OpenVPN
Data Fields
tls_options Struct Reference

#include <ssl_common.h>

Collaboration diagram for tls_options:
Collaboration graph
[legend]

Data Fields

struct tls_root_ctx ssl_ctx
 
struct key_type key_type
 
bool server
 
bool xmit_hold
 
const char * local_options
 
const char * remote_options
 
bool replay
 
bool single_session
 
bool disable_occ
 
int mode
 
bool pull
 
int push_peer_info_detail
 
int transition_window
 
int handshake_window
 
interval_t packet_timeout
 
int renegotiate_bytes
 
int renegotiate_packets
 
interval_t renegotiate_seconds
 
const char * verify_command
 
const char * verify_export_cert
 
int verify_x509_type
 
const char * verify_x509_name
 
const char * crl_file
 
bool crl_file_inline
 
int ns_cert_type
 
unsigned remote_cert_ku [MAX_PARMS]
 
const char * remote_cert_eku
 
uint8_tverify_hash
 
hash_algo_type verify_hash_algo
 
char * x509_username_field [2]
 
bool pass_config_info
 
unsigned int crypto_flags
 
int replay_window
 
int replay_time
 
bool tcp_mode
 
const char * config_ciphername
 
const char * config_ncp_ciphers
 
bool ncp_enabled
 
bool tls_crypt_v2
 
const char * tls_crypt_v2_verify_script
 
struct tls_wrap_ctx tls_wrap
 TLS handshake wrapping state. More...
 
struct frame frame
 
const char * auth_user_pass_verify_script
 
bool auth_user_pass_verify_script_via_file
 
const char * tmp_dir
 
const char * auth_user_pass_file
 
bool auth_token_generate
 Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate. More...
 
bool auth_token_call_auth
 always call normal authentication More...
 
unsigned int auth_token_lifetime
 
struct key_ctx auth_token_key
 
const char * client_config_dir_exclusive
 
struct env_setes
 
openvpn_net_ctx_tnet_ctx
 
const struct plugin_listplugins
 
unsigned int ssl_flags
 
struct man_def_auth_contextmda_context
 
const struct x509_trackx509_track
 
const struct static_challenge_infosci
 
int gremlin
 
const char * ekm_label
 
size_t ekm_label_size
 
size_t ekm_size
 

Detailed Description

Definition at line 253 of file ssl_common.h.

Field Documentation

◆ auth_token_call_auth

bool tls_options::auth_token_call_auth

always call normal authentication

Definition at line 336 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_user_pass().

◆ auth_token_generate

bool tls_options::auth_token_generate

Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate.

Definition at line 333 of file ssl_common.h.

Referenced by add_session_token_env(), do_init_crypto_tls(), setup(), and verify_user_pass().

◆ auth_token_key

struct key_ctx tls_options::auth_token_key

◆ auth_token_lifetime

unsigned int tls_options::auth_token_lifetime

◆ auth_user_pass_file

const char* tls_options::auth_user_pass_file

Definition at line 331 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and key_method_2_write().

◆ auth_user_pass_verify_script

const char* tls_options::auth_user_pass_verify_script

◆ auth_user_pass_verify_script_via_file

bool tls_options::auth_user_pass_verify_script_via_file

Definition at line 329 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_user_pass_script().

◆ client_config_dir_exclusive

const char* tls_options::client_config_dir_exclusive

Definition at line 342 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_final_auth_checks().

◆ config_ciphername

const char* tls_options::config_ciphername

Definition at line 315 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and tls_session_update_crypto_params().

◆ config_ncp_ciphers

const char* tls_options::config_ncp_ciphers

Definition at line 316 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and push_peer_info().

◆ crl_file

const char* tls_options::crl_file

Definition at line 291 of file ssl_common.h.

Referenced by do_init_crypto_tls(), tls_process(), tls_verify_crl_missing(), and verify_cert().

◆ crl_file_inline

bool tls_options::crl_file_inline

Definition at line 292 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and tls_process().

◆ crypto_flags

unsigned int tls_options::crypto_flags

◆ disable_occ

bool tls_options::disable_occ

Definition at line 275 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and key_method_2_read().

◆ ekm_label

const char* tls_options::ekm_label

Definition at line 381 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and export_user_keying_material().

◆ ekm_label_size

size_t tls_options::ekm_label_size

Definition at line 382 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and export_user_keying_material().

◆ ekm_size

size_t tls_options::ekm_size

Definition at line 383 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and export_user_keying_material().

◆ es

struct env_set* tls_options::es

◆ frame

struct frame tls_options::frame

◆ gremlin

int tls_options::gremlin

Definition at line 378 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and tls_multi_process().

◆ handshake_window

int tls_options::handshake_window

Definition at line 280 of file ssl_common.h.

Referenced by auth_deferred_expire_window(), do_init_crypto_tls(), and tls_process().

◆ key_type

struct key_type tls_options::key_type

◆ local_options

const char* tls_options::local_options

Definition at line 269 of file ssl_common.h.

Referenced by key_method_2_write(), and tls_multi_init_set_options().

◆ mda_context

struct man_def_auth_context* tls_options::mda_context

◆ mode

int tls_options::mode

Definition at line 276 of file ssl_common.h.

Referenced by do_init_crypto_tls(), key_method_2_write(), and push_peer_info().

◆ ncp_enabled

bool tls_options::ncp_enabled

Definition at line 317 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and push_peer_info().

◆ net_ctx

openvpn_net_ctx_t* tls_options::net_ctx

Definition at line 346 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and push_peer_info().

◆ ns_cert_type

int tls_options::ns_cert_type

Definition at line 293 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_peer_cert().

◆ packet_timeout

interval_t tls_options::packet_timeout

Definition at line 281 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and key_state_init().

◆ pass_config_info

bool tls_options::pass_config_info

Definition at line 306 of file ssl_common.h.

◆ plugins

const struct plugin_list* tls_options::plugins

◆ pull

bool tls_options::pull

◆ push_peer_info_detail

int tls_options::push_peer_info_detail

Definition at line 278 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and push_peer_info().

◆ remote_cert_eku

const char* tls_options::remote_cert_eku

Definition at line 295 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_peer_cert().

◆ remote_cert_ku

unsigned tls_options::remote_cert_ku[MAX_PARMS]

Definition at line 294 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_peer_cert().

◆ remote_options

const char* tls_options::remote_options

Definition at line 270 of file ssl_common.h.

Referenced by key_method_2_read(), and tls_multi_init_set_options().

◆ renegotiate_bytes

int tls_options::renegotiate_bytes

◆ renegotiate_packets

int tls_options::renegotiate_packets

Definition at line 283 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and tls_process().

◆ renegotiate_seconds

interval_t tls_options::renegotiate_seconds

◆ replay

bool tls_options::replay

Definition at line 273 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and key_state_init().

◆ replay_time

int tls_options::replay_time

Definition at line 312 of file ssl_common.h.

Referenced by do_init_crypto_tls(), key_state_init(), and tls_session_init().

◆ replay_window

int tls_options::replay_window

Definition at line 311 of file ssl_common.h.

Referenced by do_init_crypto_tls(), key_state_init(), and tls_session_init().

◆ sci

const struct static_challenge_info* tls_options::sci

Definition at line 374 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and key_method_2_write().

◆ server

bool tls_options::server

◆ single_session

bool tls_options::single_session

◆ ssl_ctx

struct tls_root_ctx tls_options::ssl_ctx

◆ ssl_flags

unsigned int tls_options::ssl_flags

◆ tcp_mode

bool tls_options::tcp_mode

Definition at line 313 of file ssl_common.h.

Referenced by do_init_crypto_tls().

◆ tls_crypt_v2

bool tls_options::tls_crypt_v2

Definition at line 319 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and tls_session_init().

◆ tls_crypt_v2_verify_script

const char* tls_options::tls_crypt_v2_verify_script

◆ tls_wrap

struct tls_wrap_ctx tls_options::tls_wrap

TLS handshake wrapping state.

Definition at line 323 of file ssl_common.h.

Referenced by do_init_crypto_tls(), tls_auth_standalone_init(), and tls_session_init().

◆ tmp_dir

const char* tls_options::tmp_dir

◆ transition_window

int tls_options::transition_window

Definition at line 279 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and key_state_soft_reset().

◆ verify_command

const char* tls_options::verify_command

Definition at line 287 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_cert().

◆ verify_export_cert

const char* tls_options::verify_export_cert

Definition at line 288 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_cert().

◆ verify_hash

uint8_t* tls_options::verify_hash

Definition at line 296 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_cert().

◆ verify_hash_algo

hash_algo_type tls_options::verify_hash_algo

Definition at line 297 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_cert().

◆ verify_x509_name

const char* tls_options::verify_x509_name

Definition at line 290 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_peer_cert().

◆ verify_x509_type

int tls_options::verify_x509_type

Definition at line 289 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_peer_cert().

◆ x509_track

const struct x509_track* tls_options::x509_track

Definition at line 371 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_cert().

◆ x509_username_field

char* tls_options::x509_username_field[2]

Definition at line 301 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and verify_cert().

◆ xmit_hold

bool tls_options::xmit_hold

Definition at line 265 of file ssl_common.h.

Referenced by do_init_crypto_tls(), and key_state_init().


The documentation for this struct was generated from the following file: