OpenVPN
Data Fields
tls_multi Struct Reference

Security parameter state for a single VPN tunnel. More...

#include <ssl_common.h>

Collaboration diagram for tls_multi:
Collaboration graph
[legend]

Data Fields

struct tls_options opt
 
struct key_statesave_ks
 
struct link_socket_actual to_link_addr
 
int n_sessions
 Number of sessions negotiated thus far. More...
 
enum client_connect_status multi_state
 
int n_hard_errors
 
int n_soft_errors
 
char * locked_cn
 
char * locked_username
 
struct cert_hash_setlocked_cert_hash_set
 
time_t tas_cache_last_update
 Time of last when we updated the cached state of tls_authentication_status deferred files. More...
 
unsigned int tas_cache_num_updates
 The number of times we updated the cache. More...
 
char * client_reason
 
char * peer_info
 
char * auth_token
 If server sends a generated auth-token, this is the token to use for future user/pass authentications in this session. More...
 
char * auth_token_initial
 The first auth-token we sent to a client, for clients that do not update their auth-token (older OpenVPN3 core versions) More...
 
int auth_token_state_flags
 The state of the auth-token sent from the client last time. More...
 
uint32_t peer_id
 
bool use_peer_id
 
char * remote_ciphername
 cipher specified in peer's config file More...
 
bool remote_usescomp
 remote announced comp-lzo in OCC string More...
 
struct tls_session session [TM_SIZE]
 Array of tls_session objects representing control channel sessions with the remote peer. More...
 

Detailed Description

Security parameter state for a single VPN tunnel.

An active VPN tunnel running with TLS enabled has one tls_multi object, in which it stores all control channel and data channel security parameter state. This structure can contain multiple, possibly simultaneously active, tls_context objects to allow for interruption-less transitions during session renegotiations. Each tls_context represents one control channel session, which can span multiple data channel security parameter sessions stored in key_state structures.

Definition at line 542 of file ssl_common.h.

Field Documentation

◆ auth_token

char* tls_multi::auth_token

◆ auth_token_initial

char* tls_multi::auth_token_initial

The first auth-token we sent to a client, for clients that do not update their auth-token (older OpenVPN3 core versions)

Definition at line 600 of file ssl_common.h.

Referenced by auth_token_test_timeout(), prepare_auth_token_push_reply(), verify_auth_token(), verify_user_pass(), and wipe_auth_token().

◆ auth_token_state_flags

int tls_multi::auth_token_state_flags

The state of the auth-token sent from the client last time.

Definition at line 616 of file ssl_common.h.

Referenced by add_session_token_env(), auth_token_test_env(), generate_auth_token(), and verify_user_pass().

◆ client_reason

char* tls_multi::client_reason

Definition at line 589 of file ssl_common.h.

Referenced by auth_set_client_reason(), check_tls(), and tls_client_reason().

◆ locked_cert_hash_set

struct cert_hash_set* tls_multi::locked_cert_hash_set

Definition at line 577 of file ssl_common.h.

Referenced by tls_lock_cert_hash_set(), tls_multi_free(), and verify_final_auth_checks().

◆ locked_cn

char* tls_multi::locked_cn

Definition at line 575 of file ssl_common.h.

Referenced by tls_lock_common_name(), tls_multi_free(), and verify_final_auth_checks().

◆ locked_username

char* tls_multi::locked_username

Definition at line 576 of file ssl_common.h.

Referenced by tls_lock_username(), tls_multi_free(), and tls_username().

◆ multi_state

enum client_connect_status tls_multi::multi_state

◆ n_hard_errors

int tls_multi::n_hard_errors

Definition at line 569 of file ssl_common.h.

Referenced by check_tls_errors(), and tls_multi_process().

◆ n_sessions

int tls_multi::n_sessions

Number of sessions negotiated thus far.

Definition at line 562 of file ssl_common.h.

Referenced by tls_initial_packet_received(), and tls_pre_decrypt().

◆ n_soft_errors

int tls_multi::n_soft_errors

◆ opt

struct tls_options tls_multi::opt

◆ peer_id

uint32_t tls_multi::peer_id

◆ peer_info

char* tls_multi::peer_info

◆ remote_ciphername

char* tls_multi::remote_ciphername

cipher specified in peer's config file

Definition at line 623 of file ssl_common.h.

Referenced by check_pull_client_ncp(), key_method_2_read(), multi_client_set_protocol_options(), and tls_multi_free().

◆ remote_usescomp

bool tls_multi::remote_usescomp

remote announced comp-lzo in OCC string

Definition at line 624 of file ssl_common.h.

Referenced by key_method_2_read(), key_method_2_write(), and multi_client_connect_compress_migrate().

◆ save_ks

struct key_state* tls_multi::save_ks

◆ session

struct tls_session tls_multi::session[TM_SIZE]

◆ tas_cache_last_update

time_t tls_multi::tas_cache_last_update

Time of last when we updated the cached state of tls_authentication_status deferred files.

Definition at line 581 of file ssl_common.h.

Referenced by tls_authentication_status(), and tls_authentication_status_use_cache().

◆ tas_cache_num_updates

unsigned int tls_multi::tas_cache_num_updates

The number of times we updated the cache.

Definition at line 584 of file ssl_common.h.

Referenced by tls_authentication_status(), and tls_authentication_status_use_cache().

◆ to_link_addr

struct link_socket_actual tls_multi::to_link_addr

Definition at line 560 of file ssl_common.h.

Referenced by tls_multi_process().

◆ use_peer_id

bool tls_multi::use_peer_id

The documentation for this struct was generated from the following file: