OpenVPN 3 Core Library
Loading...
Searching...
No Matches
Public Types | Public Member Functions | Public Attributes | Private Types | Private Member Functions | List of all members
openvpn::ProtoContext::ProtoConfig Class Reference

#include <proto.hpp>

Inheritance diagram for openvpn::ProtoContext::ProtoConfig:
[legend]
Collaboration diagram for openvpn::ProtoContext::ProtoConfig:
[legend]

Public Types

enum  TLSCrypt { None = 0 , V1 = (1 << 0) , V2 = (1 << 1) , Dynamic = (1 << 2) }
 
using Ptr = RCPtr< ProtoConfig >
 

Public Member Functions

void load (const OptionList &opt, const ProtoContextCompressionOptions &pco, const int default_key_direction, const bool server)
 
void enable_dynamic_tls_crypt ()
 
void process_push (const OptionList &opt, const ProtoContextCompressionOptions &pco)
 
void parse_custom_app_control (const OptionList &opt)
 
void parse_pushed_data_channel_options (const OptionList &opt)
 
void parse_pushed_peer_id (const OptionList &opt)
 
void parse_pushed_protocol_flags (const OptionList &opt)
 
void parse_pushed_compression (const OptionList &opt, const ProtoContextCompressionOptions &pco)
 
void get_data_channel_options (std::ostringstream &os) const
 
void show_cc_enc_option (std::ostringstream &os) const
 
std::string show_options () const
 
void set_protocol (const Protocol &p)
 
void set_tls_auth_digest (const CryptoAlgs::Type digest)
 
void set_tls_crypt_algs ()
 
void set_xmit_creds (const bool xmit_creds_arg)
 
bool tls_auth_enabled () const
 
bool tls_crypt_enabled () const
 
bool tls_crypt_v2_enabled () const
 
bool dynamic_tls_crypt_enabled () const
 
std::string options_string ()
 
void build_connect_time_peer_info_string (TransportClient::Ptr transport)
 
std::string peer_info_string (bool supports_epoch_data) const
 
unsigned int link_mtu_adjust ()
 
- Public Member Functions inherited from openvpn::RCCopyable< thread_unsafe_refcount >
virtual ~RCCopyable ()=default
 
 RCCopyable () noexcept=default
 
 RCCopyable (const RCCopyable &) noexcept
 Construct a new RCCopyable object.
 
 RCCopyable (RCCopyable &&) noexcept
 Construct a new RCCopyable object by move.
 
RCCopyableoperator= (const RCCopyable &) noexcept
 Ensures the new ref count is not copied with the rest of the object.
 
RCCopyableoperator= (RCCopyable &&) noexcept
 Ensures the new ref count is not moved with the rest of the object.
 
olong use_count () const noexcept
 Returns the use count as reported by defering to the injected ref count type.
 

Public Attributes

SSLFactoryAPI::Ptr ssl_factory
 
CryptoDCSettings dc
 
TLSPRFFactory::Ptr tlsprf_factory
 
Frame::Ptr frame
 
TimePtr now
 
StrongRandomAPI::Ptr rng
 
RandomAPI::Ptr prng
 
bool relay_mode = false
 
bool dc_deferred = false
 
bool xmit_creds = true
 
bool cc_exit_notify = false
 
Protocol protocol
 
Layer layer
 
CompressContext comp_ctx
 
OpenVPNStaticKey tls_auth_key
 leave this undefined to disable tls_auth
 
OpenVPNStaticKey tls_crypt_key
 leave this undefined to disable tls-crypt/tls-crypt-v2
 
OpenVPNStaticKey wrapped_tls_crypt_key
 For TLS crypt V2, this (if defined()) is the wrapped WKc client key.
 
unsigned tls_crypt_ = TLSCrypt::None
 needed to distinguish between tls-crypt and tls-crypt-v2 server mode
 
bool tls_crypt_v2_serverkey_id = false
 do we expect keys to contain a server key ID?
 
std::string tls_crypt_v2_serverkey_dir
 server keys location, if tls_crypt_v2_serverkey_id is true
 
BufferAllocated wkc
 leave this undefined to disable tls-crypt-v2 on client
 
OvpnHMACFactory::Ptr tls_auth_factory
 
OvpnHMACContext::Ptr tls_auth_context
 
int key_direction = -1
 
TLSCryptFactory::Ptr tls_crypt_factory
 
TLSCryptContext::Ptr tls_crypt_context
 
TLSCryptMetadataFactory::Ptr tls_crypt_metadata_factory
 
Time::Duration handshake_window
 
Time::Duration become_primary
 
Time::Duration renegotiate
 
Time::Duration expire
 
Time::Duration tls_timeout
 
Time::Duration keepalive_ping
 
Time::Duration keepalive_timeout
 
Time::Duration keepalive_timeout_early
 
PeerInfo::Set::Ptr extra_peer_info
 extra peer info key/value pairs generated by client app
 
AppControlMessageConfig app_control_config
 
AppControlMessageReceiver app_control_recv
 
PeerInfo::Set::Ptr extra_peer_info_transport
 
bool extra_peer_info_push_peerinfo = false
 
bool enable_op32 = false
 
int remote_peer_id = -1
 
int local_peer_id = -1
 
unsigned int tun_mtu = TUN_MTU_DEFAULT
 
unsigned int tun_mtu_max = TUN_MTU_DEFAULT + 100
 
MSSParms mss_parms
 
unsigned int mss_fix = 0
 
std::string initial_options
 
bool auth_nocache = false
 

Private Types

enum  LoadCommonType { LOAD_COMMON_SERVER , LOAD_COMMON_CLIENT , LOAD_COMMON_CLIENT_PUSHED }
 

Private Member Functions

void load_common (const OptionList &opt, const ProtoContextCompressionOptions &pco, const LoadCommonType type)
 
std::string relay_prefix (const char *optname) const
 

Detailed Description

Definition at line 336 of file proto.hpp.

Member Typedef Documentation

◆ Ptr

using openvpn::ProtoContext::ProtoConfig::Ptr = RCPtr<ProtoConfig>

Definition at line 339 of file proto.hpp.

Member Enumeration Documentation

◆ LoadCommonType

enum openvpn::ProtoContext::ProtoConfig::LoadCommonType
private
Enumerator
LOAD_COMMON_SERVER 
LOAD_COMMON_CLIENT 
LOAD_COMMON_CLIENT_PUSHED 

Definition at line 1214 of file proto.hpp.

◆ TLSCrypt

enum openvpn::ProtoContext::ProtoConfig::TLSCrypt
Enumerator
None 
V1 
V2 
Dynamic 

Definition at line 390 of file proto.hpp.

Member Function Documentation

◆ build_connect_time_peer_info_string()

void openvpn::ProtoContext::ProtoConfig::build_connect_time_peer_info_string ( TransportClient::Ptr  transport)
inline

This method adds the parts of the peer info string that depend on the state of the connection, especially the remote that we are connecting to.

Definition at line 1097 of file proto.hpp.

Here is the caller graph for this function:

◆ dynamic_tls_crypt_enabled()

bool openvpn::ProtoContext::ProtoConfig::dynamic_tls_crypt_enabled ( ) const
inline

Definition at line 1036 of file proto.hpp.

Here is the caller graph for this function:

◆ enable_dynamic_tls_crypt()

void openvpn::ProtoContext::ProtoConfig::enable_dynamic_tls_crypt ( )
inline

Fire up the infrastructure needed in order to be able to process dynamic TLS-crypt renegotiation.

Definition at line 694 of file proto.hpp.

Here is the caller graph for this function:

◆ get_data_channel_options()

void openvpn::ProtoContext::ProtoConfig::get_data_channel_options ( std::ostringstream &  os) const
inline

Definition at line 934 of file proto.hpp.

Here is the caller graph for this function:

◆ link_mtu_adjust()

unsigned int openvpn::ProtoContext::ProtoConfig::link_mtu_adjust ( )
inline

Definition at line 1190 of file proto.hpp.

Here is the caller graph for this function:

◆ load()

void openvpn::ProtoContext::ProtoConfig::load ( const OptionList opt,
const ProtoContextCompressionOptions pco,
const int  default_key_direction,
const bool  server 
)
inline

Definition at line 471 of file proto.hpp.

◆ load_common()

void openvpn::ProtoContext::ProtoConfig::load_common ( const OptionList opt,
const ProtoContextCompressionOptions pco,
const LoadCommonType  type 
)
inlineprivate

Definition at line 1222 of file proto.hpp.

Here is the caller graph for this function:

◆ options_string()

std::string openvpn::ProtoContext::ProtoConfig::options_string ( )
inline

Definition at line 1043 of file proto.hpp.

◆ parse_custom_app_control()

void openvpn::ProtoContext::ProtoConfig::parse_custom_app_control ( const OptionList opt)
inline

Definition at line 732 of file proto.hpp.

Here is the caller graph for this function:

◆ parse_pushed_compression()

void openvpn::ProtoContext::ProtoConfig::parse_pushed_compression ( const OptionList opt,
const ProtoContextCompressionOptions pco 
)
inline

Definition at line 882 of file proto.hpp.

Here is the caller graph for this function:

◆ parse_pushed_data_channel_options()

void openvpn::ProtoContext::ProtoConfig::parse_pushed_data_channel_options ( const OptionList opt)
inline

Definition at line 760 of file proto.hpp.

Here is the caller graph for this function:

◆ parse_pushed_peer_id()

void openvpn::ProtoContext::ProtoConfig::parse_pushed_peer_id ( const OptionList opt)
inline

Definition at line 797 of file proto.hpp.

Here is the caller graph for this function:

◆ parse_pushed_protocol_flags()

void openvpn::ProtoContext::ProtoConfig::parse_pushed_protocol_flags ( const OptionList opt)
inline

Definition at line 820 of file proto.hpp.

Here is the caller graph for this function:

◆ peer_info_string()

std::string openvpn::ProtoContext::ProtoConfig::peer_info_string ( bool  supports_epoch_data) const
inline

Definition at line 1115 of file proto.hpp.

◆ process_push()

void openvpn::ProtoContext::ProtoConfig::process_push ( const OptionList opt,
const ProtoContextCompressionOptions pco 
)
inline

Definition at line 701 of file proto.hpp.

◆ relay_prefix()

std::string openvpn::ProtoContext::ProtoConfig::relay_prefix ( const char *  optname) const
inlineprivate

Definition at line 1272 of file proto.hpp.

Here is the caller graph for this function:

◆ set_protocol()

void openvpn::ProtoContext::ProtoConfig::set_protocol ( const Protocol p)
inline

Definition at line 988 of file proto.hpp.

◆ set_tls_auth_digest()

void openvpn::ProtoContext::ProtoConfig::set_tls_auth_digest ( const CryptoAlgs::Type  digest)
inline

Definition at line 994 of file proto.hpp.

Here is the caller graph for this function:

◆ set_tls_crypt_algs()

void openvpn::ProtoContext::ProtoConfig::set_tls_crypt_algs ( )
inline

Definition at line 999 of file proto.hpp.

Here is the caller graph for this function:

◆ set_xmit_creds()

void openvpn::ProtoContext::ProtoConfig::set_xmit_creds ( const bool  xmit_creds_arg)
inline

Definition at line 1016 of file proto.hpp.

Here is the caller graph for this function:

◆ show_cc_enc_option()

void openvpn::ProtoContext::ProtoConfig::show_cc_enc_option ( std::ostringstream &  os) const
inline

Definition at line 949 of file proto.hpp.

Here is the caller graph for this function:

◆ show_options()

std::string openvpn::ProtoContext::ProtoConfig::show_options ( ) const
inline

Definition at line 969 of file proto.hpp.

Here is the caller graph for this function:

◆ tls_auth_enabled()

bool openvpn::ProtoContext::ProtoConfig::tls_auth_enabled ( ) const
inline

Definition at line 1021 of file proto.hpp.

Here is the caller graph for this function:

◆ tls_crypt_enabled()

bool openvpn::ProtoContext::ProtoConfig::tls_crypt_enabled ( ) const
inline

Definition at line 1026 of file proto.hpp.

Here is the caller graph for this function:

◆ tls_crypt_v2_enabled()

bool openvpn::ProtoContext::ProtoConfig::tls_crypt_v2_enabled ( ) const
inline

Definition at line 1031 of file proto.hpp.

Here is the caller graph for this function:

Member Data Documentation

◆ app_control_config

AppControlMessageConfig openvpn::ProtoContext::ProtoConfig::app_control_config

Definition at line 444 of file proto.hpp.

◆ app_control_recv

AppControlMessageReceiver openvpn::ProtoContext::ProtoConfig::app_control_recv

Definition at line 445 of file proto.hpp.

◆ auth_nocache

bool openvpn::ProtoContext::ProtoConfig::auth_nocache = false

Definition at line 469 of file proto.hpp.

◆ become_primary

Time::Duration openvpn::ProtoContext::ProtoConfig::become_primary

Definition at line 430 of file proto.hpp.

◆ cc_exit_notify

bool openvpn::ProtoContext::ProtoConfig::cc_exit_notify = false

Definition at line 378 of file proto.hpp.

◆ comp_ctx

CompressContext openvpn::ProtoContext::ProtoConfig::comp_ctx

Definition at line 387 of file proto.hpp.

◆ dc

CryptoDCSettings openvpn::ProtoContext::ProtoConfig::dc

Definition at line 345 of file proto.hpp.

◆ dc_deferred

bool openvpn::ProtoContext::ProtoConfig::dc_deferred = false

Definition at line 372 of file proto.hpp.

◆ enable_op32

bool openvpn::ProtoContext::ProtoConfig::enable_op32 = false

Definition at line 455 of file proto.hpp.

◆ expire

Time::Duration openvpn::ProtoContext::ProtoConfig::expire

Definition at line 432 of file proto.hpp.

◆ extra_peer_info

PeerInfo::Set::Ptr openvpn::ProtoContext::ProtoConfig::extra_peer_info

extra peer info key/value pairs generated by client app

Definition at line 441 of file proto.hpp.

◆ extra_peer_info_push_peerinfo

bool openvpn::ProtoContext::ProtoConfig::extra_peer_info_push_peerinfo = false

When the extra_peer_info_transport is being built, we need to remember if it should include the more sensitive information that push-peer-info includes

Definition at line 452 of file proto.hpp.

◆ extra_peer_info_transport

PeerInfo::Set::Ptr openvpn::ProtoContext::ProtoConfig::extra_peer_info_transport

extra peer information that depends on the state of the underlying transport and needs to be initialised after the transport is initialised but before the IV variables are sent

Definition at line 448 of file proto.hpp.

◆ frame

Frame::Ptr openvpn::ProtoContext::ProtoConfig::frame

Definition at line 351 of file proto.hpp.

◆ handshake_window

Time::Duration openvpn::ProtoContext::ProtoConfig::handshake_window

Definition at line 429 of file proto.hpp.

◆ initial_options

std::string openvpn::ProtoContext::ProtoConfig::initial_options

Definition at line 467 of file proto.hpp.

◆ keepalive_ping

Time::Duration openvpn::ProtoContext::ProtoConfig::keepalive_ping

Definition at line 436 of file proto.hpp.

◆ keepalive_timeout

Time::Duration openvpn::ProtoContext::ProtoConfig::keepalive_timeout

Definition at line 437 of file proto.hpp.

◆ keepalive_timeout_early

Time::Duration openvpn::ProtoContext::ProtoConfig::keepalive_timeout_early

Definition at line 438 of file proto.hpp.

◆ key_direction

int openvpn::ProtoContext::ProtoConfig::key_direction = -1

Definition at line 421 of file proto.hpp.

◆ layer

Layer openvpn::ProtoContext::ProtoConfig::layer

Definition at line 384 of file proto.hpp.

◆ local_peer_id

int openvpn::ProtoContext::ProtoConfig::local_peer_id = -1

Definition at line 457 of file proto.hpp.

◆ mss_fix

unsigned int openvpn::ProtoContext::ProtoConfig::mss_fix = 0

Definition at line 463 of file proto.hpp.

◆ mss_parms

MSSParms openvpn::ProtoContext::ProtoConfig::mss_parms

Definition at line 462 of file proto.hpp.

◆ now

TimePtr openvpn::ProtoContext::ProtoConfig::now

Definition at line 354 of file proto.hpp.

◆ prng

RandomAPI::Ptr openvpn::ProtoContext::ProtoConfig::prng

Definition at line 365 of file proto.hpp.

◆ protocol

Protocol openvpn::ProtoContext::ProtoConfig::protocol

Definition at line 381 of file proto.hpp.

◆ relay_mode

bool openvpn::ProtoContext::ProtoConfig::relay_mode = false

Definition at line 369 of file proto.hpp.

◆ remote_peer_id

int openvpn::ProtoContext::ProtoConfig::remote_peer_id = -1

Definition at line 456 of file proto.hpp.

◆ renegotiate

Time::Duration openvpn::ProtoContext::ProtoConfig::renegotiate

Definition at line 431 of file proto.hpp.

◆ rng

StrongRandomAPI::Ptr openvpn::ProtoContext::ProtoConfig::rng

Definition at line 359 of file proto.hpp.

◆ ssl_factory

SSLFactoryAPI::Ptr openvpn::ProtoContext::ProtoConfig::ssl_factory

Definition at line 342 of file proto.hpp.

◆ tls_auth_context

OvpnHMACContext::Ptr openvpn::ProtoContext::ProtoConfig::tls_auth_context

Definition at line 420 of file proto.hpp.

◆ tls_auth_factory

OvpnHMACFactory::Ptr openvpn::ProtoContext::ProtoConfig::tls_auth_factory

Definition at line 419 of file proto.hpp.

◆ tls_auth_key

OpenVPNStaticKey openvpn::ProtoContext::ProtoConfig::tls_auth_key

leave this undefined to disable tls_auth

Definition at line 399 of file proto.hpp.

◆ tls_crypt_

unsigned openvpn::ProtoContext::ProtoConfig::tls_crypt_ = TLSCrypt::None

needed to distinguish between tls-crypt and tls-crypt-v2 server mode

Definition at line 408 of file proto.hpp.

◆ tls_crypt_context

TLSCryptContext::Ptr openvpn::ProtoContext::ProtoConfig::tls_crypt_context

Definition at line 424 of file proto.hpp.

◆ tls_crypt_factory

TLSCryptFactory::Ptr openvpn::ProtoContext::ProtoConfig::tls_crypt_factory

Definition at line 423 of file proto.hpp.

◆ tls_crypt_key

OpenVPNStaticKey openvpn::ProtoContext::ProtoConfig::tls_crypt_key

leave this undefined to disable tls-crypt/tls-crypt-v2

Definition at line 402 of file proto.hpp.

◆ tls_crypt_metadata_factory

TLSCryptMetadataFactory::Ptr openvpn::ProtoContext::ProtoConfig::tls_crypt_metadata_factory

Definition at line 426 of file proto.hpp.

◆ tls_crypt_v2_serverkey_dir

std::string openvpn::ProtoContext::ProtoConfig::tls_crypt_v2_serverkey_dir

server keys location, if tls_crypt_v2_serverkey_id is true

Definition at line 414 of file proto.hpp.

◆ tls_crypt_v2_serverkey_id

bool openvpn::ProtoContext::ProtoConfig::tls_crypt_v2_serverkey_id = false

do we expect keys to contain a server key ID?

Definition at line 411 of file proto.hpp.

◆ tls_timeout

Time::Duration openvpn::ProtoContext::ProtoConfig::tls_timeout

Definition at line 433 of file proto.hpp.

◆ tlsprf_factory

TLSPRFFactory::Ptr openvpn::ProtoContext::ProtoConfig::tlsprf_factory

Definition at line 348 of file proto.hpp.

◆ tun_mtu

unsigned int openvpn::ProtoContext::ProtoConfig::tun_mtu = TUN_MTU_DEFAULT

Definition at line 460 of file proto.hpp.

◆ tun_mtu_max

unsigned int openvpn::ProtoContext::ProtoConfig::tun_mtu_max = TUN_MTU_DEFAULT + 100

Definition at line 461 of file proto.hpp.

◆ wkc

BufferAllocated openvpn::ProtoContext::ProtoConfig::wkc

leave this undefined to disable tls-crypt-v2 on client

Definition at line 417 of file proto.hpp.

◆ wrapped_tls_crypt_key

OpenVPNStaticKey openvpn::ProtoContext::ProtoConfig::wrapped_tls_crypt_key

For TLS crypt V2, this (if defined()) is the wrapped WKc client key.

Definition at line 405 of file proto.hpp.

◆ xmit_creds

bool openvpn::ProtoContext::ProtoConfig::xmit_creds = true

Definition at line 375 of file proto.hpp.

The documentation for this class was generated from the following file: