OpenVPN
Data Fields
tls_multi Struct Reference

Security parameter state for a single VPN tunnel. More...

#include <ssl_common.h>

Collaboration diagram for tls_multi:
Collaboration graph
[legend]

Data Fields

struct tls_options opt
 
struct key_statekey_scan [KEY_SCAN_SIZE]
 List of key_state objects in the order they should be scanned by data channel modules. More...
 
struct key_statesave_ks
 
struct link_socket_actual to_link_addr
 
int n_sessions
 Number of sessions negotiated thus far. More...
 
int n_hard_errors
 
int n_soft_errors
 
char * locked_cn
 
char * locked_username
 
struct cert_hash_setlocked_cert_hash_set
 
char * peer_info
 
uint32_t peer_id
 
bool use_peer_id
 
char * remote_ciphername
 cipher specified in peer's config file More...
 
char * auth_token
 If server sends a generated auth-token, this is the token to use for future user/pass authentications in this session. More...
 
time_t auth_token_tstamp
 timestamp of the generated token More...
 
bool auth_token_sent
 If server uses –auth-gen-token and token has been sent to client. More...
 
struct tls_session session [TM_SIZE]
 Array of tls_session objects representing control channel sessions with the remote peer. More...
 

Detailed Description

Security parameter state for a single VPN tunnel.

An active VPN tunnel running with TLS enabled has one tls_multi object, in which it stores all control channel and data channel security parameter state. This structure can contain multiple, possibly simultaneously active, tls_context objects to allow for interruption-less transitions during session renegotiations. Each tls_context represents one control channel session, which can span multiple data channel security parameter sessions stored in key_state structures.

Definition at line 503 of file ssl_common.h.

Field Documentation

◆ auth_token

char* tls_multi::auth_token

If server sends a generated auth-token, this is the token to use for future user/pass authentications in this session.

Definition at line 568 of file ssl_common.h.

Referenced by prepare_push_reply(), tls_multi_free(), verify_user_pass(), and wipe_auth_token().

◆ auth_token_sent

bool tls_multi::auth_token_sent

If server uses –auth-gen-token and token has been sent to client.

Definition at line 573 of file ssl_common.h.

Referenced by prepare_push_reply(), verify_user_pass(), and wipe_auth_token().

◆ auth_token_tstamp

time_t tls_multi::auth_token_tstamp

timestamp of the generated token

Definition at line 572 of file ssl_common.h.

Referenced by verify_user_pass().

◆ key_scan

struct key_state* tls_multi::key_scan[KEY_SCAN_SIZE]

List of key_state objects in the order they should be scanned by data channel modules.

Definition at line 511 of file ssl_common.h.

Referenced by print_key_id(), tls_authentication_status(), tls_multi_init(), tls_multi_process(), tls_pre_decrypt(), and tls_pre_encrypt().

◆ locked_cert_hash_set

struct cert_hash_set* tls_multi::locked_cert_hash_set

Definition at line 542 of file ssl_common.h.

Referenced by tls_lock_cert_hash_set(), tls_multi_free(), and verify_final_auth_checks().

◆ locked_cn

char* tls_multi::locked_cn

Definition at line 540 of file ssl_common.h.

Referenced by tls_lock_common_name(), tls_multi_free(), and verify_final_auth_checks().

◆ locked_username

char* tls_multi::locked_username

Definition at line 541 of file ssl_common.h.

Referenced by tls_lock_username(), tls_multi_free(), and tls_username().

◆ n_hard_errors

int tls_multi::n_hard_errors

Definition at line 534 of file ssl_common.h.

Referenced by check_tls_errors(), and tls_multi_process().

◆ n_sessions

int tls_multi::n_sessions

Number of sessions negotiated thus far.

Definition at line 528 of file ssl_common.h.

Referenced by tls_initial_packet_received(), and tls_pre_decrypt().

◆ n_soft_errors

int tls_multi::n_soft_errors

Definition at line 535 of file ssl_common.h.

Referenced by check_tls_errors(), tls_multi_process(), and tls_pre_decrypt().

◆ opt

struct tls_options tls_multi::opt

◆ peer_id

uint32_t tls_multi::peer_id

◆ peer_info

char* tls_multi::peer_info

Definition at line 559 of file ssl_common.h.

Referenced by key_method_2_read(), prepare_push_reply(), and tls_multi_free().

◆ remote_ciphername

char* tls_multi::remote_ciphername

cipher specified in peer's config file

Definition at line 566 of file ssl_common.h.

Referenced by do_deferred_options(), key_method_2_read(), prepare_push_reply(), and tls_multi_free().

◆ save_ks

struct key_state* tls_multi::save_ks

◆ session

struct tls_session tls_multi::session[TM_SIZE]

◆ to_link_addr

struct link_socket_actual tls_multi::to_link_addr

Definition at line 526 of file ssl_common.h.

Referenced by tls_multi_process().

◆ use_peer_id

bool tls_multi::use_peer_id

The documentation for this struct was generated from the following file: