Implementation with multiple threads needs that to be able run encryption
in parallel. Tested with James' OpenVPN 3 server.
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <
1474121738-19420-1-git-send-email-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12513.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
buf_printf (out, "IV_LZO_STUB=1\n");
buf_printf (out, "IV_COMP_STUB=1\n");
buf_printf (out, "IV_COMP_STUBv2=1\n");
+ buf_printf (out, "IV_TCPNL=1\n");
}
}
if (options->replay)
{
packet_id_init (&c->c2.crypto_options.packet_id,
- link_socket_proto_connection_oriented (options->ce.proto),
options->replay_window,
options->replay_time,
"STATIC", 0);
/*
* Check consistency of replay options
*/
- if ((!proto_is_udp(ce->proto))
- && (options->replay_window != defaults.replay_window
- || options->replay_time != defaults.replay_time))
- msg (M_USAGE, "--replay-window only makes sense with --proto udp");
-
if (!options->replay
&& (options->replay_window != defaults.replay_window
|| options->replay_time != defaults.replay_time))
}
void
-packet_id_init (struct packet_id *p, bool tcp_mode, int seq_backtrack, int time_backtrack, const char *name, int unit)
+packet_id_init (struct packet_id *p, int seq_backtrack, int time_backtrack, const char *name, int unit)
{
- dmsg (D_PID_DEBUG, "PID packet_id_init tcp_mode=%d seq_backtrack=%d time_backtrack=%d",
- tcp_mode,
+ dmsg (D_PID_DEBUG, "PID packet_id_init seq_backtrack=%d time_backtrack=%d",
seq_backtrack,
time_backtrack);
p->rec.name = name;
p->rec.unit = unit;
- if (seq_backtrack && !tcp_mode)
+ if (seq_backtrack)
{
ASSERT (MIN_SEQ_BACKTRACK <= seq_backtrack && seq_backtrack <= MAX_SEQ_BACKTRACK);
ASSERT (MIN_TIME_BACKTRACK <= time_backtrack && time_backtrack <= MAX_TIME_BACKTRACK);
struct packet_id_rec rec;
};
-void packet_id_init (struct packet_id *p, bool tcp_mode, int seq_backtrack, int time_backtrack, const char *name, int unit);
+void packet_id_init (struct packet_id *p, int seq_backtrack, int time_backtrack, const char *name, int unit);
void packet_id_free (struct packet_id *p);
/* should we accept an incoming packet id ? */
/* init packet ID tracker */
if (session->opt->replay)
{
- packet_id_init (&ks->crypto_options.packet_id, session->opt->tcp_mode,
+ packet_id_init (&ks->crypto_options.packet_id,
session->opt->replay_window, session->opt->replay_time, "SSL",
ks->key_id);
}
/* initialize packet ID replay window for --tls-auth */
packet_id_init (&session->tls_auth.packet_id,
- session->opt->tcp_mode,
session->opt->replay_window,
session->opt->replay_time,
"TLS_AUTH", session->key_id);
projects / thirdparty / openvpn.git / commitdiff
