OpenVPN
ssl_util.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22#ifdef HAVE_CONFIG_H
23#include "config.h"
24#endif
25
26#include "syshead.h"
27
28#include "ssl_util.h"
29
30char *
31extract_var_peer_info(const char *peer_info, const char *var, struct gc_arena *gc)
32{
33 if (!peer_info)
34 {
35 return NULL;
36 }
37
38 const char *var_start = strstr(peer_info, var);
39 if (!var_start)
40 {
41 /* variable not found in peer info */
42 return NULL;
43 }
44
45 var_start += strlen(var);
46 const char *var_end = strstr(var_start, "\n");
47 if (!var_end)
48 {
49 /* var is at end of the peer_info list and no '\n' follows */
50 var_end = var_start + strlen(var_start);
51 }
52
53 char *var_value = string_alloc(var_start, gc);
54 /* NULL terminate the copy at the right position */
55 var_value[var_end - var_start] = '\0';
56 return var_value;
57}
58
59unsigned int
60extract_iv_proto(const char *peer_info)
61{
62 const char *optstr = peer_info ? strstr(peer_info, "IV_PROTO=") : NULL;
63 if (optstr)
64 {
65 int proto = 0;
66 int r = sscanf(optstr, "IV_PROTO=%d", &proto);
67 if (r == 1 && proto > 0)
68 {
69 return proto;
70 }
71 }
72 return 0;
73}
74
75const char *
76options_string_compat_lzo(const char *options, struct gc_arena *gc)
77{
78 /* Example string without and with comp-lzo, i.e. input/output of this function */
79 /* w/o comp: 'V4,dev-type tun,link-mtu 1457,tun-mtu 1400,proto UDPv4,auth SHA1,keysize
80 * 128,key-method 2,tls-server' */
81 /* comp-lzo: 'V4,dev-type tun,link-mtu 1458,tun-mtu 1400,proto UDPv4,comp-lzo,auth SHA1,keysize
82 * 128,key-method 2,tls-server' */
83
84 /* Note: since this function is used only in a very limited scope it makes
85 * assumptions how the string looks. Since we locally generated the string
86 * we can make these assumptions */
87
88 /* Check that the link-mtu string is in options */
89 const char *tmp = strstr(options, ",link-mtu");
90 if (!tmp)
91 {
92 return options;
93 }
94
95 /* Get old link_mtu size */
96 int link_mtu;
97 if (sscanf(tmp, ",link-mtu %d,", &link_mtu) != 1 || link_mtu < 100 || link_mtu > 9900)
98 {
99 return options;
100 }
101
102 /* 1 byte for the possibility of 999 to 1000 and 1 byte for the null
103 * terminator */
104 struct buffer buf = alloc_buf_gc(strlen(options) + strlen(",comp-lzo") + 2, gc);
105
106 buf_write(&buf, options, (int)(tmp - options));
107
108 /* Increase link-mtu by one for the comp-lzo opcode */
109 buf_printf(&buf, ",link-mtu %d", link_mtu + 1);
110
111 tmp += strlen(",link-mtu ") + (link_mtu < 1000 ? 3 : 4);
112
113 buf_printf(&buf, "%s,comp-lzo", tmp);
114
115 return BSTR(&buf);
116}
117
121static const tls_cipher_name_pair tls_cipher_name_translation_table[] = {
122 { "ADH-SEED-SHA", "TLS-DH-anon-WITH-SEED-CBC-SHA" },
123 { "AES128-GCM-SHA256", "TLS-RSA-WITH-AES-128-GCM-SHA256" },
124 { "AES128-SHA256", "TLS-RSA-WITH-AES-128-CBC-SHA256" },
125 { "AES128-SHA", "TLS-RSA-WITH-AES-128-CBC-SHA" },
126 { "AES256-GCM-SHA384", "TLS-RSA-WITH-AES-256-GCM-SHA384" },
127 { "AES256-SHA256", "TLS-RSA-WITH-AES-256-CBC-SHA256" },
128 { "AES256-SHA", "TLS-RSA-WITH-AES-256-CBC-SHA" },
129 { "CAMELLIA128-SHA256", "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256" },
130 { "CAMELLIA128-SHA", "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA" },
131 { "CAMELLIA256-SHA256", "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256" },
132 { "CAMELLIA256-SHA", "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA" },
133 { "DES-CBC3-SHA", "TLS-RSA-WITH-3DES-EDE-CBC-SHA" },
134 { "DES-CBC-SHA", "TLS-RSA-WITH-DES-CBC-SHA" },
135 { "DH-DSS-SEED-SHA", "TLS-DH-DSS-WITH-SEED-CBC-SHA" },
136 { "DHE-DSS-AES128-GCM-SHA256", "TLS-DHE-DSS-WITH-AES-128-GCM-SHA256" },
137 { "DHE-DSS-AES128-SHA256", "TLS-DHE-DSS-WITH-AES-128-CBC-SHA256" },
138 { "DHE-DSS-AES128-SHA", "TLS-DHE-DSS-WITH-AES-128-CBC-SHA" },
139 { "DHE-DSS-AES256-GCM-SHA384", "TLS-DHE-DSS-WITH-AES-256-GCM-SHA384" },
140 { "DHE-DSS-AES256-SHA256", "TLS-DHE-DSS-WITH-AES-256-CBC-SHA256" },
141 { "DHE-DSS-AES256-SHA", "TLS-DHE-DSS-WITH-AES-256-CBC-SHA" },
142 { "DHE-DSS-CAMELLIA128-SHA256", "TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256" },
143 { "DHE-DSS-CAMELLIA128-SHA", "TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA" },
144 { "DHE-DSS-CAMELLIA256-SHA256", "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256" },
145 { "DHE-DSS-CAMELLIA256-SHA", "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA" },
146 { "DHE-DSS-SEED-SHA", "TLS-DHE-DSS-WITH-SEED-CBC-SHA" },
147 { "DHE-RSA-AES128-GCM-SHA256", "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256" },
148 { "DHE-RSA-AES128-SHA256", "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256" },
149 { "DHE-RSA-AES128-SHA", "TLS-DHE-RSA-WITH-AES-128-CBC-SHA" },
150 { "DHE-RSA-AES256-GCM-SHA384", "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384" },
151 { "DHE-RSA-AES256-SHA256", "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" },
152 { "DHE-RSA-AES256-SHA", "TLS-DHE-RSA-WITH-AES-256-CBC-SHA" },
153 { "DHE-RSA-CAMELLIA128-SHA256", "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256" },
154 { "DHE-RSA-CAMELLIA128-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA" },
155 { "DHE-RSA-CAMELLIA256-SHA256", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256" },
156 { "DHE-RSA-CAMELLIA256-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA" },
157 { "DHE-RSA-CHACHA20-POLY1305", "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256" },
158 { "DHE-RSA-SEED-SHA", "TLS-DHE-RSA-WITH-SEED-CBC-SHA" },
159 { "DH-RSA-SEED-SHA", "TLS-DH-RSA-WITH-SEED-CBC-SHA" },
160 { "ECDH-ECDSA-AES128-GCM-SHA256", "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256" },
161 { "ECDH-ECDSA-AES128-SHA256", "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256" },
162 { "ECDH-ECDSA-AES128-SHA", "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA" },
163 { "ECDH-ECDSA-AES256-GCM-SHA384", "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384" },
164 { "ECDH-ECDSA-AES256-SHA256", "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA256" },
165 { "ECDH-ECDSA-AES256-SHA384", "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384" },
166 { "ECDH-ECDSA-AES256-SHA", "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA" },
167 { "ECDH-ECDSA-CAMELLIA128-SHA256", "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256" },
168 { "ECDH-ECDSA-CAMELLIA128-SHA", "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA" },
169 { "ECDH-ECDSA-CAMELLIA256-SHA256", "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA256" },
170 { "ECDH-ECDSA-CAMELLIA256-SHA", "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA" },
171 { "ECDH-ECDSA-DES-CBC3-SHA", "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA" },
172 { "ECDH-ECDSA-DES-CBC-SHA", "TLS-ECDH-ECDSA-WITH-DES-CBC-SHA" },
173 { "ECDH-ECDSA-RC4-SHA", "TLS-ECDH-ECDSA-WITH-RC4-128-SHA" },
174 { "ECDHE-ECDSA-AES128-GCM-SHA256", "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" },
175 { "ECDHE-ECDSA-AES128-SHA256", "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" },
176 { "ECDHE-ECDSA-AES128-SHA384", "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA384" },
177 { "ECDHE-ECDSA-AES128-SHA", "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA" },
178 { "ECDHE-ECDSA-AES256-GCM-SHA384", "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" },
179 { "ECDHE-ECDSA-AES256-SHA256", "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA256" },
180 { "ECDHE-ECDSA-AES256-SHA384", "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384" },
181 { "ECDHE-ECDSA-AES256-SHA", "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA" },
182 { "ECDHE-ECDSA-CAMELLIA128-SHA256", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256" },
183 { "ECDHE-ECDSA-CAMELLIA128-SHA", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA" },
184 { "ECDHE-ECDSA-CAMELLIA256-SHA256", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA256" },
185 { "ECDHE-ECDSA-CAMELLIA256-SHA", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA" },
186 { "ECDHE-ECDSA-CHACHA20-POLY1305", "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" },
187 { "ECDHE-ECDSA-DES-CBC3-SHA", "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA" },
188 { "ECDHE-ECDSA-DES-CBC-SHA", "TLS-ECDHE-ECDSA-WITH-DES-CBC-SHA" },
189 { "ECDHE-ECDSA-RC4-SHA", "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA" },
190 { "ECDHE-RSA-AES128-GCM-SHA256", "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256" },
191 { "ECDHE-RSA-AES128-SHA256", "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" },
192 { "ECDHE-RSA-AES128-SHA384", "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA384" },
193 { "ECDHE-RSA-AES128-SHA", "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" },
194 { "ECDHE-RSA-AES256-GCM-SHA384", "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" },
195 { "ECDHE-RSA-AES256-SHA256", "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA256" },
196 { "ECDHE-RSA-AES256-SHA384", "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" },
197 { "ECDHE-RSA-AES256-SHA", "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" },
198 { "ECDHE-RSA-CAMELLIA128-SHA256", "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256" },
199 { "ECDHE-RSA-CAMELLIA128-SHA", "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA" },
200 { "ECDHE-RSA-CAMELLIA256-SHA256", "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA256" },
201 { "ECDHE-RSA-CAMELLIA256-SHA", "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA" },
202 { "ECDHE-RSA-CHACHA20-POLY1305", "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" },
203 { "ECDHE-RSA-DES-CBC3-SHA", "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA" },
204 { "ECDHE-RSA-DES-CBC-SHA", "TLS-ECDHE-RSA-WITH-DES-CBC-SHA" },
205 { "ECDHE-RSA-RC4-SHA", "TLS-ECDHE-RSA-WITH-RC4-128-SHA" },
206 { "ECDH-RSA-AES128-GCM-SHA256", "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256" },
207 { "ECDH-RSA-AES128-SHA256", "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256" },
208 { "ECDH-RSA-AES128-SHA384", "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA384" },
209 { "ECDH-RSA-AES128-SHA", "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA" },
210 { "ECDH-RSA-AES256-GCM-SHA384", "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384" },
211 { "ECDH-RSA-AES256-SHA256", "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA256" },
212 { "ECDH-RSA-AES256-SHA384", "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384" },
213 { "ECDH-RSA-AES256-SHA", "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA" },
214 { "ECDH-RSA-CAMELLIA128-SHA256", "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256" },
215 { "ECDH-RSA-CAMELLIA128-SHA", "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA" },
216 { "ECDH-RSA-CAMELLIA256-SHA256", "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA256" },
217 { "ECDH-RSA-CAMELLIA256-SHA", "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA" },
218 { "ECDH-RSA-DES-CBC3-SHA", "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA" },
219 { "ECDH-RSA-DES-CBC-SHA", "TLS-ECDH-RSA-WITH-DES-CBC-SHA" },
220 { "ECDH-RSA-RC4-SHA", "TLS-ECDH-RSA-WITH-RC4-128-SHA" },
221 { "EDH-DSS-DES-CBC3-SHA", "TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA" },
222 { "EDH-DSS-DES-CBC-SHA", "TLS-DHE-DSS-WITH-DES-CBC-SHA" },
223 { "EDH-RSA-DES-CBC3-SHA", "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA" },
224 { "EDH-RSA-DES-CBC-SHA", "TLS-DHE-RSA-WITH-DES-CBC-SHA" },
225 { "EXP-DES-CBC-SHA", "TLS-RSA-EXPORT-WITH-DES40-CBC-SHA" },
226 { "EXP-EDH-DSS-DES-CBC-SHA", "TLS-DH-DSS-EXPORT-WITH-DES40-CBC-SHA" },
227 { "EXP-EDH-RSA-DES-CBC-SHA", "TLS-DH-RSA-EXPORT-WITH-DES40-CBC-SHA" },
228 { "EXP-RC2-CBC-MD5", "TLS-RSA-EXPORT-WITH-RC2-CBC-40-MD5" },
229 { "EXP-RC4-MD5", "TLS-RSA-EXPORT-WITH-RC4-40-MD5" },
230 { "NULL-MD5", "TLS-RSA-WITH-NULL-MD5" },
231 { "NULL-SHA256", "TLS-RSA-WITH-NULL-SHA256" },
232 { "NULL-SHA", "TLS-RSA-WITH-NULL-SHA" },
233 { "PSK-3DES-EDE-CBC-SHA", "TLS-PSK-WITH-3DES-EDE-CBC-SHA" },
234 { "PSK-AES128-CBC-SHA", "TLS-PSK-WITH-AES-128-CBC-SHA" },
235 { "PSK-AES256-CBC-SHA", "TLS-PSK-WITH-AES-256-CBC-SHA" },
236 { "PSK-RC4-SHA", "TLS-PSK-WITH-RC4-128-SHA" },
237 { "RC4-MD5", "TLS-RSA-WITH-RC4-128-MD5" },
238 { "RC4-SHA", "TLS-RSA-WITH-RC4-128-SHA" },
239 { "SEED-SHA", "TLS-RSA-WITH-SEED-CBC-SHA" },
240 { "SRP-DSS-3DES-EDE-CBC-SHA", "TLS-SRP-SHA-DSS-WITH-3DES-EDE-CBC-SHA" },
241 { "SRP-DSS-AES-128-CBC-SHA", "TLS-SRP-SHA-DSS-WITH-AES-128-CBC-SHA" },
242 { "SRP-DSS-AES-256-CBC-SHA", "TLS-SRP-SHA-DSS-WITH-AES-256-CBC-SHA" },
243 { "SRP-RSA-3DES-EDE-CBC-SHA", "TLS-SRP-SHA-RSA-WITH-3DES-EDE-CBC-SHA" },
244 { "SRP-RSA-AES-128-CBC-SHA", "TLS-SRP-SHA-RSA-WITH-AES-128-CBC-SHA" },
245 { "SRP-RSA-AES-256-CBC-SHA", "TLS-SRP-SHA-RSA-WITH-AES-256-CBC-SHA" },
246#ifdef ENABLE_CRYPTO_OPENSSL
247 /* OpenSSL-specific group names */
248 { "DEFAULT", "DEFAULT" },
249 { "ALL", "ALL" },
250 { "HIGH", "HIGH" },
251 { "!HIGH", "!HIGH" },
252 { "MEDIUM", "MEDIUM" },
253 { "!MEDIUM", "!MEDIUM" },
254 { "LOW", "LOW" },
255 { "!LOW", "!LOW" },
256 { "ECDH", "ECDH" },
257 { "!ECDH", "!ECDH" },
258 { "ECDSA", "ECDSA" },
259 { "!ECDSA", "!ECDSA" },
260 { "EDH", "EDH" },
261 { "!EDH", "!EDH" },
262 { "EXP", "EXP" },
263 { "!EXP", "!EXP" },
264 { "RSA", "RSA" },
265 { "!RSA", "!RSA" },
266 { "kRSA", "kRSA" },
267 { "!kRSA", "!kRSA" },
268 { "SRP", "SRP" },
269 { "!SRP", "!SRP" },
270#endif
271 { NULL, NULL }
272};
273
274const tls_cipher_name_pair *
275tls_get_cipher_name_pair(const char *cipher_name, size_t len)
276{
277 const tls_cipher_name_pair *pair = tls_cipher_name_translation_table;
278
279 while (pair->openssl_name != NULL)
280 {
281 if ((strlen(pair->openssl_name) == len && 0 == memcmp(cipher_name, pair->openssl_name, len))
282 || (strlen(pair->iana_name) == len && 0 == memcmp(cipher_name, pair->iana_name, len)))
283 {
284 return pair;
285 }
286 pair++;
287 }
288
289 /* No entry found, return NULL */
290 return NULL;
291}
292
293int
294get_num_elements(const char *string, char delimiter)
295{
296 int string_len = strlen(string);
297
298 ASSERT(0 != string_len);
299
300 int element_count = 1;
301 /* Get number of ciphers */
302 for (int i = 0; i < string_len; i++)
303 {
304 if (string[i] == delimiter)
305 {
306 element_count++;
307 }
308 }
309
310 return element_count;
311}
buf_printf
bool buf_printf(struct buffer *buf, const char *format,...)
Definition buffer.c:241
alloc_buf_gc
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition buffer.c:89
string_alloc
char * string_alloc(const char *str, struct gc_arena *gc)
Definition buffer.c:649
BSTR
#define BSTR(buf)
Definition buffer.h:128
buf_write
static bool buf_write(struct buffer *dest, const void *src, size_t size)
Definition buffer.h:660
ASSERT
#define ASSERT(x)
Definition error.h:217
tls_cipher_name_translation_table
static const tls_cipher_name_pair tls_cipher_name_translation_table[]
SSL/TLS Cipher suite name translation table.
Definition ssl_util.c:121
get_num_elements
int get_num_elements(const char *string, char delimiter)
Returns the occurrences of 'delimiter' in a string +1 This is typically used to find out the number e...
Definition ssl_util.c:294
extract_var_peer_info
char * extract_var_peer_info(const char *peer_info, const char *var, struct gc_arena *gc)
Extracts a variable from peer info, the returned string will be allocated using the supplied gc_arena...
Definition ssl_util.c:31
options_string_compat_lzo
const char * options_string_compat_lzo(const char *options, struct gc_arena *gc)
Takes a locally produced OCC string for TLS server mode and modifies as if the option comp-lzo was en...
Definition ssl_util.c:76
tls_get_cipher_name_pair
const tls_cipher_name_pair * tls_get_cipher_name_pair(const char *cipher_name, size_t len)
Definition ssl_util.c:275
extract_iv_proto
unsigned int extract_iv_proto(const char *peer_info)
Extracts the IV_PROTO variable and returns its value or 0 if it cannot be extracted.
Definition ssl_util.c:60
ssl_util.h
SSL utility functions.
buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60
buffer::len
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116
tls_cipher_name_pair
Get a tls_cipher_name_pair containing OpenSSL and IANA names for supplied TLS cipher name.
Definition ssl_util.h:77
i
int i
Definition test_push_update_msg.c:120
gc
struct gc_arena gc
Definition test_ssl.c:154
Generated by doxygen 1.9.8