ProtoContext: Allow external clients to enable dynamic TLS-crypt

Signed-off-by: Razvan Cojocaru <[email protected]>
OpenVPN · Dec 19, 2024 · c749836 · c749836
1 parent ee4395c
commit c749836
Showing 1 changed file with 11 additions and 2 deletions.
diff --git a/openvpn/ssl/proto.hpp b/openvpn/ssl/proto.hpp
@@ -665,6 +665,16 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
             load_common(opt, pco, server ? LOAD_COMMON_SERVER : LOAD_COMMON_CLIENT);
         }
 
+        /**
+         * Fire up the infrastructure needed in order to be able to process dynamic
+         * TLS-crypt renegotiation.
+         */
+        void enable_dynamic_tls_crypt()
+        {
+            set_tls_crypt_algs();
+            tls_crypt_ |= TLSCrypt::Dynamic;
+        }
+
         // load options string pushed by server
         void process_push(const OptionList &opt, const ProtoContextCompressionOptions &pco)
         {
@@ -823,8 +833,7 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
                         }
                         else if (flag == "dyn-tls-crypt")
                         {
-                            set_tls_crypt_algs();
-                            tls_crypt_ |= Dynamic;
+                            enable_dynamic_tls_crypt();
                         }
                         else if (flag == "tls-ekm")
                         {