OpenVPN
ssl_common.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>
9  * Copyright (C) 2010-2021 Fox Crypto B.V. <openvpn@foxcrypto.com>
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License version 2
13  * as published by the Free Software Foundation.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License along
21  * with this program; if not, write to the Free Software Foundation, Inc.,
22  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23  */
24 
29 #ifndef SSL_COMMON_H_
30 #define SSL_COMMON_H_
31 
32 #include "session_id.h"
33 #include "socket.h"
34 #include "packet_id.h"
35 #include "crypto.h"
36 #include "options.h"
37 
38 #include "ssl_backend.h"
39 
40 /* passwords */
41 #define UP_TYPE_AUTH "Auth"
42 #define UP_TYPE_PRIVATE_KEY "Private Key"
43 
77 #define S_ERROR (-2)
78 #define S_ERROR_PRE (-1)
81 #define S_UNDEF 0
83 #define S_INITIAL 1
86 #define S_PRE_START 2
89 #define S_START 3
91 #define S_SENT_KEY 4
93 #define S_GOT_KEY 5
96 #define S_ACTIVE 6
101 #define S_GENERATED_KEYS 7
105 /* Note that earlier versions also had a S_OP_NORMAL state that was
106  * virtually identical with S_ACTIVE and the code still assumes everything
107  * >= S_ACTIVE to be fully operational */
108 
116 struct key_source {
117  uint8_t pre_master[48];
120  uint8_t random1[32];
123  uint8_t random2[32];
125 };
126 
127 
133 struct key_source2 {
136 };
137 
138 
155 };
156 
158 {
162  unsigned int auth_control_status;
163 };
164 
165 /* key_state_test_auth_control_file return values, these specify the
166  * current status of a deferred authentication */
172 };
173 
178 };
179 
198 struct key_state
199 {
200  int state;
203 
208  int key_id;
209 
214  uint32_t peer_id;
215 
216  struct key_state_ssl ks_ssl; /* contains SSL object and BIOs for the control channel */
217 
218  time_t initial; /* when we created this session */
219  time_t established; /* when our state went S_ACTIVE */
220  time_t must_negotiate; /* key negotiation times out if not finished before this time */
221  time_t must_die; /* this object is destroyed at this time */
222  time_t peer_last_packet; /* Last time we received a packet in this control session */
223 
224  int initial_opcode; /* our initial P_ opcode */
225  struct session_id session_id_remote; /* peer's random session ID */
226  struct link_socket_actual remote_addr; /* peer's IP addr */
227 
228  struct crypto_options crypto_options;/* data channel crypto options */
229 
230  struct key_source2 *key_src; /* source entropy for key expansion */
231 
235 
236  struct reliable *send_reliable; /* holds a copy of outgoing packets until ACK received */
237  struct reliable *rec_reliable; /* order incoming ciphertext packets before we pass to TLS */
238  struct reliable_ack *rec_ack; /* buffers all packet IDs we want to ACK back to sender */
239  struct reliable_ack *lru_acks; /* keeps the most recently acked packages*/
240 
244  counter_type n_bytes; /* how many bytes sent/recvd since last key exchange */
245  counter_type n_packets; /* how many packets sent/recvd since last key exchange */
246 
247  /*
248  * If bad username/password, TLS connection will come up but 'authenticated' will be false.
249  */
252 
253 #ifdef ENABLE_MANAGEMENT
254  unsigned int mda_key_id;
256 #endif
257  time_t acf_last_mod;
258 
261 
263 };
264 
267 {
268  enum {
272  } mode;
274  struct buffer work;
276  const struct buffer *tls_crypt_v2_wkc;
290 };
291 
292 /*
293  * Our const options, obtained directly or derived from
294  * command line options.
295  */
297 {
298  /* our master TLS context from which all SSL objects derived */
300 
301  /* data channel cipher, hmac, and key lengths */
303 
304  /* true if we are a TLS server, client otherwise */
305  bool server;
306 
307  /* if true, don't xmit until first packet from peer is received */
308  bool xmit_hold;
309 
310  /* local and remote options strings
311  * that must match between client and server */
312  const char *local_options;
313  const char *remote_options;
314 
315  /* from command line */
318  int mode;
319  bool pull;
337 
338  /* cert verification parms */
339  const char *verify_command;
341  const char *verify_x509_name;
342  const char *crl_file;
346  const char *remote_cert_eku;
351 #ifdef ENABLE_X509ALTUSERNAME
353 #else
355 #endif
356 
357  /* struct crypto_option flags */
358  unsigned int crypto_flags;
359 
360  int replay_window; /* --replay-window parm */
361  int replay_time; /* --replay-window parm */
362  bool tcp_mode;
363 
364  const char *config_ciphername;
365  const char *config_ncp_ciphers;
366 
369 
372 
373  struct frame frame;
374 
375  /* used for username/password authentication */
379  const char *tmp_dir;
380  const char *export_peer_cert_dir;
381  const char *auth_user_pass_file;
383 
388  unsigned int auth_token_lifetime;
389  unsigned int auth_token_renewal;
390 
392 
393  /* use the client-config-dir as a positive authenticator */
395 
396  /* instance-wide environment variable set */
397  struct env_set *es;
399  const struct plugin_list *plugins;
400 
401  /* compression parms */
402 #ifdef USE_COMP
403  struct compress_options comp_options;
404 #endif
405 
406  /* configuration file SSL-related boolean and low-permutation options */
407 #define SSLF_CLIENT_CERT_NOT_REQUIRED (1<<0)
408 #define SSLF_CLIENT_CERT_OPTIONAL (1<<1)
409 #define SSLF_USERNAME_AS_COMMON_NAME (1<<2)
410 #define SSLF_AUTH_USER_PASS_OPTIONAL (1<<3)
411 #define SSLF_OPT_VERIFY (1<<4)
412 #define SSLF_CRL_VERIFY_DIR (1<<5)
413 #define SSLF_TLS_VERSION_MIN_SHIFT 6
414 #define SSLF_TLS_VERSION_MIN_MASK 0xF /* (uses bit positions 6 to 9) */
415 #define SSLF_TLS_VERSION_MAX_SHIFT 10
416 #define SSLF_TLS_VERSION_MAX_MASK 0xF /* (uses bit positions 10 to 13) */
417 #define SSLF_TLS_DEBUG_ENABLED (1<<14)
418  unsigned int ssl_flags;
419 
420 #ifdef ENABLE_MANAGEMENT
422 #endif
423 
424  const struct x509_track *x509_track;
425 
426 #ifdef ENABLE_MANAGEMENT
427  const struct static_challenge_info *sci;
428 #endif
429 
430  /* --gremlin bits */
431  int gremlin;
432 
433  /* Keying Material Exporter [RFC 5705] parameters */
434  const char *ekm_label;
436  size_t ekm_size;
437 
438  bool dco_enabled;
439 };
440 
448 #define KS_PRIMARY 0
449 #define KS_LAME_DUCK 1
451 #define KS_SIZE 2
471 struct tls_session
472 {
473  /* const options and config info */
474  struct tls_options *opt;
475 
476  /* during hard reset used to control burst retransmit */
477  bool burst;
478 
479  /* authenticate control packets */
480  struct tls_wrap_ctx tls_wrap;
481 
482  /* Specific tls-crypt for renegotiations, if this is valid,
483  * tls_wrap_reneg.mode is TLS_WRAP_CRYPT, otherwise ignore it */
484  struct tls_wrap_ctx tls_wrap_reneg;
485 
486  int initial_opcode; /* our initial P_ opcode */
487  struct session_id session_id; /* our random session ID */
488 
494  int key_id;
495 
496  int limit_next; /* used for traffic shaping on the control channel */
497 
499 
500  char *common_name;
501 
503 
504  bool verified; /* true if peer certificate was verified against CA */
505 
506  /* not-yet-authenticated incoming client */
507  struct link_socket_actual untrusted_addr;
508 
510 };
511 
529 #define TM_ACTIVE 0
530 #define TM_INITIAL 1
532 #define TM_LAME_DUCK 2
533 #define TM_SIZE 3
539 /*
540  * The number of keys we will scan on encrypt or decrypt. The first
541  * is the "active" key. The second is the lame_duck or retiring key
542  * associated with the active key's session ID. The third is a detached
543  * lame duck session that only occurs in situations where a key renegotiate
544  * failed on the active key, but a lame duck key was still valid. By
545  * preserving the lame duck session, we can be assured of having a data
546  * channel key available even when network conditions are so bad that
547  * we can't negotiate a new key within the time allotted.
548  */
549 #define KEY_SCAN_SIZE 3
550 
551 
552 /* multi state (originally client authentication state (=CAS))
553  * CAS_NOT_CONNECTED must be 0 since non multi code paths still check
554  * this variable but do not explicitly initialise it and depend
555  * on zero initialisation */
556 
557 /* CAS_NOT_CONNECTED is the initial state for every context. When the *first*
558  * tls_session reaches S_ACTIVE, this state machine moves to CAS_PENDING (server)
559  * or CAS_CONNECT_DONE (client/p2p) as clients skip the stages associated with
560  * connect scripts/plugins */
574 };
575 
576 
590 struct tls_multi
591 {
592  /* used to coordinate access between main thread and TLS thread */
593  /*MUTEX_PTR_DEFINE (mutex);*/
594 
595  /* const options and config info */
596  struct tls_options opt;
597 
598  /*
599  * used by tls_pre_encrypt to communicate the encrypt key
600  * to tls_post_encrypt()
601  */
602  struct key_state *save_ks; /* temporary pointer used between pre/post routines */
603 
604  /*
605  * Used to return outgoing address from
606  * tls_multi_process.
607  */
609 
613 
614  /*
615  * Number of errors.
616  */
617  int n_hard_errors; /* errors due to TLS negotiation failure */
618  int n_soft_errors; /* errors due to unrecognized or failed-to-authenticate incoming packets */
619 
620  /*
621  * Our locked common name, username, and cert hashes (cannot change during the life of this tls_multi object)
622  */
623  char *locked_cn;
626 
630 
632  unsigned int tas_cache_num_updates;
633 
634  /*
635  * An error message to send to client on AUTH_FAILED
636  */
638 
639  /*
640  * A multi-line string of general-purpose info received from peer
641  * over control channel.
642  */
643  char *peer_info;
644  char *auth_token;
652 #define AUTH_TOKEN_HMAC_OK (1<<0)
653 
654 #define AUTH_TOKEN_EXPIRED (1<<1)
655 
656 #define AUTH_TOKEN_VALID_EMPTYUSER (1<<2)
657 
665  /* For P_DATA_V2 */
666  uint32_t peer_id;
668 
672  /*
673  * Our session objects.
674  */
680  /* Only used when DCO is used to remember how many keys we installed
681  * for this session */
691 
693 };
694 
698 static inline struct key_state *
699 get_key_scan(struct tls_multi *multi, int index)
700 {
701  switch (index)
702  {
703  case 0:
704  return &multi->session[TM_ACTIVE].key[KS_PRIMARY];
705 
706  case 1:
707  return &multi->session[TM_ACTIVE].key[KS_LAME_DUCK];
708 
709  case 2:
710  return &multi->session[TM_LAME_DUCK].key[KS_LAME_DUCK];
711 
712  default:
713  ASSERT(false);
714  return NULL; /* NOTREACHED */
715  }
716 }
717 
721 static inline const struct key_state *
722 get_primary_key(const struct tls_multi *multi)
723 {
724  return &multi->session[TM_ACTIVE].key[KS_PRIMARY];
725 }
726 
727 #endif /* SSL_COMMON_H_ */
auth_deferred_status::auth_failed_reason_file
char * auth_failed_reason_file
Definition: ssl_common.h:161
tls_multi::auth_token
char * auth_token
If server sends a generated auth-token, this is the token to use for future user/pass authentications...
Definition: ssl_common.h:644
CAS_PENDING_DEFERRED
@ CAS_PENDING_DEFERRED
Waiting on an async option import handler.
Definition: ssl_common.h:565
key_state::n_bytes
counter_type n_bytes
Definition: ssl_common.h:244
tls_options::config_ncp_ciphers
const char * config_ncp_ciphers
Definition: ssl_common.h:365
key_state_ssl
Definition: ssl_mbedtls.h:127
key_state::dco_status
enum dco_key_status dco_status
Definition: ssl_common.h:262
key_state::auth_token_state_flags
unsigned int auth_token_state_flags
The state of the auth-token sent from the client.
Definition: ssl_common.h:202
compress_options
Definition: comp.h:64
tls_session::cert_hash_set
struct cert_hash_set * cert_hash_set
Definition: ssl_common.h:502
ssl_backend.h
tls_options::verify_x509_name
const char * verify_x509_name
Definition: ssl_common.h:341
tls_wrap_ctx::original_wrap_keydata
struct key2 original_wrap_keydata
original key data to be xored in to the key for dynamic tls-crypt.
Definition: ssl_common.h:289
auth_deferred_status::auth_control_status
unsigned int auth_control_status
Definition: ssl_common.h:162
tls_session::burst
bool burst
Definition: ssl_common.h:477
tls_session::opt
struct tls_options * opt
Definition: ssl_common.h:474
key_state::n_packets
counter_type n_packets
Definition: ssl_common.h:245
auth_deferred_status::auth_pending_file
char * auth_pending_file
Definition: ssl_common.h:160
key_state::ks_ssl
struct key_state_ssl ks_ssl
Definition: ssl_common.h:216
auth_deferred_status
Definition: ssl_common.h:157
TM_SIZE
#define TM_SIZE
Size of the tls_multi.session array.
Definition: ssl_common.h:533
ks_auth_state
ks_auth_state
This reflects the (server side) authentication state after the TLS session has been established and k...
Definition: ssl_common.h:146
tls_wrap_ctx::tls_crypt_v2_wkc
const struct buffer * tls_crypt_v2_wkc
Wrapped client key, sent to server.
Definition: ssl_common.h:276
interval_t
int interval_t
Definition: common.h:36
KS_PRIMARY
#define KS_PRIMARY
Primary key state index.
Definition: ssl_common.h:448
key_state::rec_ack
struct reliable_ack * rec_ack
Definition: ssl_common.h:238
tls_multi::locked_cert_hash_set
struct cert_hash_set * locked_cert_hash_set
Definition: ssl_common.h:625
tls_options::transition_window
int transition_window
Definition: ssl_common.h:331
tls_session::key_id
int key_id
The current active key id, used to keep track of renegotiations.
Definition: ssl_common.h:494
tls_multi::session
struct tls_session session[TM_SIZE]
Array of tls_session objects representing control channel sessions with the remote peer.
Definition: ssl_common.h:675
tls_options::auth_token_key
struct key_ctx auth_token_key
Definition: ssl_common.h:391
key_source2::server
struct key_source server
Random provided by server.
Definition: ssl_common.h:135
key_state::must_negotiate
time_t must_negotiate
Definition: ssl_common.h:220
tls_multi::tas_cache_num_updates
unsigned int tas_cache_num_updates
The number of times we updated the cache.
Definition: ssl_common.h:632
tls_options::ekm_size
size_t ekm_size
Definition: ssl_common.h:436
tls_options::client_crresponse_script
const char * client_crresponse_script
Definition: ssl_common.h:377
key_state::rec_reliable
struct reliable * rec_reliable
Definition: ssl_common.h:237
key_state::lru_acks
struct reliable_ack * lru_acks
Definition: ssl_common.h:239
tls_options::replay_time
int replay_time
Definition: ssl_common.h:361
tls_options::remote_cert_eku
const char * remote_cert_eku
Definition: ssl_common.h:346
tls_options::single_session
bool single_session
Definition: ssl_common.h:316
tls_options::verify_hash_depth
int verify_hash_depth
Definition: ssl_common.h:348
CAS_PENDING
@ CAS_PENDING
Options import (Connect script/plugin, ccd,...)
Definition: ssl_common.h:564
MAX_PARMS
#define MAX_PARMS
Definition: options.h:52
get_primary_key
static const struct key_state * get_primary_key(const struct tls_multi *multi)
gets an item of key_state objects in the order they should be scanned by data channel modules.
Definition: ssl_common.h:722
KS_AUTH_FALSE
@ KS_AUTH_FALSE
Key state is not authenticated
Definition: ssl_common.h:147
tls_options::verify_hash_no_ca
bool verify_hash_no_ca
Definition: ssl_common.h:349
tls_options::crl_file_inline
bool crl_file_inline
Definition: ssl_common.h:343
KS_LAME_DUCK
#define KS_LAME_DUCK
Key state index that will retire soon.
Definition: ssl_common.h:449
tls_options::tcp_mode
bool tcp_mode
Definition: ssl_common.h:362
verify_hash_list
Definition: options.h:227
openvpn_net_ctx_t
void * openvpn_net_ctx_t
Definition: networking.h:28
tls_multi::n_soft_errors
int n_soft_errors
Definition: ssl_common.h:618
session_id.h
tls_options::tls_wrap
struct tls_wrap_ctx tls_wrap
TLS handshake wrapping state.
Definition: ssl_common.h:371
tls_options::tls_crypt_v2
bool tls_crypt_v2
Definition: ssl_common.h:367
tls_options::config_ciphername
const char * config_ciphername
Definition: ssl_common.h:364
options.h
tls_wrap_ctx::TLS_WRAP_CRYPT
@ TLS_WRAP_CRYPT
Control channel encryption and authentication.
Definition: ssl_common.h:271
tls_options::renegotiate_seconds
interval_t renegotiate_seconds
Definition: ssl_common.h:336
frame
Packet geometry parameters.
Definition: mtu.h:98
tls_options::tmp_dir
const char * tmp_dir
Definition: ssl_common.h:379
tls_multi
Security parameter state for a single VPN tunnel.
Definition: ssl_common.h:590
key_source
Container for one half of random material to be used in key method 2 data channel key generation.
Definition: ssl_common.h:116
CAS_FAILED
@ CAS_FAILED
Option import failed or explicitly denied the client.
Definition: ssl_common.h:567
key_state::authenticated
enum ks_auth_state authenticated
Definition: ssl_common.h:250
tls_multi::dco
dco_context_t * dco
Definition: ssl_common.h:692
key_state
Security parameter state of one TLS and data channel key session.
Definition: ssl_common.h:198
key
Container for unidirectional cipher and HMAC key material.
Definition: crypto.h:149
CAS_WAITING_AUTH
@ CAS_WAITING_AUTH
Initial TLS connection established but deferred auth is not yet finished.
Definition: ssl_common.h:563
tls_options::auth_token_renewal
unsigned int auth_token_renewal
Definition: ssl_common.h:389
multi_status
multi_status
Definition: ssl_common.h:561
tls_options::auth_token_generate
bool auth_token_generate
Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate.
Definition: ssl_common.h:384
tls_options::auth_user_pass_file_inline
bool auth_user_pass_file_inline
Definition: ssl_common.h:382
session_id
Definition: session_id.h:38
tls_multi::multi_state
enum multi_status multi_state
Definition: ssl_common.h:612
man_def_auth_context
Definition: manage.h:64
key_state::send_reliable
struct reliable * send_reliable
Definition: ssl_common.h:236
TM_ACTIVE
#define TM_ACTIVE
Active tls_session.
Definition: ssl_common.h:529
tls_options::ssl_ctx
struct tls_root_ctx ssl_ctx
Definition: ssl_common.h:299
tls_wrap_ctx::opt
struct crypto_options opt
Crypto state.
Definition: ssl_common.h:273
tls_multi::remote_usescomp
bool remote_usescomp
remote announced comp-lzo in OCC string
Definition: ssl_common.h:670
tls_options::ekm_label_size
size_t ekm_label_size
Definition: ssl_common.h:435
ASSERT
#define ASSERT(x)
Definition: error.h:195
CAS_RECONNECT_PENDING
@ CAS_RECONNECT_PENDING
session has already successful established (CAS_CONNECT_DONE) but has a reconnect and needs to redo s...
Definition: ssl_common.h:569
CAS_NOT_CONNECTED
@ CAS_NOT_CONNECTED
Definition: ssl_common.h:562
tls_options::remote_options
const char * remote_options
Definition: ssl_common.h:313
tls_wrap_ctx::tls_crypt_v2_server_key
struct key_ctx tls_crypt_v2_server_key
Decrypts client keys.
Definition: ssl_common.h:275
counter_type
uint64_t counter_type
Definition: common.h:30
tls_options::ekm_label
const char * ekm_label
Definition: ssl_common.h:434
key_state::mda_status
enum auth_deferred_result mda_status
Definition: ssl_common.h:255
get_key_scan
static struct key_state * get_key_scan(struct tls_multi *multi, int index)
gets an item of key_state objects in the order they should be scanned by data channel modules.
Definition: ssl_common.h:699
tls_options::verify_hash
struct verify_hash_list * verify_hash
Definition: ssl_common.h:347
tls_options::net_ctx
openvpn_net_ctx_t * net_ctx
Definition: ssl_common.h:398
tls_options
Definition: ssl_common.h:296
tls_options::x509_track
const struct x509_track * x509_track
Definition: ssl_common.h:424
key_state::peer_id
uint32_t peer_id
Key id for this key_state, inherited from struct tls_session.
Definition: ssl_common.h:214
packet_id.h
tls_options::export_peer_cert_dir
const char * export_peer_cert_dir
Definition: ssl_common.h:380
tls_multi::to_link_addr
struct link_socket_actual to_link_addr
Definition: ssl_common.h:608
tls_wrap_ctx
Control channel wrapping (–tls-auth/–tls-crypt) context.
Definition: ssl_common.h:266
tls_session::key
struct key_state key[KS_SIZE]
Definition: ssl_common.h:509
key_state::remote_addr
struct link_socket_actual remote_addr
Definition: ssl_common.h:226
tls_options::auth_user_pass_verify_script_via_file
bool auth_user_pass_verify_script_via_file
Definition: ssl_common.h:378
key_source::random1
uint8_t random1[32]
Seed used for master secret generation, provided by both client and server.
Definition: ssl_common.h:120
dco_key_status
dco_key_status
Definition: ssl_common.h:174
tls_wrap_ctx::work
struct buffer work
Work buffer (only for –tls-crypt)
Definition: ssl_common.h:274
tls_options::push_peer_info_detail
int push_peer_info_detail
The detail of info we push in peer info.
Definition: ssl_common.h:330
tls_options::ssl_flags
unsigned int ssl_flags
Definition: ssl_common.h:418
tls_multi::opt
struct tls_options opt
Definition: ssl_common.h:596
key_ctx
Container for one set of cipher and/or HMAC contexts.
Definition: crypto.h:162
tls_multi::n_hard_errors
int n_hard_errors
Definition: ssl_common.h:617
tls_multi::locked_cn
char * locked_cn
Definition: ssl_common.h:623
tls_wrap_ctx::tls_crypt_v2_metadata
struct buffer tls_crypt_v2_metadata
Received from client.
Definition: ssl_common.h:278
key_state::acf_last_mod
time_t acf_last_mod
Definition: ssl_common.h:257
crypto.h
tls_options::local_options
const char * local_options
Definition: ssl_common.h:312
key_state::session_id_remote
struct session_id session_id_remote
Definition: ssl_common.h:225
tls_multi::dco_peer_id
int dco_peer_id
This is the handle that DCO uses to identify this session with the kernel.
Definition: ssl_common.h:690
key_state::established
time_t established
Definition: ssl_common.h:219
tls_options::handshake_window
int handshake_window
Definition: ssl_common.h:332
tls_session::verified
bool verified
Definition: ssl_common.h:504
DCO_INSTALLED_SECONDARY
@ DCO_INSTALLED_SECONDARY
Definition: ssl_common.h:177
key_source::pre_master
uint8_t pre_master[48]
Random used for master secret generation, provided only by client OpenVPN peer.
Definition: ssl_common.h:117
tls_options::verify_command
const char * verify_command
Definition: ssl_common.h:339
TM_LAME_DUCK
#define TM_LAME_DUCK
Old tls_session.
Definition: ssl_common.h:532
hash_algo_type
hash_algo_type
Types referencing specific message digest hashing algorithms.
Definition: crypto_backend.h:51
tls_options::tls_crypt_v2_verify_script
const char * tls_crypt_v2_verify_script
Definition: ssl_common.h:368
dco_context_t
void * dco_context_t
Definition: dco.h:254
tls_session::common_name
char * common_name
Definition: ssl_common.h:500
tls_options::renegotiate_bytes
int renegotiate_bytes
Definition: ssl_common.h:334
tls_multi::save_ks
struct key_state * save_ks
Definition: ssl_common.h:602
KS_AUTH_TRUE
@ KS_AUTH_TRUE
Key state is authenticated.
Definition: ssl_common.h:150
tls_multi::peer_info
char * peer_info
Definition: ssl_common.h:643
buffer
Wrapper structure for dynamically allocated memory.
Definition: buffer.h:60
ACF_SUCCEEDED
@ ACF_SUCCEEDED
deferred auth has suceeded
Definition: ssl_common.h:169
tls_options::gremlin
int gremlin
Definition: ssl_common.h:431
static_challenge_info
Definition: misc.h:92
tls_multi::dco_keys_installed
int dco_keys_installed
Definition: ssl_common.h:682
tls_options::verify_x509_type
int verify_x509_type
Definition: ssl_common.h:340
key_type
Definition: crypto.h:139
tls_options::x509_username_field
char * x509_username_field[2]
Definition: ssl_common.h:354
auth_deferred_status::auth_control_file
char * auth_control_file
Definition: ssl_common.h:159
tls_options::ns_cert_type
int ns_cert_type
Definition: ssl_common.h:344
tls_session::initial_opcode
int initial_opcode
Definition: ssl_common.h:486
DCO_INSTALLED_PRIMARY
@ DCO_INSTALLED_PRIMARY
Definition: ssl_common.h:176
tls_session
Security parameter state of a single session within a VPN tunnel.
Definition: ssl_common.h:471
key_state::state
int state
Definition: ssl_common.h:200
key_state::mda_key_id
unsigned int mda_key_id
Definition: ssl_common.h:254
CAS_CONNECT_DONE
@ CAS_CONNECT_DONE
Definition: ssl_common.h:573
tls_options::sci
const struct static_challenge_info * sci
Definition: ssl_common.h:427
tls_options::auth_user_pass_file
const char * auth_user_pass_file
Definition: ssl_common.h:381
tls_options::verify_hash_algo
hash_algo_type verify_hash_algo
Definition: ssl_common.h:350
key_source2
Container for both halves of random material to be used in key method 2 data channel key generation.
Definition: ssl_common.h:133
cert_hash_set
Structure containing the hashes for a full certificate chain.
Definition: ssl_verify.h:59
key_state::key_id
int key_id
Key id for this key_state, inherited from struct tls_session.
Definition: ssl_common.h:208
tls_options::auth_user_pass_verify_script
const char * auth_user_pass_verify_script
Definition: ssl_common.h:376
key_state::key_src
struct key_source2 * key_src
Definition: ssl_common.h:230
tls_wrap_ctx::TLS_WRAP_NONE
@ TLS_WRAP_NONE
No control channel wrapping.
Definition: ssl_common.h:269
env_set
Definition: env_set.h:42
reliable
The reliability layer storage structure for one VPN tunnel's control channel in one direction.
Definition: reliable.h:91
tls_options::mda_context
struct man_def_auth_context * mda_context
Definition: ssl_common.h:421
tls_options::auth_token_lifetime
unsigned int auth_token_lifetime
Definition: ssl_common.h:388
key_state::plugin_auth
struct auth_deferred_status plugin_auth
Definition: ssl_common.h:259
key_state::initial
time_t initial
Definition: ssl_common.h:218
key_state::paybuf
struct buffer_list * paybuf
Holds outgoing message for the control channel until ks->state reaches S_ACTIVE.
Definition: ssl_common.h:243
plugin_list
Definition: plugin.h:94
tls_options::client_config_dir_exclusive
const char * client_config_dir_exclusive
Definition: ssl_common.h:394
tls_multi::use_peer_id
bool use_peer_id
Definition: ssl_common.h:667
tls_multi::client_reason
char * client_reason
Definition: ssl_common.h:637
tls_multi::n_sessions
int n_sessions
Number of sessions negotiated thus far.
Definition: ssl_common.h:610
key_state::plaintext_write_buf
struct buffer plaintext_write_buf
Definition: ssl_common.h:233
tls_options::pull
bool pull
Definition: ssl_common.h:319
ACF_PENDING
@ ACF_PENDING
deferred auth still pending
Definition: ssl_common.h:168
auth_deferred_result
auth_deferred_result
Definition: ssl_common.h:167
key_state::script_auth
struct auth_deferred_status script_auth
Definition: ssl_common.h:260
tls_options::crl_file
const char * crl_file
Definition: ssl_common.h:342
tls_root_ctx
Structure that wraps the TLS context.
Definition: ssl_mbedtls.h:106
key_state::must_die
time_t must_die
Definition: ssl_common.h:221
CAS_WAITING_OPTIONS_IMPORT
@ CAS_WAITING_OPTIONS_IMPORT
client with pull or p2p waiting for first time options import
Definition: ssl_common.h:568
key_source2::client
struct key_source client
Random provided by client.
Definition: ssl_common.h:134
tls_session::limit_next
int limit_next
Definition: ssl_common.h:496
ACF_FAILED
@ ACF_FAILED
deferred auth has failed
Definition: ssl_common.h:171
tls_options::server
bool server
Definition: ssl_common.h:305
tls_options::replay_window
int replay_window
Definition: ssl_common.h:360
KS_AUTH_DEFERRED
@ KS_AUTH_DEFERRED
Key state authentication is being deferred, by async auth.
Definition: ssl_common.h:148
socket.h
tls_options::mode
int mode
Definition: ssl_common.h:318
tls_options::renegotiate_packets
int renegotiate_packets
Definition: ssl_common.h:335
tls_options::disable_occ
bool disable_occ
Definition: ssl_common.h:317
key_state::auth_deferred_expire
time_t auth_deferred_expire
Definition: ssl_common.h:251
tls_session::verify_maxlevel
int verify_maxlevel
Definition: ssl_common.h:498
CAS_PENDING_DEFERRED_PARTIAL
@ CAS_PENDING_DEFERRED_PARTIAL
at least handler succeeded but another is still pending
Definition: ssl_common.h:566
tls_multi::tas_cache_last_update
time_t tas_cache_last_update
Time of last when we updated the cached state of tls_authentication_status deferred files.
Definition: ssl_common.h:629
key_state::peer_last_packet
time_t peer_last_packet
Definition: ssl_common.h:222
tls_options::xmit_hold
bool xmit_hold
Definition: ssl_common.h:308
tls_options::crypto_flags
unsigned int crypto_flags
Definition: ssl_common.h:358
tls_multi::remote_ciphername
char * remote_ciphername
cipher specified in peer's config file
Definition: ssl_common.h:669
tls_multi::peer_id
uint32_t peer_id
Definition: ssl_common.h:666
key2
Container for bidirectional cipher and HMAC key material.
Definition: crypto.h:179
tls_options::packet_timeout
interval_t packet_timeout
Definition: ssl_common.h:333
tls_options::remote_cert_ku
unsigned remote_cert_ku[MAX_PARMS]
Definition: ssl_common.h:345
session
Definition: keyingmaterialexporter.c:56
DCO_NOT_INSTALLED
@ DCO_NOT_INSTALLED
Definition: ssl_common.h:175
key_state::plaintext_read_buf
struct buffer plaintext_read_buf
Definition: ssl_common.h:232
tls_multi::locked_username
char * locked_username
Definition: ssl_common.h:624
tls_multi::auth_token_initial
char * auth_token_initial
The first auth-token we sent to a client.
Definition: ssl_common.h:648
KS_SIZE
#define KS_SIZE
Size of the tls_session.key array.
Definition: ssl_common.h:451
tls_wrap_ctx::TLS_WRAP_AUTH
@ TLS_WRAP_AUTH
Control channel authentication.
Definition: ssl_common.h:270
key_state::ack_write_buf
struct buffer ack_write_buf
Definition: ssl_common.h:234
ACF_DISABLED
@ ACF_DISABLED
deferred auth is not used
Definition: ssl_common.h:170
key_source::random2
uint8_t random2[32]
Seed used for key expansion, provided by both client and server.
Definition: ssl_common.h:123
key_state::initial_opcode
int initial_opcode
Definition: ssl_common.h:224
tls_wrap_ctx::mode
enum tls_wrap_ctx::@17 mode
Control channel wrapping mode.
buffer_list
Definition: buffer.h:1125
reliable_ack
The acknowledgment structure in which packet IDs are stored for later acknowledgment.
Definition: reliable.h:61
tls_options::auth_token_call_auth
bool auth_token_call_auth
always call normal authentication
Definition: ssl_common.h:387
tls_options::dco_enabled
bool dco_enabled
Whether keys have to be installed in DCO or not.
Definition: ssl_common.h:438
tls_wrap_ctx::cleanup_key_ctx
bool cleanup_key_ctx
opt.key_ctx_bi is owned by this context
Definition: ssl_common.h:279
tls_options::es
struct env_set * es
Definition: ssl_common.h:397
x509_track
Definition: ssl_verify.h:214
tls_options::plugins
const struct plugin_list * plugins
Definition: ssl_common.h:399
crypto_options
Security parameter state for processing data channel packets.
Definition: crypto.h:230