Security parameter state of a single session within a VPN tunnel. More...
#include <ssl_common.h>
Data Fields | |
| struct tls_options * | opt |
| bool | burst |
| struct tls_wrap_ctx | tls_wrap |
| struct tls_wrap_ctx | tls_wrap_reneg |
| int | initial_opcode |
| struct session_id | session_id |
| int | key_id |
| The current active key id, used to keep track of renegotiations. | |
| int | verify_maxlevel |
| char * | common_name |
| struct cert_hash_set * | cert_hash_set |
| bool | verified |
| struct link_socket_actual | untrusted_addr |
| struct key_state | key [KS_SIZE] |
Detailed Description
Security parameter state of a single session within a VPN tunnel.
This structure represents an OpenVPN peer-to-peer control channel session.
A tls_session remains over soft resets, but a new instance is initialized for each hard reset.
- See also
- This structure should be initialized using the
tls_session_init()function. - This structure should be cleaned up using the
tls_session_free()function.
- This structure should be initialized using the
Definition at line 479 of file ssl_common.h.
Field Documentation
◆ burst
| bool tls_session::burst |
Definition at line 485 of file ssl_common.h.
◆ cert_hash_set
| struct cert_hash_set* tls_session::cert_hash_set |
Definition at line 508 of file ssl_common.h.
Referenced by tls_lock_cert_hash_set().
◆ common_name
| char* tls_session::common_name |
Definition at line 506 of file ssl_common.h.
Referenced by tls_common_name(), and tls_lock_common_name().
◆ initial_opcode
| int tls_session::initial_opcode |
Definition at line 494 of file ssl_common.h.
◆ key
Definition at line 515 of file ssl_common.h.
Referenced by auth_token_test_env(), generate_auth_token(), get_key_scan(), get_primary_key(), management_client_pending_auth(), multi_process_post(), tls_deauthenticate(), and tls_multi_process().
◆ key_id
| int tls_session::key_id |
The current active key id, used to keep track of renegotiations.
key_id increments with each soft reset to KEY_ID_MASK then recycles back to 1. This way you know that if key_id is 0, it is the first key.
Definition at line 502 of file ssl_common.h.
Referenced by tls_pre_decrypt().
◆ opt
| struct tls_options* tls_session::opt |
Definition at line 482 of file ssl_common.h.
Referenced by auth_token_test_timeout(), multi_client_set_protocol_options(), setup(), and teardown().
◆ session_id
| struct session_id tls_session::session_id |
Definition at line 495 of file ssl_common.h.
◆ tls_wrap
| struct tls_wrap_ctx tls_session::tls_wrap |
Definition at line 488 of file ssl_common.h.
◆ tls_wrap_reneg
| struct tls_wrap_ctx tls_session::tls_wrap_reneg |
Definition at line 492 of file ssl_common.h.
◆ untrusted_addr
| struct link_socket_actual tls_session::untrusted_addr |
Definition at line 513 of file ssl_common.h.
◆ verified
| bool tls_session::verified |
Definition at line 510 of file ssl_common.h.
◆ verify_maxlevel
| int tls_session::verify_maxlevel |
Definition at line 504 of file ssl_common.h.
The documentation for this struct was generated from the following file:
- src/openvpn/ssl_common.h
