GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-03-16 06:49:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Use a macro for the DTLS-PSK protocol indicator

Browse Source 
Also corrected its usage in worker-http
This commit is contained in:
Nikos Mavrogiannopoulos
2016-09-13 14:09:53 +02:00
parent b0dcea76ca
commit 58b447c413
3 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/vpn.h
View File

@@ -49,6 +49,7 @@
#endif
#define MAX_MSG_SIZE 16*1024
#define DTLS_PROTO_INDICATOR "PSK-NEGOTIATE"
enum {
PS_AUTH_INACTIVE, /* no comm with worker */

4
src/worker-http.c
View File

@@ -269,8 +269,8 @@ void header_value_check(struct worker_st *ws, struct http_req_st *req)
req->selected_ciphersuite = NULL;
str = (char *)value;
p = strstr(str, "PSK-NEGOTIATE");
if (p != NULL && (p[3] == 0 || p[3] == ':')) {
p = strstr(str, DTLS_PROTO_INDICATOR);
if (p != NULL && (p[sizeof(DTLS_PROTO_INDICATOR)-1] == 0 || p[sizeof(DTLS_PROTO_INDICATOR)-1] == ':')) {
/* OpenConnect DTLS setup was detected. */
req->use_psk = 1;
req->master_secret_set = 1; /* we don't need it */

4
src/worker-vpn.c
View File

@@ -1969,9 +1969,9 @@ static int connect_handler(worker_st * ws)
SEND_ERR(ret);
if (ws->req.use_psk || !ws->config->cisco_client_compat) {
oclog(ws, LOG_INFO, "DTLS ciphersuite: PSK-NEGOTIATE");
oclog(ws, LOG_INFO, "DTLS ciphersuite: "DTLS_PROTO_INDICATOR);
ret =
cstp_printf(ws, "X-DTLS-CipherSuite: PSK-NEGOTIATE\r\n");
cstp_printf(ws, "X-DTLS-CipherSuite: "DTLS_PROTO_INDICATOR"\r\n");
} else {
oclog(ws, LOG_INFO, "DTLS ciphersuite: %s",
ws->req.selected_ciphersuite->oc_name);