summaryrefslogtreecommitdiff
path: root/src/openvpn/ssl_common.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/openvpn/ssl_common.h')
-rw-r--r--src/openvpn/ssl_common.h23
1 files changed, 19 insertions, 4 deletions
diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h
index 96897e4..74faf68 100644
--- a/src/openvpn/ssl_common.h
+++ b/src/openvpn/ssl_common.h
@@ -5,8 +5,8 @@
* packet encryption, packet authentication, and
* packet compression.
*
- * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
- * Copyright (C) 2010-2018 Fox Crypto B.V. <openvpn@fox-it.com>
+ * Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
+ * Copyright (C) 2010-2021 Fox Crypto B.V. <openvpn@foxcrypto.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
@@ -166,6 +166,8 @@ enum ks_auth_state {
struct key_state
{
int state;
+ /** The state of the auth-token sent from the client */
+ int auth_token_state_flags;
/**
* Key id for this key_state, inherited from struct tls_session.
@@ -347,6 +349,7 @@ struct tls_options
#define SSLF_TLS_VERSION_MIN_MASK 0xF /* (uses bit positions 6 to 9) */
#define SSLF_TLS_VERSION_MAX_SHIFT 10
#define SSLF_TLS_VERSION_MAX_MASK 0xF /* (uses bit positions 10 to 13) */
+#define SSLF_TLS_DEBUG_ENABLED (1<<14)
unsigned int ssl_flags;
#ifdef MANAGEMENT_DEF_AUTH
@@ -478,6 +481,19 @@ struct tls_session
*/
#define KEY_SCAN_SIZE 3
+
+/* client authentication state, CAS_SUCCEEDED must be 0 since
+ * non multi code path still checks this variable but does not initialise it
+ * so the code depends on zero initialisation */
+enum client_connect_status {
+ CAS_SUCCEEDED=0,
+ CAS_PENDING,
+ CAS_PENDING_DEFERRED,
+ CAS_PENDING_DEFERRED_PARTIAL, /**< at least handler succeeded, no result yet*/
+ CAS_FAILED,
+};
+
+
/**
* Security parameter state for a single VPN tunnel.
* @ingroup control_processor
@@ -518,6 +534,7 @@ struct tls_multi
int n_sessions; /**< Number of sessions negotiated thus
* far. */
+ enum client_connect_status multi_state;
/*
* Number of errors.
@@ -567,8 +584,6 @@ struct tls_multi
* OpenVPN 3 clients sometimes wipes or replaces the username with a
* username hint from their config.
*/
- int auth_token_state_flags;
- /**< The state of the auth-token sent from the client last time */
/* For P_DATA_V2 */
uint32_t peer_id;