summaryrefslogtreecommitdiff
path: root/src/openvpn/ssl.h
diff options
context:
space:
mode:
authorBernhard Schmidt <berni@debian.org>2019-03-07 21:38:56 +0100
committerBernhard Schmidt <berni@debian.org>2019-03-07 21:38:56 +0100
commitcfcec33bd88faeb354a33bd5f8052486ac848f9a (patch)
tree8e1ace9a34f5ee12b34416b02d514da67d54c907 /src/openvpn/ssl.h
parent7486cf05cdeb6996fdf249e5a2f15d93a47dbac1 (diff)
parenta351f71e82badcc71a2ce881bbb97eccfcebc06b (diff)
Merge tag 'debian/2.4.7-1' into stretch-backports
openvpn Debian release 2.4.7-1
Diffstat (limited to 'src/openvpn/ssl.h')
-rw-r--r--src/openvpn/ssl.h21
1 files changed, 18 insertions, 3 deletions
diff --git a/src/openvpn/ssl.h b/src/openvpn/ssl.h
index 0e0f68f..8066789 100644
--- a/src/openvpn/ssl.h
+++ b/src/openvpn/ssl.h
@@ -5,8 +5,8 @@
* packet encryption, packet authentication, and
* packet compression.
*
- * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
- * Copyright (C) 2010-2017 Fox Crypto B.V. <openvpn@fox-it.com>
+ * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
+ * Copyright (C) 2010-2018 Fox Crypto B.V. <openvpn@fox-it.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
@@ -78,7 +78,7 @@
/*
* Define number of buffers for send and receive in the reliability layer.
*/
-#define TLS_RELIABLE_N_SEND_BUFFERS 4 /* also window size for reliablity layer */
+#define TLS_RELIABLE_N_SEND_BUFFERS 4 /* also window size for reliability layer */
#define TLS_RELIABLE_N_REC_BUFFERS 8
/*
@@ -438,6 +438,8 @@ void ssl_set_auth_token(const char *token);
*/
void ssl_purge_auth_challenge(void);
+bool ssl_clean_auth_token(void);
+
void ssl_put_auth_challenge(const char *cr_str);
#endif
@@ -600,6 +602,19 @@ bool is_hard_reset(int op, int key_method);
void delayed_auth_pass_purge(void);
+
+/*
+ * Show the TLS ciphers that are available for us to use in the SSL
+ * library with headers hinting their usage and warnings about usage.
+ *
+ * @param cipher_list list of allowed TLS cipher, or NULL.
+ * @param cipher_list_tls13 list of allowed TLS 1.3+ cipher, or NULL
+ * @param tls_cert_profile TLS certificate crypto profile name.
+ */
+void
+show_available_tls_ciphers(const char *cipher_list,
+ const char *cipher_list_tls13,
+ const char *tls_cert_profile);
#endif /* ENABLE_CRYPTO */
#endif /* ifndef OPENVPN_SSL_H */