#include <ssl_common.h>
Detailed Description
Definition at line 282 of file ssl_common.h.
Field Documentation
◆ auth_token_call_auth
| bool tls_options::auth_token_call_auth |
always call normal authentication
Definition at line 372 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_user_pass().
◆ auth_token_generate
| bool tls_options::auth_token_generate |
Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate.
Definition at line 369 of file ssl_common.h.
Referenced by add_session_token_env(), do_init_crypto_tls(), setup(), and verify_user_pass().
◆ auth_token_key
| struct key_ctx tls_options::auth_token_key |
Definition at line 375 of file ssl_common.h.
Referenced by auth_token_fail_invalid_key(), auth_token_test_key_load(), auth_token_test_random_keys(), do_init_crypto_tls(), generate_auth_token(), setup(), teardown(), and verify_auth_token().
◆ auth_token_lifetime
| unsigned int tls_options::auth_token_lifetime |
Definition at line 373 of file ssl_common.h.
Referenced by auth_token_test_timeout(), do_init_crypto_tls(), setup(), and verify_auth_token().
◆ auth_user_pass_file
| const char* tls_options::auth_user_pass_file |
Definition at line 367 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and key_method_2_write().
◆ auth_user_pass_verify_script
| const char* tls_options::auth_user_pass_verify_script |
Definition at line 364 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_session_user_pass_enabled(), verify_user_pass(), and verify_user_pass_script().
◆ auth_user_pass_verify_script_via_file
| bool tls_options::auth_user_pass_verify_script_via_file |
Definition at line 365 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_user_pass_script().
◆ client_config_dir_exclusive
| const char* tls_options::client_config_dir_exclusive |
Definition at line 378 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_final_auth_checks().
◆ config_ciphername
| const char* tls_options::config_ciphername |
Definition at line 352 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_session_update_crypto_params(), and tls_session_update_crypto_params_do_work().
◆ config_ncp_ciphers
| const char* tls_options::config_ncp_ciphers |
Definition at line 353 of file ssl_common.h.
Referenced by do_init_crypto_tls(), get_p2p_ncp_cipher(), and push_peer_info().
◆ crl_file
| const char* tls_options::crl_file |
Definition at line 330 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_process(), tls_verify_crl_missing(), and verify_cert().
◆ crl_file_inline
| bool tls_options::crl_file_inline |
Definition at line 331 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_process().
◆ crypto_flags
| unsigned int tls_options::crypto_flags |
Definition at line 346 of file ssl_common.h.
Referenced by do_init_crypto_tls(), generate_key_expansion(), p2p_mode_ncp(), p2p_ncp_set_options(), tls_session_generate_data_channel_keys(), tls_session_update_crypto_params(), and tls_session_update_crypto_params_do_work().
◆ disable_occ
| bool tls_options::disable_occ |
Definition at line 304 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and key_method_2_read().
◆ ekm_label
| const char* tls_options::ekm_label |
Definition at line 418 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and export_user_keying_material().
◆ ekm_label_size
| size_t tls_options::ekm_label_size |
Definition at line 419 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and export_user_keying_material().
◆ ekm_size
| size_t tls_options::ekm_size |
Definition at line 420 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and export_user_keying_material().
◆ es
| struct env_set* tls_options::es |
Definition at line 381 of file ssl_common.h.
Referenced by add_session_token_env(), do_init_crypto_tls(), export_user_keying_material(), key_method_2_read(), key_state_gen_auth_control_files(), push_peer_info(), receive_cr_response(), set_verify_user_pass_env(), setenv_untrusted(), tls_process(), verify_cert(), verify_user_pass_management(), verify_user_pass_plugin(), and verify_user_pass_script().
◆ frame
| struct frame tls_options::frame |
Definition at line 361 of file ssl_common.h.
Referenced by do_init_crypto_tls(), do_init_finalize_tls_frame(), key_state_init(), tls_auth_standalone_init(), tls_multi_init_finalize(), tls_process(), and tls_session_init().
◆ gremlin
| int tls_options::gremlin |
Definition at line 415 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_multi_process().
◆ handshake_window
| int tls_options::handshake_window |
Definition at line 319 of file ssl_common.h.
Referenced by auth_deferred_expire_window(), do_init_crypto_tls(), send_auth_pending_messages(), and tls_process().
◆ key_type
| struct key_type tls_options::key_type |
Definition at line 288 of file ssl_common.h.
Referenced by do_init_crypto_tls(), generate_key_expansion(), generate_key_expansion_openvpn_prf(), tls_session_generate_data_channel_keys(), and tls_session_update_crypto_params_do_work().
◆ local_options
| const char* tls_options::local_options |
Definition at line 298 of file ssl_common.h.
Referenced by key_method_2_write(), and tls_multi_init_set_options().
◆ mda_context
| struct man_def_auth_context* tls_options::mda_context |
Definition at line 405 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_init(), receive_cr_response(), and verify_user_pass_management().
◆ mode
| int tls_options::mode |
Definition at line 305 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_method_2_write(), push_peer_info(), and tls_process().
◆ net_ctx
| openvpn_net_ctx_t* tls_options::net_ctx |
Definition at line 382 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and push_peer_info().
◆ ns_cert_type
| int tls_options::ns_cert_type |
Definition at line 332 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ packet_timeout
| interval_t tls_options::packet_timeout |
Definition at line 320 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and key_state_init().
◆ plugins
| const struct plugin_list* tls_options::plugins |
Definition at line 383 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_method_2_read(), tls_session_user_pass_enabled(), verify_cert(), verify_user_pass(), and verify_user_pass_plugin().
◆ pull
| bool tls_options::pull |
Definition at line 306 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_method_2_read(), key_method_2_write(), and push_peer_info().
◆ push_peer_info_detail
| int tls_options::push_peer_info_detail |
The detail of info we push in peer info.
0 - nothing at all, P2MP server only 1 - only the most basic information to negotiate cipher and features for P2P NCP 2 - normal setting for clients 3 - full information including "sensitive data" like IV_HWADDR enabled by –push-peer-info
Definition at line 317 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and push_peer_info().
◆ remote_cert_eku
| const char* tls_options::remote_cert_eku |
Definition at line 334 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ remote_cert_ku
| unsigned tls_options::remote_cert_ku[MAX_PARMS] |
Definition at line 333 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ remote_options
| const char* tls_options::remote_options |
Definition at line 299 of file ssl_common.h.
Referenced by key_method_2_read(), and tls_multi_init_set_options().
◆ renegotiate_bytes
| int tls_options::renegotiate_bytes |
Definition at line 321 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_process(), and tls_session_generate_data_channel_keys().
◆ renegotiate_packets
| int tls_options::renegotiate_packets |
Definition at line 322 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_process().
◆ renegotiate_seconds
| interval_t tls_options::renegotiate_seconds |
Definition at line 323 of file ssl_common.h.
Referenced by auth_deferred_expire_window(), auth_token_test_timeout(), do_init_crypto_tls(), send_auth_pending_messages(), setup(), tls_process(), and verify_auth_token().
◆ replay
| bool tls_options::replay |
Definition at line 302 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and key_state_init().
◆ replay_time
| int tls_options::replay_time |
Definition at line 349 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_init(), and tls_session_init().
◆ replay_window
| int tls_options::replay_window |
Definition at line 348 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_init(), and tls_session_init().
◆ sci
| const struct static_challenge_info* tls_options::sci |
Definition at line 411 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and key_method_2_write().
◆ server
| bool tls_options::server |
Definition at line 291 of file ssl_common.h.
Referenced by do_init_crypto_tls(), generate_key_expansion(), generate_key_expansion_openvpn_prf(), get_p2p_ncp_cipher(), key_method_2_read(), key_method_2_write(), key_state_init(), tls_pre_decrypt(), tls_process(), tls_session_init(), and tls_session_update_crypto_params().
◆ single_session
| bool tls_options::single_session |
Definition at line 303 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_multi_init_finalize(), tls_multi_process(), tls_pre_decrypt(), and tls_set_single_session().
◆ ssl_ctx
| struct tls_root_ctx tls_options::ssl_ctx |
Definition at line 285 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_init(), tls_process(), and tls_verify_crl_missing().
◆ ssl_flags
| unsigned int tls_options::ssl_flags |
Definition at line 402 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_method_2_read(), set_verify_user_pass_env(), tls_process(), tls_verify_crl_missing(), verify_cert(), and verify_user_pass().
◆ tcp_mode
| bool tls_options::tcp_mode |
Definition at line 350 of file ssl_common.h.
Referenced by do_init_crypto_tls().
◆ tls_crypt_v2
| bool tls_options::tls_crypt_v2 |
Definition at line 355 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and tls_session_init().
◆ tls_crypt_v2_verify_script
| const char* tls_options::tls_crypt_v2_verify_script |
Definition at line 356 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_crypt_v2_extract_client_key(), and tls_crypt_v2_verify_metadata().
◆ tls_wrap
| struct tls_wrap_ctx tls_options::tls_wrap |
TLS handshake wrapping state.
Definition at line 359 of file ssl_common.h.
Referenced by do_init_crypto_tls(), tls_auth_standalone_init(), and tls_session_init().
◆ tmp_dir
| const char* tls_options::tmp_dir |
Definition at line 366 of file ssl_common.h.
Referenced by do_init_crypto_tls(), key_state_gen_auth_control_files(), tls_crypt_v2_verify_metadata(), and verify_user_pass_script().
◆ transition_window
| int tls_options::transition_window |
Definition at line 318 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and key_state_soft_reset().
◆ verify_command
| const char* tls_options::verify_command |
Definition at line 326 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_export_cert
| const char* tls_options::verify_export_cert |
Definition at line 327 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash
| struct verify_hash_list* tls_options::verify_hash |
Definition at line 335 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash_algo
| hash_algo_type tls_options::verify_hash_algo |
Definition at line 338 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash_depth
| int tls_options::verify_hash_depth |
Definition at line 336 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ verify_hash_no_ca
| bool tls_options::verify_hash_no_ca |
Definition at line 337 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_callback().
◆ verify_x509_name
| const char* tls_options::verify_x509_name |
Definition at line 329 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ verify_x509_type
| int tls_options::verify_x509_type |
Definition at line 328 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_peer_cert().
◆ x509_track
| const struct x509_track* tls_options::x509_track |
Definition at line 408 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ x509_username_field
| char* tls_options::x509_username_field[2] |
Definition at line 342 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and verify_cert().
◆ xmit_hold
| bool tls_options::xmit_hold |
Definition at line 294 of file ssl_common.h.
Referenced by do_init_crypto_tls(), and key_state_init().
The documentation for this struct was generated from the following file:
- src/openvpn/ssl_common.h
