter_type n_packets; /* how many packets sent/recvd since last key exchange */
255
256 /*
257 * If bad username/password, TLS connection will come up but 'authenticated' will be false.
258 */
261
262#ifdef ENABLE_MANAGEMENT
263 unsigned int mda_key_id;
265#endif
267
270
272};
273
301
302/*
303 * Our const options, obtained directly or derived from
304 * command line options.
305 */
307{
308 /* our master TLS context from which all SSL objects derived */
310
311 /* data channel cipher, hmac, and key lengths */
313
314 /* true if we are a TLS server, client otherwise */
315 bool server;
316
317 /* if true, don't xmit until first packet from peer is received */
319
320 /* local and remote options strings
321 * that must match between client and server */
322 const char *local_options;
323 const char *remote_options;
324
325 /* from command line */
327 int mode;
328 bool pull;
349
350 /* cert verification parms */
351 const char *verify_command;
353 const char *verify_x509_name;
354 const char *crl_file;
358 const char *remote_cert_eku;
363#ifdef ENABLE_X509ALTUSERNAME
365#else
367#endif
368
369 /* struct crypto_option flags */
370 unsigned int crypto_flags;
371
372 int replay_window; /* --replay-window parm */
373 int replay_time; /* --replay-window parm */
374
375 const char *config_ciphername;
377
383
386
389
390 struct frame frame;
391
392 /* used for username/password authentication */
396 const char *tmp_dir;
400
406 unsigned int auth_token_renewal;
407
409
410 /* use the client-config-dir as a positive authenticator */
412
413 /* instance-wide environment variable set */
414 struct env_set *es;
416 const struct plugin_list *plugins;
417
418 /* compression parms */
419#ifdef USE_COMP
420 struct compress_options comp_options;
421#endif
422
423 /* configuration file SSL-related boolean and low-permutation options */
424#define SSLF_CLIENT_CERT_NOT_REQUIRED (1 << 0)
425#define SSLF_CLIENT_CERT_OPTIONAL (1 << 1)
426#define SSLF_USERNAME_AS_COMMON_NAME (1 << 2)
427#define SSLF_AUTH_USER_PASS_OPTIONAL (1 << 3)
428#define SSLF_OPT_VERIFY (1 << 4)
429#define SSLF_CRL_VERIFY_DIR (1 << 5)
430#define SSLF_TLS_VERSION_MIN_SHIFT 6
431#define SSLF_TLS_VERSION_MIN_MASK 0xF /* (uses bit positions 6 to 9) */
432#define SSLF_TLS_VERSION_MAX_SHIFT 10
433#define SSLF_TLS_VERSION_MAX_MASK 0xF /* (uses bit positions 10 to 13) */
434#define SSLF_TLS_DEBUG_ENABLED (1 << 14)
435 unsigned int ssl_flags;
436
437#ifdef ENABLE_MANAGEMENT
439#endif
440
441 const struct x509_track *x509_track;
442
443#ifdef ENABLE_MANAGEMENT
445#endif
446
447 /* --gremlin bits */
449
450 /* Keying Material Exporter [RFC 5705] parameters */
451 const char *ekm_label;
453 size_t ekm_size;
454
456};
457
465#define KS_PRIMARY 0
466#define KS_LAME_DUCK \
467 1
469#define KS_SIZE 2
490{
491 /* const options and config info */
493
494 /* during hard reset used to control burst retransmit */
495 bool burst;
496
497 /* authenticate control packets */
499
500 /* Specific tls-crypt for renegotiations, if this is valid,
501 * tls_wrap_reneg.mode is TLS_WRAP_CRYPT, otherwise ignore it */
503
504 int initial_opcode; /* our initial P_ opcode */
505 struct session_id session_id; /* our random session ID */
506
513
515
517
519
520 bool verified; /* true if peer certificate was verified against CA */
521
522 /* not-yet-authenticated incoming client */
524
526};
527
545#define TM_ACTIVE 0
546#define TM_INITIAL \
547 1
549#define TM_LAME_DUCK 2
550#define TM_SIZE \
551 3
557/*
558 * The number of keys we will scan on encrypt or decrypt. The first
559 * is the "active" key. The second is the lame_duck or retiring key
560 * associated with the active key's session ID. The third is a detached
561 * lame duck session that only occurs in situations where a key renegotiate
562 * failed on the active key, but a lame duck key was still valid. By
563 * preserving the lame duck session, we can be assured of having a data
564 * channel key available even when network conditions are so bad that
565 * we can't negotiate a new key within the time allotted.
566 */
567#define KEY_SCAN_SIZE 3
568
569
570/* multi state (originally client authentication state (=CAS))
571 * CAS_NOT_CONNECTED must be 0 since non multi code paths still check
572 * this variable but do not explicitly initialise it and depend
573 * on zero initialisation */
574
575/* CAS_NOT_CONNECTED is the initial state for every context. When the *first*
576 * tls_session reaches S_ACTIVE, this state machine moves to CAS_PENDING (server)
577 * or CAS_CONNECT_DONE (client/p2p) as clients skip the stages associated with
578 * connect scripts/plugins */
596
597
612{
613 /* used to coordinate access between main thread and TLS thread */
614 /*MUTEX_PTR_DEFINE (mutex);*/
615
616 /* const options and config info */
618
619 /*
620 * used by tls_pre_encrypt to communicate the encrypt key
621 * to tls_post_encrypt()
622 */
623 struct key_state *save_ks; /* temporary pointer used between pre/post routines */
624
625 /*
626 * Used to return outgoing address from
627 * tls_multi_process.
628 */
630
634
635 /*
636 * Number of errors.
637 */
638 int n_hard_errors; /* errors due to TLS negotiation failure */
639 int n_soft_errors; /* errors due to unrecognized or failed-to-authenticate incoming packets */
640
646
651
655
657
662
665
668
685
687#define AUTH_TOKEN_HMAC_OK (1 << 0)
689#define AUTH_TOKEN_EXPIRED (1 << 1)
697#define AUTH_TOKEN_VALID_EMPTYUSER (1 << 2)
698
699 /* For P_DATA_V2 */
700 uint32_t peer_id;
702
706 /*
707 * Our session objects.
708 */
713
714 /* Only used when DCO is used to remember how many keys we installed
715 * for this session */
725
727};
728
732static inline struct key_state *
733get_key_scan(struct tls_multi *multi, int index)
734{
735 switch (index)
736 {
737 case 0:
738 return &multi->session[TM_ACTIVE].key[KS_PRIMARY];
739
740 case 1:
741 return &multi->session[TM_ACTIVE].key[KS_LAME_DUCK];
742
743 case 2:
744 return &multi->session[TM_LAME_DUCK].key[KS_LAME_DUCK];
745
746 default:
747 ASSERT(false);
748 return NULL; /* NOTREACHED */
749 }
750}
751
755static inline const struct key_state *
756get_primary_key(const struct tls_multi *multi)
757{
758 return &multi->session[TM_ACTIVE].key[KS_PRIMARY];
759}
760
761#endif /* SSL_COMMON_H_ */
uint64_t counter_type
Definition common.h:29
int interval_t
Definition common.h:35
Data Channel Cryptography Module.
hash_algo_type
Types referencing specific message digest hashing algorithms.
void * dco_context_t
Definition dco.h:261
#define KS_SIZE
Size of the tls_session.key array.
Definition ssl_common.h:469
#define KS_PRIMARY
Primary key state index.
Definition ssl_common.h:465
#define TM_LAME_DUCK
Old tls_session.
Definition ssl_common.h:549
#define TM_SIZE
Size of the tls_multi.session \ array.
Definition ssl_common.h:550
#define TM_ACTIVE
Active tls_session.
Definition ssl_common.h:545
#define KS_LAME_DUCK
Key state index that will retire \ soon.
Definition ssl_common.h:466
void * openvpn_net_ctx_t
Definition networking.h:38
#define ASSERT(x)
Definition error.h:217
#define MAX_PARMS
Definition options.h:51
Control Channel SSL library backend module.
auth_deferred_result
Definition ssl_common.h:175
@ ACF_PENDING
deferred auth still pending
Definition ssl_common.h:176
@ ACF_SUCCEEDED
deferred auth has suceeded
Definition ssl_common.h:177
@ ACF_FAILED
deferred auth has failed
Definition ssl_common.h:179
@ ACF_DISABLED
deferred auth is not used
Definition ssl_common.h:178
dco_key_status
Definition ssl_common.h:183
@ DCO_INSTALLED_PRIMARY
Definition ssl_common.h:185
@ DCO_INSTALLED_SECONDARY
Definition ssl_common.h:186
@ DCO_NOT_INSTALLED
Definition ssl_common.h:184
static struct key_state * get_key_scan(struct tls_multi *multi, int index)
gets an item of key_state objects in the order they should be scanned by data channel modules.
Definition ssl_common.h:733
multi_status
Definition ssl_common.h:580
@ CAS_CONNECT_DONE
Definition ssl_common.h:594
@ CAS_PENDING_DEFERRED
Waiting on an async option import handler.
Definition ssl_common.h:584
@ CAS_WAITING_AUTH
Initial TLS connection established but deferred auth is not yet finished.
Definition ssl_common.h:582
@ CAS_PENDING_DEFERRED_PARTIAL
at least handler succeeded but another is still pending
Definition ssl_common.h:585
@ CAS_PENDING
Options import (Connect script/plugin, ccd,...)
Definition ssl_common.h:583
@ CAS_WAITING_OPTIONS_IMPORT
client with pull or p2p waiting for first time options import
Definition ssl_common.h:587
@ CAS_NOT_CONNECTED
Definition ssl_common.h:581
@ CAS_FAILED
Option import failed or explicitly denied the client.
Definition ssl_common.h:586
@ CAS_RECONNECT_PENDING
session has already successful established (CAS_CONNECT_DONE) but has a reconnect and needs to redo s...
Definition ssl_common.h:593
ks_auth_state
This reflects the (server side) authentication state after the TLS session has been established and k...
Definition ssl_common.h:153
@ KS_AUTH_TRUE
Key state is authenticated.
Definition ssl_common.h:157
@ KS_AUTH_FALSE
Key state is not authenticated
Definition ssl_common.h:154
@ KS_AUTH_DEFERRED
Key state authentication is being deferred, by async auth.
Definition ssl_common.h:155
static const struct key_state * get_primary_key(const struct tls_multi *multi)
gets an item of key_state objects in the order they should be scanned by data channel modules.
Definition ssl_common.h:756
char * auth_failed_reason_file
Definition ssl_common.h:168
unsigned int auth_control_status
Definition ssl_common.h:169
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60
Structure containing the hashes for a full certificate chain.
Definition ssl_verify.h:64
Security parameter state for processing data channel packets.
Definition crypto.h:293
Packet geometry parameters.
Definition mtu.h:103
Container for bidirectional cipher and HMAC key material.
Definition crypto.h:240
Container for one set of cipher and/or HMAC contexts.
Definition crypto.h:202
Container for both halves of random material to be used in key method 2 data channel key generation.
Definition ssl_common.h:139
struct key_source client
Random provided by client.
Definition ssl_common.h:140
struct key_source server
Random provided by server.
Definition ssl_common.h:141
Container for one half of random material to be used in key method 2 data channel key generation.
Definition ssl_common.h:121
uint8_t random1[32]
Seed used for master secret generation, provided by both client and server.
Definition ssl_common.h:125
uint8_t pre_master[48]
Random used for master secret generation, provided only by client OpenVPN peer.
Definition ssl_common.h:122
uint8_t random2[32]
Seed used for key expansion, provided by both client and server.
Definition ssl_common.h:128
Security parameter state of one TLS and data channel key session.
Definition ssl_common.h:208
struct buffer_list * paybuf
Holds outgoing message for the control channel until ks->state reaches S_ACTIVE.
Definition ssl_common.h:252
unsigned int auth_token_state_flags
The state of the auth-token sent from the client.
Definition ssl_common.h:211
enum dco_key_status dco_status
Definition ssl_common.h:271
struct buffer ack_write_buf
Definition ssl_common.h:243
struct buffer plaintext_read_buf
Definition ssl_common.h:241
struct auth_deferred_status plugin_auth
Definition ssl_common.h:268
time_t must_die
Definition ssl_common.h:230
struct buffer plaintext_write_buf
Definition ssl_common.h:242
struct link_socket_actual remote_addr
Definition ssl_common.h:235
uint32_t peer_id
Key id for this key_state, inherited from struct tls_session.
Definition ssl_common.h:223
time_t established
Definition ssl_common.h:228
struct key_state_ssl ks_ssl
Definition ssl_common.h:225
time_t acf_last_mod
Definition ssl_common.h:266
time_t must_negotiate
Definition ssl_common.h:229
struct reliable_ack * rec_ack
Definition ssl_common.h:247
struct reliable * rec_reliable
Definition ssl_common.h:246
struct session_id session_id_remote
Definition ssl_common.h:234
unsigned int mda_key_id
Definition ssl_common.h:263
struct auth_deferred_status script_auth
Definition ssl_common.h:269
time_t initial
Definition ssl_common.h:227
enum auth_deferred_result mda_status
Definition ssl_common.h:264
enum ks_auth_state authenticated
Definition ssl_common.h:259
int key_id
Key id for this key_state, inherited from struct tls_session.
Definition ssl_common.h:217
time_t peer_last_packet
Definition ssl_common.h:231
struct reliable * send_reliable
Definition ssl_common.h:245
time_t auth_deferred_expire
Definition ssl_common.h:260
int initial_opcode
Definition ssl_common.h:233
struct reliable_ack * lru_acks
Definition ssl_common.h:248
struct key_source2 * key_src
Definition ssl_common.h:239
counter_type n_bytes
Definition ssl_common.h:253
counter_type n_packets
Definition ssl_common.h:254
Container for unidirectional cipher and HMAC key material.
Definition crypto.h:152
The acknowledgment structure in which packet IDs are stored for later acknowledgment.
Definition reliable.h:64
The reliability layer storage structure for one VPN tunnel's control channel in one direction.
Definition reliable.h:94
Security parameter state for a single VPN tunnel.
Definition ssl_common.h:612
char * auth_token_initial
The first auth-token we sent to a client.
Definition ssl_common.h:684
int n_hard_errors
Definition ssl_common.h:638
bool remote_usescomp
remote announced comp-lzo in OCC string
Definition ssl_common.h:704
dco_context_t * dco
Definition ssl_common.h:726
struct link_socket_actual to_link_addr
Definition ssl_common.h:629
char * peer_info
A multi-line string of general-purpose info received from peer over control channel.
Definition ssl_common.h:673
struct key_state * save_ks
Definition ssl_common.h:623
char * remote_ciphername
cipher specified in peer's config file
Definition ssl_common.h:703
char * locked_username
The locked username is the username we assume the client is using.
Definition ssl_common.h:650
enum multi_status multi_state
Definition ssl_common.h:633
unsigned int tas_cache_num_updates
The number of times we updated the cache.
Definition ssl_common.h:664
struct tls_options opt
Definition ssl_common.h:617
struct tls_session session[TM_SIZE]
Array of tls_session objects representing control channel sessions with the remote peer.
Definition ssl_common.h:712
int dco_keys_installed
Definition ssl_common.h:716
struct cert_hash_set * locked_cert_hash_set
Definition ssl_common.h:656
time_t tas_cache_last_update
Time of last when we updated the cached state of tls_authentication_status deferred files.
Definition ssl_common.h:661
char * locked_cn
Our locked common name, username, and cert hashes (cannot change during the life of this tls_multi ob...
Definition ssl_common.h:645
uint32_t peer_id
Definition ssl_common.h:700
char * client_reason
An error message to send to client on AUTH_FAILED.
Definition ssl_common.h:667
char * auth_token
If server sends a generated auth-token, this is the token to use for future user/pass authentications...
Definition ssl_common.h:679
bool use_peer_id
Definition ssl_common.h:701
char * locked_original_username
The username that client initially used before being overridden by –override-user.
Definition ssl_common.h:654
int n_sessions
Number of sessions negotiated thus far.
Definition ssl_common.h:631
int dco_peer_id
This is the handle that DCO uses to identify this session with the kernel.
Definition ssl_common.h:724
int n_soft_errors
Definition ssl_common.h:639
int64_t renegotiate_bytes
Definition ssl_common.h:343
struct key_ctx auth_token_key
Definition ssl_common.h:408
unsigned int auth_token_renewal
Definition ssl_common.h:406
struct env_set * es
Definition ssl_common.h:414
unsigned int auth_token_lifetime
Definition ssl_common.h:405
struct tls_wrap_ctx tls_wrap
TLS handshake wrapping state.
Definition ssl_common.h:388
size_t ekm_label_size
Definition ssl_common.h:452
unsigned int crypto_flags
Definition ssl_common.h:370
unsigned remote_cert_ku[MAX_PARMS]
Definition ssl_common.h:357
interval_t packet_timeout
Definition ssl_common.h:342
const char * auth_user_pass_file
Definition ssl_common.h:398
uint64_t aead_usage_limit
limit for AEAD cipher when not running in epoch data key mode, this is the sum of packets + blocks th...
Definition ssl_common.h:347
const char * client_crresponse_script
Definition ssl_common.h:394
const struct static_challenge_info * sci
Definition ssl_common.h:444
openvpn_net_ctx_t * net_ctx
Definition ssl_common.h:415
const char * tmp_dir
Definition ssl_common.h:396
interval_t renegotiate_seconds
Definition ssl_common.h:348
int64_t renegotiate_packets
Definition ssl_common.h:344
bool auth_user_pass_file_inline
Definition ssl_common.h:399
int verify_hash_depth
Definition ssl_common.h:360
const struct plugin_list * plugins
Definition ssl_common.h:416
const char * client_config_dir_exclusive
Definition ssl_common.h:411
bool tls_crypt_v2
Definition ssl_common.h:384
const char * export_peer_cert_dir
Definition ssl_common.h:397
const char * verify_command
Definition ssl_common.h:351
struct verify_hash_list * verify_hash
Definition ssl_common.h:359
const char * ekm_label
Definition ssl_common.h:451
size_t ekm_size
Definition ssl_common.h:453
char * x509_username_field[2]
Definition ssl_common.h:366
int transition_window
Definition ssl_common.h:340
const char * remote_options
Definition ssl_common.h:323
const char * config_ciphername
Definition ssl_common.h:375
int verify_x509_type
Definition ssl_common.h:352
bool single_session
Definition ssl_common.h:326
bool data_epoch_supported
whether our underlying data channel supports new data channel features (epoch keys with AEAD tag at t...
Definition ssl_common.h:382
const char * verify_x509_name
Definition ssl_common.h:353
bool crl_file_inline
Definition ssl_common.h:355
const struct x509_track * x509_track
Definition ssl_common.h:441
bool verify_hash_no_ca
Definition ssl_common.h:361
struct man_def_auth_context * mda_context
Definition ssl_common.h:438
const char * tls_crypt_v2_verify_script
Definition ssl_common.h:385
struct tls_root_ctx ssl_ctx
Definition ssl_common.h:309
bool auth_user_pass_verify_script_via_file
Definition ssl_common.h:395
const char * config_ncp_ciphers
Definition ssl_common.h:376
const char * local_options
Definition ssl_common.h:322
unsigned int ssl_flags
Definition ssl_common.h:435
bool auth_token_generate
Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate.
Definition ssl_common.h:401
int push_peer_info_detail
The detail of info we push in peer info.
Definition ssl_common.h:339
hash_algo_type verify_hash_algo
Definition ssl_common.h:362
bool auth_token_call_auth
always call normal authentication
Definition ssl_common.h:404
const char * crl_file
Definition ssl_common.h:354
int handshake_window
Definition ssl_common.h:341
bool dco_enabled
Whether keys have to be installed in DCO or not.
Definition ssl_common.h:455
const char * auth_user_pass_verify_script
Definition ssl_common.h:393
const char * remote_cert_eku
Definition ssl_common.h:358
int replay_window
Definition ssl_common.h:372
Structure that wraps the TLS context.
Security parameter state of a single session within a VPN tunnel.
Definition ssl_common.h:490
int key_id
The current active key id, used to keep track of renegotiations.
Definition ssl_common.h:512
struct tls_wrap_ctx tls_wrap_reneg
Definition ssl_common.h:502
struct key_state key[KS_SIZE]
Definition ssl_common.h:525
struct cert_hash_set * cert_hash_set
Definition ssl_common.h:518
struct tls_options * opt
Definition ssl_common.h:492
char * common_name
Definition ssl_common.h:516
struct tls_wrap_ctx tls_wrap
Definition ssl_common.h:498
int verify_maxlevel
Definition ssl_common.h:514
struct link_socket_actual untrusted_addr
Definition ssl_common.h:523
int initial_opcode
Definition ssl_common.h:504
Control channel wrapping (–tls-auth/–tls-crypt) context.
Definition ssl_common.h:276
struct buffer tls_crypt_v2_metadata
Received from client.
Definition ssl_common.h:288
bool cleanup_key_ctx
opt.key_ctx_bi is owned by this context
Definition ssl_common.h:289
struct crypto_options opt
Crypto state.
Definition ssl_common.h:283
enum tls_wrap_ctx::@28 mode
Control channel wrapping mode.
@ TLS_WRAP_CRYPT
Control channel encryption and authentication.
Definition ssl_common.h:281
@ TLS_WRAP_NONE
No control channel wrapping.
Definition ssl_common.h:279
@ TLS_WRAP_AUTH
Control channel authentication.
Definition ssl_common.h:280
struct buffer work
Work buffer (only for –tls-crypt)
Definition ssl_common.h:284
struct key_ctx tls_crypt_v2_server_key
Decrypts client keys.
Definition ssl_common.h:285
const struct buffer * tls_crypt_v2_wkc
Wrapped client key, sent to server.
Definition ssl_common.h:286
struct key2 original_wrap_keydata
original key data to be xored in to the key for dynamic tls-crypt.
Definition ssl_common.h:299