diff options
author | Steffan Karger | 2016-02-07 20:47:10 +0100 |
---|---|---|
committer | Gert Doering | 2016-02-09 07:58:40 +0100 |
commit | e7d78e407d41d48fbd91a71b2edfedcd2879b778 (patch) | |
tree | 23cad1e80834a529ed3df7d355327ba54a3f53b5 /src/openvpn/openvpn.h | |
parent | 70fbc5be209635739458267abde31b5cd4f770d0 (diff) | |
download | openvpn-e7d78e407d41d48fbd91a71b2edfedcd2879b778.zip openvpn-e7d78e407d41d48fbd91a71b2edfedcd2879b778.tar.gz |
Remove reuse of key_type during init of data channel auth and tls-auth
Prepare for using AEAD cipher modes + tls-auth, as tls-auth might want to
use an HMAC, while the data channel uses e.g. GCM tags. This separates
the two initialisations. Also, error out (and give a clear error message)
if a user specifies tls-auth but no valid auth algorithm, which makes no
sense at all.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1454874438-5081-3-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11073
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/openvpn.h')
-rw-r--r-- | src/openvpn/openvpn.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h index 3f1df6e..71adf48 100644 --- a/src/openvpn/openvpn.h +++ b/src/openvpn/openvpn.h @@ -66,6 +66,7 @@ struct key_schedule struct tls_root_ctx ssl_ctx; /* optional authentication HMAC key for TLS control channel */ + struct key_type tls_auth_key_type; struct key_ctx_bi tls_auth_key; #else /* ENABLE_CRYPTO */ int dummy; |