115 #define SESSION_ID_PREFIX "SESS_ID_AT_" void add_session_token_env(struct tls_session *session, struct tls_multi *multi, const struct user_pass *up)
Put the session id, and auth token status into the environment if auth-token is enabled.
void generate_auth_token(const struct user_pass *up, struct tls_multi *multi)
Generate an auth token based on username and timestamp.
#define SESSION_ID_PREFIX
The prefix given to auth tokens start with, this prefix is special cased to not show up in log files ...
Security parameter state for a single VPN tunnel.
int memcmp_constant_time(const void *a, const void *b, size_t size)
As memcmp(), but constant-time.
Container for one set of cipher and/or HMAC contexts.
void wipe_auth_token(struct tls_multi *multi)
Wipes the authentication token out of the memory, frees and cleans up related buffers and flags...
Security parameter state of a single session within a VPN tunnel.
void auth_token_init_secret(struct key_ctx *key_ctx, const char *key_file, bool key_inline)
Loads an HMAC secret from a file or if no file is present generates a epheremal secret for the run ti...
void auth_token_write_server_key_file(const char *filename)
Generate a auth-token server secret key, and write to file.
unsigned verify_auth_token(struct user_pass *up, struct tls_multi *multi, struct tls_session *session)
Verifies the auth token to be in the format that generate_auth_token create and checks if the token i...
static bool is_auth_token(const char *password)
Return if the password string has the format of a password.