]>
Commit | Line | Data |
---|---|---|
9a160b79 AJ |
1 | /* |
2 | * OpenVPN -- An application to securely tunnel IP networks | |
3 | * over a single TCP/UDP port, with support for SSL/TLS-based | |
4 | * session authentication and key exchange, | |
5 | * packet encryption, packet authentication, and | |
6 | * packet compression. | |
7 | * | |
49979459 DS |
8 | * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> |
9 | * Copyright (C) 2010-2018 Fox Crypto B.V. <openvpn@fox-it.com> | |
9a160b79 AJ |
10 | * |
11 | * This program is free software; you can redistribute it and/or modify | |
12 | * it under the terms of the GNU General Public License version 2 | |
13 | * as published by the Free Software Foundation. | |
14 | * | |
15 | * This program is distributed in the hope that it will be useful, | |
16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
18 | * GNU General Public License for more details. | |
19 | * | |
caa54ac3 DS |
20 | * You should have received a copy of the GNU General Public License along |
21 | * with this program; if not, write to the Free Software Foundation, Inc., | |
22 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
9a160b79 AJ |
23 | */ |
24 | ||
25 | /** | |
26 | * @file Control Channel Common Data Structures | |
27 | */ | |
28 | ||
29 | #ifndef SSL_COMMON_H_ | |
30 | #define SSL_COMMON_H_ | |
31 | ||
32 | #include "session_id.h" | |
33 | #include "socket.h" | |
34 | #include "packet_id.h" | |
35 | #include "crypto.h" | |
36 | #include "options.h" | |
37 | ||
38 | #include "ssl_backend.h" | |
39 | ||
289a8bb8 AJ |
40 | /* passwords */ |
41 | #define UP_TYPE_AUTH "Auth" | |
42 | #define UP_TYPE_PRIVATE_KEY "Private Key" | |
43 | ||
d0811e64 AJ |
44 | /** @addtogroup control_processor |
45 | * @{ */ | |
46 | /** | |
47 | * @name Control channel negotiation states | |
48 | * | |
49 | * These states represent the different phases of control channel | |
50 | * negotiation between OpenVPN peers. OpenVPN servers and clients | |
51 | * progress through the states in a different order, because of their | |
52 | * different roles during exchange of random material. The references to | |
53 | * the \c key_source2 structure in the list below is only valid if %key | |
54 | * method 2 is being used. See the \link key_generation data channel key | |
55 | * generation\endlink related page for more information. | |
56 | * | |
57 | * Clients follow this order: | |
58 | * -# \c S_INITIAL, ready to begin three-way handshake and control | |
59 | * channel negotiation. | |
60 | * -# \c S_PRE_START, have started three-way handshake, waiting for | |
61 | * acknowledgment from remote. | |
62 | * -# \c S_START, initial three-way handshake complete. | |
63 | * -# \c S_SENT_KEY, have sent local part of \c key_source2 random | |
64 | * material. | |
65 | * -# \c S_GOT_KEY, have received remote part of \c key_source2 random | |
66 | * material. | |
67 | * -# \c S_ACTIVE, normal operation during remaining handshake window. | |
68 | * -# \c S_NORMAL_OP, normal operation. | |
69 | * | |
70 | * Servers follow the same order, except for \c S_SENT_KEY and \c | |
71 | * S_GOT_KEY being reversed, because the server first receives the | |
72 | * client's \c key_source2 random material before generating and sending | |
73 | * its own. | |
74 | * | |
75 | * @{ | |
76 | */ | |
77 | #define S_ERROR -1 /**< Error state. */ | |
78 | #define S_UNDEF 0 /**< Undefined state, used after a \c | |
79 | * key_state is cleaned up. */ | |
80 | #define S_INITIAL 1 /**< Initial \c key_state state after | |
81 | * initialization by \c key_state_init() | |
82 | * before start of three-way handshake. */ | |
83 | #define S_PRE_START 2 /**< Waiting for the remote OpenVPN peer | |
84 | * to acknowledge during the initial | |
85 | * three-way handshake. */ | |
86 | #define S_START 3 /**< Three-way handshake is complete, | |
87 | * start of key exchange. */ | |
88 | #define S_SENT_KEY 4 /**< Local OpenVPN process has sent its | |
89 | * part of the key material. */ | |
90 | #define S_GOT_KEY 5 /**< Local OpenVPN process has received | |
91 | * the remote's part of the key | |
92 | * material. */ | |
93 | #define S_ACTIVE 6 /**< Operational \c key_state state | |
94 | * immediately after negotiation has | |
95 | * completed while still within the | |
96 | * handshake window. */ | |
97 | /* ready to exchange data channel packets */ | |
98 | #define S_NORMAL_OP 7 /**< Normal operational \c key_state | |
99 | * state. */ | |
100 | /** @} name Control channel negotiation states */ | |
101 | /** @} addtogroup control_processor */ | |
102 | ||
67d8a0d4 AJ |
103 | /** |
104 | * Container for one half of random material to be used in %key method 2 | |
105 | * \ref key_generation "data channel key generation". | |
106 | * @ingroup control_processor | |
107 | */ | |
108 | struct key_source { | |
81d882d5 | 109 | uint8_t pre_master[48]; /**< Random used for master secret |
67d8a0d4 AJ |
110 | * generation, provided only by client |
111 | * OpenVPN peer. */ | |
81d882d5 | 112 | uint8_t random1[32]; /**< Seed used for master secret |
67d8a0d4 AJ |
113 | * generation, provided by both client |
114 | * and server. */ | |
81d882d5 | 115 | uint8_t random2[32]; /**< Seed used for key expansion, provided |
67d8a0d4 AJ |
116 | * by both client and server. */ |
117 | }; | |
118 | ||
119 | ||
120 | /** | |
121 | * Container for both halves of random material to be used in %key method | |
122 | * 2 \ref key_generation "data channel key generation". | |
123 | * @ingroup control_processor | |
124 | */ | |
125 | struct key_source2 { | |
81d882d5 DS |
126 | struct key_source client; /**< Random provided by client. */ |
127 | struct key_source server; /**< Random provided by server. */ | |
67d8a0d4 AJ |
128 | }; |
129 | ||
130 | /** | |
131 | * Security parameter state of one TLS and data channel %key session. | |
132 | * @ingroup control_processor | |
133 | * | |
134 | * This structure represents one security parameter session between | |
135 | * OpenVPN peers. It includes the control channel TLS state and the data | |
136 | * channel crypto state. It also contains the reliability layer | |
137 | * structures used for control channel messages. | |
138 | * | |
139 | * A new \c key_state structure is initialized for each hard or soft | |
140 | * reset. | |
141 | * | |
142 | * @see | |
143 | * - This structure should be initialized using the \c key_state_init() | |
144 | * function. | |
145 | * - This structure should be cleaned up using the \c key_state_free() | |
146 | * function. | |
147 | */ | |
148 | struct key_state | |
149 | { | |
81d882d5 | 150 | int state; |
97894360 | 151 | |
81d882d5 DS |
152 | /** |
153 | * Key id for this key_state, inherited from struct tls_session. | |
154 | * @see tls_session::key_id. | |
155 | */ | |
156 | int key_id; | |
67d8a0d4 | 157 | |
81d882d5 | 158 | struct key_state_ssl ks_ssl; /* contains SSL object and BIOs for the control channel */ |
67d8a0d4 | 159 | |
81d882d5 DS |
160 | time_t established; /* when our state went S_ACTIVE */ |
161 | time_t must_negotiate; /* key negotiation times out if not finished before this time */ | |
162 | time_t must_die; /* this object is destroyed at this time */ | |
67d8a0d4 | 163 | |
81d882d5 DS |
164 | int initial_opcode; /* our initial P_ opcode */ |
165 | struct session_id session_id_remote; /* peer's random session ID */ | |
166 | struct link_socket_actual remote_addr; /* peer's IP addr */ | |
67d8a0d4 | 167 | |
81d882d5 | 168 | struct crypto_options crypto_options;/* data channel crypto options */ |
67d8a0d4 | 169 | |
81d882d5 | 170 | struct key_source2 *key_src; /* source entropy for key expansion */ |
67d8a0d4 | 171 | |
81d882d5 DS |
172 | struct buffer plaintext_read_buf; |
173 | struct buffer plaintext_write_buf; | |
174 | struct buffer ack_write_buf; | |
67d8a0d4 | 175 | |
81d882d5 DS |
176 | struct reliable *send_reliable; /* holds a copy of outgoing packets until ACK received */ |
177 | struct reliable *rec_reliable; /* order incoming ciphertext packets before we pass to TLS */ | |
178 | struct reliable_ack *rec_ack; /* buffers all packet IDs we want to ACK back to sender */ | |
67d8a0d4 | 179 | |
81d882d5 | 180 | struct buffer_list *paybuf; |
67d8a0d4 | 181 | |
81d882d5 DS |
182 | counter_type n_bytes; /* how many bytes sent/recvd since last key exchange */ |
183 | counter_type n_packets; /* how many packets sent/recvd since last key exchange */ | |
67d8a0d4 | 184 | |
81d882d5 DS |
185 | /* |
186 | * If bad username/password, TLS connection will come up but 'authenticated' will be false. | |
187 | */ | |
188 | bool authenticated; | |
189 | time_t auth_deferred_expire; | |
67d8a0d4 AJ |
190 | |
191 | #ifdef ENABLE_DEF_AUTH | |
81d882d5 DS |
192 | /* If auth_deferred is true, authentication is being deferred */ |
193 | bool auth_deferred; | |
67d8a0d4 | 194 | #ifdef MANAGEMENT_DEF_AUTH |
81d882d5 DS |
195 | unsigned int mda_key_id; |
196 | unsigned int mda_status; | |
67d8a0d4 AJ |
197 | #endif |
198 | #ifdef PLUGIN_DEF_AUTH | |
81d882d5 DS |
199 | unsigned int auth_control_status; |
200 | time_t acf_last_mod; | |
201 | char *auth_control_file; | |
67d8a0d4 AJ |
202 | #endif |
203 | #endif | |
204 | }; | |
205 | ||
c6e24fa3 SK |
206 | /** Control channel wrapping (--tls-auth/--tls-crypt) context */ |
207 | struct tls_wrap_ctx | |
208 | { | |
81d882d5 DS |
209 | enum { |
210 | TLS_WRAP_NONE = 0, /**< No control channel wrapping */ | |
211 | TLS_WRAP_AUTH, /**< Control channel authentication */ | |
212 | TLS_WRAP_CRYPT, /**< Control channel encryption and authentication */ | |
213 | } mode; /**< Control channel wrapping mode */ | |
214 | struct crypto_options opt; /**< Crypto state */ | |
215 | struct buffer work; /**< Work buffer (only for --tls-crypt) */ | |
19dffdbd SK |
216 | struct key_ctx tls_crypt_v2_server_key; /**< Decrypts client keys */ |
217 | const struct buffer *tls_crypt_v2_wkc; /**< Wrapped client key, | |
218 | sent to server */ | |
219 | struct buffer tls_crypt_v2_metadata; /**< Received from client */ | |
220 | bool cleanup_key_ctx; /**< opt.key_ctx_bi is owned by | |
221 | this context */ | |
c6e24fa3 SK |
222 | }; |
223 | ||
67d8a0d4 AJ |
224 | /* |
225 | * Our const options, obtained directly or derived from | |
226 | * command line options. | |
227 | */ | |
228 | struct tls_options | |
229 | { | |
81d882d5 DS |
230 | /* our master TLS context from which all SSL objects derived */ |
231 | struct tls_root_ctx ssl_ctx; | |
67d8a0d4 | 232 | |
81d882d5 DS |
233 | /* data channel cipher, hmac, and key lengths */ |
234 | struct key_type key_type; | |
67d8a0d4 | 235 | |
81d882d5 DS |
236 | /* true if we are a TLS server, client otherwise */ |
237 | bool server; | |
67d8a0d4 | 238 | |
81d882d5 DS |
239 | /* if true, don't xmit until first packet from peer is received */ |
240 | bool xmit_hold; | |
67d8a0d4 AJ |
241 | |
242 | #ifdef ENABLE_OCC | |
81d882d5 DS |
243 | /* local and remote options strings |
244 | * that must match between client and server */ | |
245 | const char *local_options; | |
246 | const char *remote_options; | |
67d8a0d4 AJ |
247 | #endif |
248 | ||
81d882d5 DS |
249 | /* from command line */ |
250 | int key_method; | |
251 | bool replay; | |
252 | bool single_session; | |
67d8a0d4 | 253 | #ifdef ENABLE_OCC |
81d882d5 | 254 | bool disable_occ; |
67d8a0d4 | 255 | #endif |
81d882d5 DS |
256 | int mode; |
257 | bool pull; | |
81d882d5 | 258 | int push_peer_info_detail; |
81d882d5 DS |
259 | int transition_window; |
260 | int handshake_window; | |
261 | interval_t packet_timeout; | |
262 | int renegotiate_bytes; | |
263 | int renegotiate_packets; | |
264 | interval_t renegotiate_seconds; | |
265 | ||
266 | /* cert verification parms */ | |
267 | const char *verify_command; | |
268 | const char *verify_export_cert; | |
269 | int verify_x509_type; | |
270 | const char *verify_x509_name; | |
271 | const char *crl_file; | |
272 | const char *crl_file_inline; | |
273 | int ns_cert_type; | |
274 | unsigned remote_cert_ku[MAX_PARMS]; | |
275 | const char *remote_cert_eku; | |
276 | uint8_t *verify_hash; | |
2193d7c0 | 277 | hash_algo_type verify_hash_algo; |
81d882d5 DS |
278 | char *x509_username_field; |
279 | ||
280 | /* allow openvpn config info to be | |
281 | * passed over control channel */ | |
282 | bool pass_config_info; | |
283 | ||
284 | /* struct crypto_option flags */ | |
285 | unsigned int crypto_flags; | |
286 | ||
287 | int replay_window; /* --replay-window parm */ | |
288 | int replay_time; /* --replay-window parm */ | |
289 | bool tcp_mode; | |
290 | ||
291 | const char *config_ciphername; | |
292 | const char *config_authname; | |
293 | bool ncp_enabled; | |
294 | ||
283290bf | 295 | bool tls_crypt_v2; |
ff931c5e | 296 | const char *tls_crypt_v2_verify_script; |
283290bf | 297 | |
81d882d5 DS |
298 | /** TLS handshake wrapping state */ |
299 | struct tls_wrap_ctx tls_wrap; | |
300 | ||
301 | /* frame parameters for TLS control channel */ | |
302 | struct frame frame; | |
303 | ||
304 | /* used for username/password authentication */ | |
305 | const char *auth_user_pass_verify_script; | |
306 | bool auth_user_pass_verify_script_via_file; | |
307 | const char *tmp_dir; | |
308 | const char *auth_user_pass_file; | |
309 | bool auth_token_generate; /**< Generate auth-tokens on successful user/pass auth, | |
58066d04 | 310 | * set via options->auth_token_generate. */ |
81d882d5 | 311 | unsigned int auth_token_lifetime; |
67d8a0d4 | 312 | |
81d882d5 DS |
313 | /* use the client-config-dir as a positive authenticator */ |
314 | const char *client_config_dir_exclusive; | |
67d8a0d4 | 315 | |
81d882d5 DS |
316 | /* instance-wide environment variable set */ |
317 | struct env_set *es; | |
318 | const struct plugin_list *plugins; | |
67d8a0d4 | 319 | |
81d882d5 | 320 | /* compression parms */ |
38d96bd7 | 321 | #ifdef USE_COMP |
81d882d5 | 322 | struct compress_options comp_options; |
38d96bd7 JY |
323 | #endif |
324 | ||
81d882d5 DS |
325 | /* configuration file SSL-related boolean and low-permutation options */ |
326 | #define SSLF_CLIENT_CERT_NOT_REQUIRED (1<<0) | |
327 | #define SSLF_CLIENT_CERT_OPTIONAL (1<<1) | |
328 | #define SSLF_USERNAME_AS_COMMON_NAME (1<<2) | |
329 | #define SSLF_AUTH_USER_PASS_OPTIONAL (1<<3) | |
330 | #define SSLF_OPT_VERIFY (1<<4) | |
331 | #define SSLF_CRL_VERIFY_DIR (1<<5) | |
332 | #define SSLF_TLS_VERSION_MIN_SHIFT 6 | |
333 | #define SSLF_TLS_VERSION_MIN_MASK 0xF /* (uses bit positions 6 to 9) */ | |
334 | #define SSLF_TLS_VERSION_MAX_SHIFT 10 | |
335 | #define SSLF_TLS_VERSION_MAX_MASK 0xF /* (uses bit positions 10 to 13) */ | |
336 | unsigned int ssl_flags; | |
67d8a0d4 AJ |
337 | |
338 | #ifdef MANAGEMENT_DEF_AUTH | |
81d882d5 | 339 | struct man_def_auth_context *mda_context; |
67d8a0d4 AJ |
340 | #endif |
341 | ||
81d882d5 | 342 | const struct x509_track *x509_track; |
67d8a0d4 | 343 | |
66b9409b | 344 | #ifdef ENABLE_MANAGEMENT |
81d882d5 | 345 | const struct static_challenge_info *sci; |
67d8a0d4 AJ |
346 | #endif |
347 | ||
81d882d5 DS |
348 | /* --gremlin bits */ |
349 | int gremlin; | |
685e486e | 350 | |
81d882d5 DS |
351 | /* Keying Material Exporter [RFC 5705] parameters */ |
352 | const char *ekm_label; | |
353 | size_t ekm_label_size; | |
354 | size_t ekm_size; | |
67d8a0d4 AJ |
355 | }; |
356 | ||
49620510 AJ |
357 | /** @addtogroup control_processor |
358 | * @{ */ | |
359 | /** @name Index of key_state objects within a tls_session structure | |
360 | * | |
361 | * This is the index of \c tls_session.key | |
362 | * | |
363 | * @{ */ | |
364 | #define KS_PRIMARY 0 /**< Primary %key state index. */ | |
365 | #define KS_LAME_DUCK 1 /**< %Key state index that will retire | |
366 | * soon. */ | |
367 | #define KS_SIZE 2 /**< Size of the \c tls_session.key array. */ | |
368 | /** @} name Index of key_state objects within a tls_session structure */ | |
369 | /** @} addtogroup control_processor */ | |
370 | ||
270dc911 DS |
371 | #define AUTH_TOKEN_SIZE 32 /**< Size of server side generated auth tokens. |
372 | * 32 bytes == 256 bits | |
373 | */ | |
49620510 AJ |
374 | |
375 | /** | |
376 | * Security parameter state of a single session within a VPN tunnel. | |
377 | * @ingroup control_processor | |
378 | * | |
379 | * This structure represents an OpenVPN peer-to-peer control channel | |
380 | * session. | |
381 | * | |
382 | * A \c tls_session remains over soft resets, but a new instance is | |
383 | * initialized for each hard reset. | |
384 | * | |
385 | * @see | |
386 | * - This structure should be initialized using the \c tls_session_init() | |
387 | * function. | |
388 | * - This structure should be cleaned up using the \c tls_session_free() | |
389 | * function. | |
390 | */ | |
391 | struct tls_session | |
392 | { | |
81d882d5 DS |
393 | /* const options and config info */ |
394 | struct tls_options *opt; | |
49620510 | 395 | |
81d882d5 DS |
396 | /* during hard reset used to control burst retransmit */ |
397 | bool burst; | |
49620510 | 398 | |
81d882d5 DS |
399 | /* authenticate control packets */ |
400 | struct tls_wrap_ctx tls_wrap; | |
49620510 | 401 | |
81d882d5 DS |
402 | int initial_opcode; /* our initial P_ opcode */ |
403 | struct session_id session_id; /* our random session ID */ | |
97894360 | 404 | |
81d882d5 DS |
405 | /** |
406 | * The current active key id, used to keep track of renegotiations. | |
407 | * key_id increments with each soft reset to KEY_ID_MASK then recycles back | |
408 | * to 1. This way you know that if key_id is 0, it is the first key. | |
409 | */ | |
410 | int key_id; | |
49620510 | 411 | |
81d882d5 | 412 | int limit_next; /* used for traffic shaping on the control channel */ |
49620510 | 413 | |
81d882d5 | 414 | int verify_maxlevel; |
49620510 | 415 | |
81d882d5 | 416 | char *common_name; |
49620510 | 417 | |
81d882d5 | 418 | struct cert_hash_set *cert_hash_set; |
49620510 AJ |
419 | |
420 | #ifdef ENABLE_PF | |
81d882d5 | 421 | uint32_t common_name_hashval; |
49620510 AJ |
422 | #endif |
423 | ||
81d882d5 | 424 | bool verified; /* true if peer certificate was verified against CA */ |
49620510 | 425 | |
81d882d5 DS |
426 | /* not-yet-authenticated incoming client */ |
427 | struct link_socket_actual untrusted_addr; | |
49620510 | 428 | |
81d882d5 | 429 | struct key_state key[KS_SIZE]; |
49620510 AJ |
430 | }; |
431 | ||
432 | /** @addtogroup control_processor | |
433 | * @{ */ | |
434 | /** @name Index of tls_session objects within a tls_multi structure | |
435 | * | |
436 | * This is the index of \c tls_multi.session | |
437 | * | |
438 | * Normally three tls_session objects are maintained by an active openvpn | |
439 | * session. The first is the current, TLS authenticated session, the | |
440 | * second is used to process connection requests from a new client that | |
441 | * would usurp the current session if successfully authenticated, and the | |
442 | * third is used as a repository for a "lame-duck" %key in the event that | |
443 | * the primary session resets due to error while the lame-duck %key still | |
444 | * has time left before its expiration. Lame duck keys are used to | |
445 | * maintain the continuity of the data channel connection while a new %key | |
446 | * is being negotiated. | |
447 | * | |
448 | * @{ */ | |
449 | #define TM_ACTIVE 0 /**< Active \c tls_session. */ | |
450 | #define TM_UNTRUSTED 1 /**< As yet un-trusted \c tls_session | |
451 | * being negotiated. */ | |
452 | #define TM_LAME_DUCK 2 /**< Old \c tls_session. */ | |
453 | #define TM_SIZE 3 /**< Size of the \c tls_multi.session | |
454 | * array. */ | |
455 | /** @} name Index of tls_session objects within a tls_multi structure */ | |
456 | /** @} addtogroup control_processor */ | |
457 | ||
458 | ||
459 | /* | |
460 | * The number of keys we will scan on encrypt or decrypt. The first | |
461 | * is the "active" key. The second is the lame_duck or retiring key | |
462 | * associated with the active key's session ID. The third is a detached | |
463 | * lame duck session that only occurs in situations where a key renegotiate | |
464 | * failed on the active key, but a lame duck key was still valid. By | |
465 | * preserving the lame duck session, we can be assured of having a data | |
466 | * channel key available even when network conditions are so bad that | |
467 | * we can't negotiate a new key within the time allotted. | |
468 | */ | |
469 | #define KEY_SCAN_SIZE 3 | |
470 | ||
471 | ||
472 | /** | |
473 | * Security parameter state for a single VPN tunnel. | |
474 | * @ingroup control_processor | |
475 | * | |
476 | * An active VPN tunnel running with TLS enabled has one \c tls_multi | |
477 | * object, in which it stores all control channel and data channel | |
478 | * security parameter state. This structure can contain multiple, | |
479 | * possibly simultaneously active, \c tls_context objects to allow for | |
480 | * interruption-less transitions during session renegotiations. Each \c | |
481 | * tls_context represents one control channel session, which can span | |
482 | * multiple data channel security parameter sessions stored in \c | |
483 | * key_state structures. | |
484 | */ | |
485 | struct tls_multi | |
486 | { | |
81d882d5 DS |
487 | /* used to coordinate access between main thread and TLS thread */ |
488 | /*MUTEX_PTR_DEFINE (mutex);*/ | |
489 | ||
490 | /* const options and config info */ | |
491 | struct tls_options opt; | |
492 | ||
493 | struct key_state *key_scan[KEY_SCAN_SIZE]; | |
494 | /**< List of \c key_state objects in the | |
495 | * order they should be scanned by data | |
496 | * channel modules. */ | |
497 | ||
498 | /* | |
499 | * used by tls_pre_encrypt to communicate the encrypt key | |
500 | * to tls_post_encrypt() | |
501 | */ | |
502 | struct key_state *save_ks; /* temporary pointer used between pre/post routines */ | |
503 | ||
504 | /* | |
505 | * Used to return outgoing address from | |
506 | * tls_multi_process. | |
507 | */ | |
508 | struct link_socket_actual to_link_addr; | |
509 | ||
510 | int n_sessions; /**< Number of sessions negotiated thus | |
49620510 AJ |
511 | * far. */ |
512 | ||
81d882d5 DS |
513 | /* |
514 | * Number of errors. | |
515 | */ | |
516 | int n_hard_errors; /* errors due to TLS negotiation failure */ | |
517 | int n_soft_errors; /* errors due to unrecognized or failed-to-authenticate incoming packets */ | |
49620510 | 518 | |
81d882d5 DS |
519 | /* |
520 | * Our locked common name, username, and cert hashes (cannot change during the life of this tls_multi object) | |
521 | */ | |
522 | char *locked_cn; | |
523 | char *locked_username; | |
524 | struct cert_hash_set *locked_cert_hash_set; | |
49620510 AJ |
525 | |
526 | #ifdef ENABLE_DEF_AUTH | |
81d882d5 DS |
527 | /* |
528 | * An error message to send to client on AUTH_FAILED | |
529 | */ | |
530 | char *client_reason; | |
49620510 | 531 | |
81d882d5 DS |
532 | /* Time of last call to tls_authentication_status */ |
533 | time_t tas_last; | |
a8be7379 GD |
534 | #endif |
535 | ||
1eb9a127 | 536 | #if P2MP_SERVER |
81d882d5 DS |
537 | /* |
538 | * A multi-line string of general-purpose info received from peer | |
539 | * over control channel. | |
540 | */ | |
541 | char *peer_info; | |
49620510 AJ |
542 | #endif |
543 | ||
81d882d5 DS |
544 | /* For P_DATA_V2 */ |
545 | uint32_t peer_id; | |
546 | bool use_peer_id; | |
65eedc35 | 547 | |
81d882d5 | 548 | char *remote_ciphername; /**< cipher specified in peer's config file */ |
6e5ad2fa | 549 | |
81d882d5 | 550 | char *auth_token; /**< If server sends a generated auth-token, |
270dc911 DS |
551 | * this is the token to use for future |
552 | * user/pass authentications in this session. | |
553 | */ | |
81d882d5 DS |
554 | time_t auth_token_tstamp; /**< timestamp of the generated token */ |
555 | bool auth_token_sent; /**< If server uses --auth-gen-token and | |
556 | * token has been sent to client */ | |
557 | /* | |
558 | * Our session objects. | |
559 | */ | |
560 | struct tls_session session[TM_SIZE]; | |
561 | /**< Array of \c tls_session objects | |
562 | * representing control channel | |
563 | * sessions with the remote peer. */ | |
49620510 AJ |
564 | }; |
565 | ||
9a160b79 | 566 | #endif /* SSL_COMMON_H_ */ |