diff options
Diffstat (limited to 'ssl.h')
| -rw-r--r-- | ssl.h | 34 |
1 files changed, 31 insertions, 3 deletions
@@ -5,7 +5,7 @@ * packet encryption, packet authentication, and * packet compression. * - * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net> + * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -378,8 +378,10 @@ struct key_state struct reliable *rec_reliable; /* order incoming ciphertext packets before we pass to TLS */ struct reliable_ack *rec_ack; /* buffers all packet IDs we want to ACK back to sender */ - int n_bytes; /* how many bytes sent/recvd since last key exchange */ - int n_packets; /* how many packets sent/recvd since last key exchange */ + struct buffer_list *paybuf; + + counter_type n_bytes; /* how many bytes sent/recvd since last key exchange */ + counter_type n_packets; /* how many packets sent/recvd since last key exchange */ /* * If bad username/password, TLS connection will come up but 'authenticated' will be false. @@ -434,6 +436,9 @@ struct tls_options #ifdef ENABLE_OCC bool disable_occ; #endif +#ifdef ENABLE_PUSH_PEER_INFO + bool push_peer_info; +#endif int transition_window; int handshake_window; interval_t packet_timeout; @@ -618,6 +623,12 @@ struct tls_multi */ char *client_reason; + /* + * A multi-line string of general-purpose info received from peer + * over control channel. + */ + char *peer_info; + /* Time of last call to tls_authentication_status */ time_t tas_last; #endif @@ -694,6 +705,17 @@ void auth_user_pass_setup (const char *auth_file); void ssl_set_auth_nocache (void); void ssl_purge_auth (void); + +#ifdef ENABLE_CLIENT_CR +/* + * ssl_get_auth_challenge will parse the server-pushed auth-failed + * reason string and return a dynamically allocated + * auth_challenge_info struct. + */ +void ssl_purge_auth_challenge (void); +void ssl_put_auth_challenge (const char *cr_str); +#endif + void tls_set_verify_command (const char *cmd); void tls_set_crl_verify (const char *crl); void tls_set_verify_x509name (const char *x509name); @@ -721,6 +743,12 @@ void tls_deauthenticate (struct tls_multi *multi); #ifdef MANAGEMENT_DEF_AUTH bool tls_authenticate_key (struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason); + +static inline char * +tls_get_peer_info(const struct tls_multi *multi) +{ + return multi->peer_info; +} #endif /* |