OpenVPN
Data Fields
key_state Struct Reference

Security parameter state of one TLS and data channel key session. More...

#include <ssl_common.h>

Collaboration diagram for key_state:
Collaboration graph
[legend]

Data Fields

int state
 
unsigned int auth_token_state_flags
 The state of the auth-token sent from the client. More...
 
int key_id
 Key id for this key_state, inherited from struct tls_session. More...
 
uint32_t peer_id
 Key id for this key_state, inherited from struct tls_session. More...
 
struct key_state_ssl ks_ssl
 
time_t initial
 
time_t established
 
time_t must_negotiate
 
time_t must_die
 
time_t peer_last_packet
 
int initial_opcode
 
struct session_id session_id_remote
 
struct link_socket_actual remote_addr
 
struct crypto_options crypto_options
 
struct key_source2key_src
 
struct buffer plaintext_read_buf
 
struct buffer plaintext_write_buf
 
struct buffer ack_write_buf
 
struct reliablesend_reliable
 
struct reliablerec_reliable
 
struct reliable_ackrec_ack
 
struct reliable_acklru_acks
 
struct buffer_listpaybuf
 Holds outgoing message for the control channel until ks->state reaches S_ACTIVE. More...
 
counter_type n_bytes
 
counter_type n_packets
 
enum ks_auth_state authenticated
 
time_t auth_deferred_expire
 
unsigned int mda_key_id
 
enum auth_deferred_result mda_status
 
time_t acf_last_mod
 
struct auth_deferred_status plugin_auth
 
struct auth_deferred_status script_auth
 
enum dco_key_status dco_status
 

Detailed Description

Security parameter state of one TLS and data channel key session.

This structure represents one security parameter session between OpenVPN peers. It includes the control channel TLS state and the data channel crypto state. It also contains the reliability layer structures used for control channel messages.

A new key_state structure is initialized for each hard or soft reset.

See also

Definition at line 198 of file ssl_common.h.

Field Documentation

◆ acf_last_mod

time_t key_state::acf_last_mod

Definition at line 257 of file ssl_common.h.

◆ ack_write_buf

struct buffer key_state::ack_write_buf

Definition at line 234 of file ssl_common.h.

Referenced by key_state_free(), key_state_init(), and tls_process().

◆ auth_deferred_expire

time_t key_state::auth_deferred_expire

◆ auth_token_state_flags

unsigned int key_state::auth_token_state_flags

The state of the auth-token sent from the client.

Definition at line 202 of file ssl_common.h.

Referenced by auth_token_test_env(), generate_auth_token(), and verify_user_pass().

◆ authenticated

enum ks_auth_state key_state::authenticated

◆ crypto_options

struct crypto_options key_state::crypto_options

◆ dco_status

enum dco_key_status key_state::dco_status

Definition at line 262 of file ssl_common.h.

◆ established

time_t key_state::established

◆ initial

time_t key_state::initial

Definition at line 218 of file ssl_common.h.

Referenced by send_auth_pending_messages(), and session_move_pre_start().

◆ initial_opcode

int key_state::initial_opcode

Definition at line 224 of file ssl_common.h.

Referenced by key_state_init(), and session_move_pre_start().

◆ key_id

int key_state::key_id

◆ key_src

struct key_source2* key_state::key_src

◆ ks_ssl

struct key_state_ssl key_state::ks_ssl

◆ lru_acks

struct reliable_ack* key_state::lru_acks

◆ mda_key_id

unsigned int key_state::mda_key_id

◆ mda_status

enum auth_deferred_result key_state::mda_status

Definition at line 255 of file ssl_common.h.

Referenced by man_def_auth_test(), tls_authenticate_key(), and verify_user_pass().

◆ must_die

time_t key_state::must_die

Definition at line 221 of file ssl_common.h.

Referenced by key_state_soft_reset(), and lame_duck_must_die().

◆ must_negotiate

time_t key_state::must_negotiate

◆ n_bytes

counter_type key_state::n_bytes

Definition at line 244 of file ssl_common.h.

Referenced by handle_data_channel_packet(), tls_post_encrypt(), and tls_process().

◆ n_packets

counter_type key_state::n_packets

Definition at line 245 of file ssl_common.h.

Referenced by handle_data_channel_packet(), tls_post_encrypt(), and tls_process().

◆ paybuf

struct buffer_list* key_state::paybuf

Holds outgoing message for the control channel until ks->state reaches S_ACTIVE.

Definition at line 243 of file ssl_common.h.

Referenced by flush_payload_buffer(), key_state_free(), and tls_send_payload().

◆ peer_id

uint32_t key_state::peer_id

Key id for this key_state, inherited from struct tls_session.

See also
tls_multi::peer_id.

Definition at line 214 of file ssl_common.h.

◆ peer_last_packet

time_t key_state::peer_last_packet

Definition at line 222 of file ssl_common.h.

Referenced by send_push_request(), and tls_pre_decrypt().

◆ plaintext_read_buf

struct buffer key_state::plaintext_read_buf

◆ plaintext_write_buf

struct buffer key_state::plaintext_write_buf

Definition at line 233 of file ssl_common.h.

Referenced by key_state_free(), key_state_init(), and tls_process_state().

◆ plugin_auth

struct auth_deferred_status key_state::plugin_auth

◆ rec_ack

struct reliable_ack* key_state::rec_ack

◆ rec_reliable

struct reliable* key_state::rec_reliable

◆ remote_addr

struct link_socket_actual key_state::remote_addr

◆ script_auth

struct auth_deferred_status key_state::script_auth

◆ send_reliable

struct reliable* key_state::send_reliable

◆ session_id_remote

struct session_id key_state::session_id_remote

◆ state

int key_state::state

The documentation for this struct was generated from the following file: