#include <ssl_common.h>
Detailed Description
Definition at line 293 of file ssl_common.h.
Field Documentation
◆ auth_token_call_auth
| bool tls_options::auth_token_call_auth |
always call normal authentication
Definition at line 385 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ auth_token_generate
| bool tls_options::auth_token_generate |
Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate.
Definition at line 382 of file ssl_common.h.
Referenced by add_session_token_env(), do_init_crypto_tls(), and setup().
◆ auth_token_key
| struct key_ctx tls_options::auth_token_key |
Definition at line 389 of file ssl_common.h.
Referenced by auth_token_fail_invalid_key(), auth_token_test_key_load(), auth_token_test_random_keys(), do_init_crypto_tls(), generate_auth_token(), setup(), teardown(), and verify_auth_token().
◆ auth_token_lifetime
| unsigned int tls_options::auth_token_lifetime |
Definition at line 386 of file ssl_common.h.
Referenced by auth_token_test_timeout(), do_init_crypto_tls(), setup(), and verify_auth_token().
◆ auth_token_renewal
| unsigned int tls_options::auth_token_renewal |
Definition at line 387 of file ssl_common.h.
Referenced by auth_token_test_timeout(), do_init_crypto_tls(), and setup().
◆ auth_user_pass_file
| const char* tls_options::auth_user_pass_file |
Definition at line 379 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ auth_user_pass_file_inline
| bool tls_options::auth_user_pass_file_inline |
Definition at line 380 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ auth_user_pass_verify_script
| const char* tls_options::auth_user_pass_verify_script |
Definition at line 375 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ auth_user_pass_verify_script_via_file
| bool tls_options::auth_user_pass_verify_script_via_file |
Definition at line 377 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ client_config_dir_exclusive
| const char* tls_options::client_config_dir_exclusive |
Definition at line 392 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ client_crresponse_script
| const char* tls_options::client_crresponse_script |
Definition at line 376 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ config_ciphername
| const char* tls_options::config_ciphername |
Definition at line 363 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ config_ncp_ciphers
| const char* tls_options::config_ncp_ciphers |
Definition at line 364 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ crl_file
| const char* tls_options::crl_file |
Definition at line 341 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_verify_crl_missing(), and verify_cert().
◆ crl_file_inline
| bool tls_options::crl_file_inline |
Definition at line 342 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ crypto_flags
| unsigned int tls_options::crypto_flags |
Definition at line 357 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ dco_enabled
| bool tls_options::dco_enabled |
Whether keys have to be installed in DCO or not.
Definition at line 436 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ disable_occ
| bool tls_options::disable_occ |
Definition at line 315 of file ssl_common.h.
◆ ekm_label
| const char* tls_options::ekm_label |
Definition at line 432 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ ekm_label_size
| size_t tls_options::ekm_label_size |
Definition at line 433 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ ekm_size
| size_t tls_options::ekm_size |
Definition at line 434 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ es
| struct env_set* tls_options::es |
Definition at line 395 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_gen_auth_control_files(), and verify_cert().
◆ frame
| struct frame tls_options::frame |
Definition at line 372 of file ssl_common.h.
Referenced by do_init_frame_tls(), test_tls_crypt_secure_reneg_key(), tls_auth_standalone_init(), tls_multi_init_finalize(), and tls_process().
◆ gremlin
| int tls_options::gremlin |
Definition at line 429 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_multi_process().
◆ handshake_window
| int tls_options::handshake_window |
Definition at line 330 of file ssl_common.h.
Referenced by auth_deferred_expire_window(), do_init_crypto_tls(), and send_auth_pending_messages().
◆ key_type
| struct key_type tls_options::key_type |
Definition at line 299 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ local_options
| const char* tls_options::local_options |
Definition at line 309 of file ssl_common.h.
Referenced by tls_multi_init_set_options().
◆ mda_context
| struct man_def_auth_context* tls_options::mda_context |
Definition at line 419 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ mode
| int tls_options::mode |
Definition at line 316 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ net_ctx
| openvpn_net_ctx_t* tls_options::net_ctx |
Definition at line 396 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ ns_cert_type
| int tls_options::ns_cert_type |
Definition at line 343 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ packet_timeout
| interval_t tls_options::packet_timeout |
Definition at line 331 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ plugins
| const struct plugin_list* tls_options::plugins |
Definition at line 397 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ pull
| bool tls_options::pull |
Definition at line 317 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ push_peer_info_detail
| int tls_options::push_peer_info_detail |
The detail of info we push in peer info.
0 - nothing at all, P2MP server only 1 - only the most basic information to negotiate cipher and features for P2P NCP 2 - normal setting for clients 3 - full information including "sensitive data" like IV_HWADDR enabled by –push-peer-info
Definition at line 328 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ remote_cert_eku
| const char* tls_options::remote_cert_eku |
Definition at line 345 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ remote_cert_ku
| unsigned tls_options::remote_cert_ku[MAX_PARMS] |
Definition at line 344 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ remote_options
| const char* tls_options::remote_options |
Definition at line 310 of file ssl_common.h.
Referenced by tls_multi_init_set_options().
◆ renegotiate_bytes
| int tls_options::renegotiate_bytes |
Definition at line 332 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ renegotiate_packets
| int tls_options::renegotiate_packets |
Definition at line 333 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ renegotiate_seconds
| interval_t tls_options::renegotiate_seconds |
Definition at line 334 of file ssl_common.h.
Referenced by auth_deferred_expire_window(), auth_token_test_timeout(), do_init_crypto_tls(), send_auth_pending_messages(), and setup().
◆ replay
| bool tls_options::replay |
Definition at line 313 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ replay_time
| int tls_options::replay_time |
Definition at line 360 of file ssl_common.h.
Referenced by do_init_crypto_tls(), test_tls_crypt_secure_reneg_key(), and tls_auth_standalone_init().
◆ replay_window
| int tls_options::replay_window |
Definition at line 359 of file ssl_common.h.
Referenced by do_init_crypto_tls(), test_tls_crypt_secure_reneg_key(), and tls_auth_standalone_init().
◆ sci
| const struct static_challenge_info* tls_options::sci |
Definition at line 425 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ server
| bool tls_options::server |
Definition at line 302 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_pre_decrypt().
◆ single_session
| bool tls_options::single_session |
Definition at line 314 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_multi_process(), tls_pre_decrypt(), and tls_set_single_session().
◆ ssl_ctx
| struct tls_root_ctx tls_options::ssl_ctx |
Definition at line 296 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_verify_crl_missing().
◆ ssl_flags
| unsigned int tls_options::ssl_flags |
Definition at line 416 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_verify_crl_missing(), and verify_cert().
◆ tcp_mode
| bool tls_options::tcp_mode |
Definition at line 361 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ tls_crypt_v2
| bool tls_options::tls_crypt_v2 |
Definition at line 366 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ tls_crypt_v2_verify_script
| const char* tls_options::tls_crypt_v2_verify_script |
Definition at line 367 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_crypt_v2_extract_client_key(), and tls_crypt_v2_verify_metadata().
◆ tls_wrap
| struct tls_wrap_ctx tls_options::tls_wrap |
TLS handshake wrapping state.
Definition at line 370 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_auth_standalone_init().
◆ tmp_dir
| const char* tls_options::tmp_dir |
Definition at line 378 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_gen_auth_control_files(), and tls_crypt_v2_verify_metadata().
◆ transition_window
| int tls_options::transition_window |
Definition at line 329 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ verify_command
| const char* tls_options::verify_command |
Definition at line 337 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_export_cert
| const char* tls_options::verify_export_cert |
Definition at line 338 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash
| struct verify_hash_list* tls_options::verify_hash |
Definition at line 346 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash_algo
| hash_algo_type tls_options::verify_hash_algo |
Definition at line 349 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash_depth
| int tls_options::verify_hash_depth |
Definition at line 347 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash_no_ca
| bool tls_options::verify_hash_no_ca |
Definition at line 348 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ verify_x509_name
| const char* tls_options::verify_x509_name |
Definition at line 340 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ verify_x509_type
| int tls_options::verify_x509_type |
Definition at line 339 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ x509_track
| const struct x509_track* tls_options::x509_track |
Definition at line 422 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ x509_username_field
| char* tls_options::x509_username_field[2] |
Definition at line 353 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ xmit_hold
| bool tls_options::xmit_hold |
Definition at line 305 of file ssl_common.h.
Referenced by do_init_crypto_tls().
The documentation for this struct was generated from the following file:
- src/openvpn/ssl_common.h
