1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single TCP/UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2020 OpenVPN Inc <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License along 20 * with this program; if not, write to the Free Software Foundation, Inc., 21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 22 */ 23 24 /** 25 * @file SSL utility function. This file (and its .c file) is designed to 26 * to be included in units/etc without pulling in a lot of dependencies 27 */ 28 29 #ifndef SSL_UTIL_H_ 30 #define SSL_UTIL_H_ 31 32 #include "buffer.h" 33 34 /** 35 * Extracts a variable from peer info, the returned string will be allocated 36 * using the supplied gc_arena 37 * 38 * @param peer_info The peer's peer_info 39 * @param var The variable *including* =, e.g. IV_CIPHERS= 40 * 41 * @return The content of the variable as NULL terminated string or NULL if the 42 * variable cannot be found. 43 */ 44 char * 45 extract_var_peer_info(const char *peer_info, 46 const char *var, 47 struct gc_arena *gc); 48 49 /** 50 * Extracts the IV_PROTO variable and returns its value or 0 51 * if it cannot be extracted. 52 * 53 * @param peer_info peer info string to search for IV_PROTO 54 */ 55 unsigned int 56 extract_iv_proto(const char *peer_info); 57 58 /** 59 * Takes a locally produced OCC string for TLS server mode and modifies as 60 * if the option comp-lzo was enabled. This is to send a client in 61 * comp-lzo migrate mode the expected OCC string. 62 * 63 * Note: This function expects the string to be in the locally generated 64 * format and does not accept arbitrary strings. 65 * 66 * @param options the locally generated OCC string 67 * @param gc gc_arena to allocate the returned string in 68 * @return the modified string or options on error 69 */ 70 const char * 71 options_string_compat_lzo(const char *options, struct gc_arena *gc); 72 #endif 73