OpenVPN
|
#include <ssl_common.h>
Definition at line 306 of file ssl_common.h.
uint64_t tls_options::aead_usage_limit |
limit for AEAD cipher when not running in epoch data key mode, this is the sum of packets + blocks that are allowed to be used
Definition at line 347 of file ssl_common.h.
bool tls_options::auth_token_call_auth |
always call normal authentication
Definition at line 404 of file ssl_common.h.
Referenced by do_init_crypto_tls().
bool tls_options::auth_token_generate |
Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate.
Definition at line 401 of file ssl_common.h.
Referenced by add_session_token_env(), do_init_crypto_tls(), and setup().
struct key_ctx tls_options::auth_token_key |
Definition at line 408 of file ssl_common.h.
Referenced by auth_token_fail_invalid_key(), auth_token_test_key_load(), auth_token_test_random_keys(), do_init_crypto_tls(), generate_auth_token(), setup(), teardown(), and verify_auth_token().
unsigned int tls_options::auth_token_lifetime |
Definition at line 405 of file ssl_common.h.
Referenced by auth_token_test_timeout(), do_init_crypto_tls(), setup(), and verify_auth_token().
unsigned int tls_options::auth_token_renewal |
Definition at line 406 of file ssl_common.h.
Referenced by auth_token_test_timeout(), do_init_crypto_tls(), and setup().
const char* tls_options::auth_user_pass_file |
Definition at line 398 of file ssl_common.h.
Referenced by do_init_crypto_tls().
bool tls_options::auth_user_pass_file_inline |
Definition at line 399 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::auth_user_pass_verify_script |
Definition at line 393 of file ssl_common.h.
Referenced by do_init_crypto_tls().
bool tls_options::auth_user_pass_verify_script_via_file |
Definition at line 395 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::client_config_dir_exclusive |
Definition at line 411 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::client_crresponse_script |
Definition at line 394 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::config_ciphername |
Definition at line 375 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::config_ncp_ciphers |
Definition at line 376 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::crl_file |
Definition at line 354 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_verify_crl_missing(), and verify_cert().
bool tls_options::crl_file_inline |
Definition at line 355 of file ssl_common.h.
Referenced by do_init_crypto_tls().
unsigned int tls_options::crypto_flags |
Definition at line 370 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and init_key_contexts().
bool tls_options::data_epoch_supported |
whether our underlying data channel supports new data channel features (epoch keys with AEAD tag at the end).
This is always true for the internal implementation but can be false for DCO implementations
Definition at line 382 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and multi_client_set_protocol_options().
bool tls_options::dco_enabled |
Whether keys have to be installed in DCO or not.
Definition at line 455 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::ekm_label |
Definition at line 451 of file ssl_common.h.
Referenced by do_init_crypto_tls().
size_t tls_options::ekm_label_size |
Definition at line 452 of file ssl_common.h.
Referenced by do_init_crypto_tls().
size_t tls_options::ekm_size |
Definition at line 453 of file ssl_common.h.
Referenced by do_init_crypto_tls().
struct env_set* tls_options::es |
Definition at line 414 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_gen_auth_control_files(), and verify_cert().
const char* tls_options::export_peer_cert_dir |
Definition at line 397 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
struct frame tls_options::frame |
Definition at line 390 of file ssl_common.h.
Referenced by do_init_frame_tls(), test_tls_crypt_secure_reneg_key(), tls_auth_standalone_init(), tls_multi_init_finalize(), and tls_process().
int tls_options::gremlin |
Definition at line 448 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_multi_process().
int tls_options::handshake_window |
Definition at line 341 of file ssl_common.h.
Referenced by auth_deferred_expire_window(), do_init_crypto_tls(), and send_auth_pending_messages().
struct key_type tls_options::key_type |
Definition at line 312 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::local_options |
Definition at line 322 of file ssl_common.h.
Referenced by tls_multi_init_set_options().
struct man_def_auth_context* tls_options::mda_context |
Definition at line 438 of file ssl_common.h.
Referenced by do_init_crypto_tls().
int tls_options::mode |
Definition at line 327 of file ssl_common.h.
Referenced by do_init_crypto_tls().
openvpn_net_ctx_t* tls_options::net_ctx |
Definition at line 415 of file ssl_common.h.
Referenced by do_init_crypto_tls().
int tls_options::ns_cert_type |
Definition at line 356 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
interval_t tls_options::packet_timeout |
Definition at line 342 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const struct plugin_list* tls_options::plugins |
Definition at line 416 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
bool tls_options::pull |
Definition at line 328 of file ssl_common.h.
Referenced by do_init_crypto_tls().
int tls_options::push_peer_info_detail |
The detail of info we push in peer info.
0 - nothing at all, P2MP server only 1 - only the most basic information to negotiate cipher and features for P2P NCP 2 - normal setting for clients 3 - full information including "sensitive data" like IV_HWADDR enabled by –push-peer-info
Definition at line 339 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::remote_cert_eku |
Definition at line 358 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
unsigned tls_options::remote_cert_ku[MAX_PARMS] |
Definition at line 357 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
const char* tls_options::remote_options |
Definition at line 323 of file ssl_common.h.
Referenced by tls_multi_init_set_options().
int64_t tls_options::renegotiate_bytes |
Definition at line 343 of file ssl_common.h.
Referenced by do_init_crypto_tls().
int64_t tls_options::renegotiate_packets |
Definition at line 344 of file ssl_common.h.
Referenced by do_init_crypto_tls().
interval_t tls_options::renegotiate_seconds |
Definition at line 348 of file ssl_common.h.
Referenced by auth_deferred_expire_window(), auth_token_test_timeout(), do_init_crypto_tls(), send_auth_pending_messages(), and setup().
int tls_options::replay_time |
Definition at line 373 of file ssl_common.h.
Referenced by do_init_crypto_tls(), test_tls_crypt_secure_reneg_key(), and tls_auth_standalone_init().
int tls_options::replay_window |
Definition at line 372 of file ssl_common.h.
Referenced by do_init_crypto_tls(), test_tls_crypt_secure_reneg_key(), and tls_auth_standalone_init().
const struct static_challenge_info* tls_options::sci |
Definition at line 444 of file ssl_common.h.
Referenced by do_init_crypto_tls().
bool tls_options::server |
Definition at line 315 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_pre_decrypt().
bool tls_options::single_session |
Definition at line 326 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_multi_process(), tls_pre_decrypt(), and tls_set_single_session().
struct tls_root_ctx tls_options::ssl_ctx |
Definition at line 309 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_verify_crl_missing().
unsigned int tls_options::ssl_flags |
Definition at line 435 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_verify_crl_missing(), and verify_cert().
bool tls_options::tls_crypt_v2 |
Definition at line 384 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::tls_crypt_v2_verify_script |
Definition at line 385 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_crypt_v2_extract_client_key(), and tls_crypt_v2_verify_metadata().
struct tls_wrap_ctx tls_options::tls_wrap |
TLS handshake wrapping state.
Definition at line 388 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_auth_standalone_init().
const char* tls_options::tmp_dir |
Definition at line 396 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_gen_auth_control_files(), and tls_crypt_v2_verify_metadata().
int tls_options::transition_window |
Definition at line 340 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::verify_command |
Definition at line 351 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
struct verify_hash_list* tls_options::verify_hash |
Definition at line 359 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
hash_algo_type tls_options::verify_hash_algo |
Definition at line 362 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
int tls_options::verify_hash_depth |
Definition at line 360 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
bool tls_options::verify_hash_no_ca |
Definition at line 361 of file ssl_common.h.
Referenced by do_init_crypto_tls().
const char* tls_options::verify_x509_name |
Definition at line 353 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
int tls_options::verify_x509_type |
Definition at line 352 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
const struct x509_track* tls_options::x509_track |
Definition at line 441 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
char* tls_options::x509_username_field[2] |
Definition at line 366 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
bool tls_options::xmit_hold |
Definition at line 318 of file ssl_common.h.
Referenced by do_init_crypto_tls().