This is the fourth commit in the series of incremental refactoring of the current minivpn tree.
In this commit, we introduce the controchannel package, which is the layer between reliabletransport and the TLS manager.
Control channel is an abstraction layer that deals with "control channel" messages in the OpenVPN implementation. The primary goal of the control channel is to encapsulate TLS records to complete a TLS handshake. Then this channel is established, a key exchange takes place, from where the keys for encryption in the Data Channel are then derived.
This initial implementation, as with the current state of the minivpn, implements no authentication or encryption of the control channel. This issue will be tackled later on, by implementing --tls-auth and --tls-crypt.
This is the fourth commit in the series of incremental refactoring of the current minivpn tree.
In this commit, we introduce the controchannel package, which is the layer between reliabletransport and the TLS manager.
Control channel is an abstraction layer that deals with "control channel" messages in the OpenVPN implementation. The primary goal of the control channel is to encapsulate TLS records to complete a TLS handshake. Then this channel is established, a key exchange takes place, from where the keys for encryption in the Data Channel are then derived.
This initial implementation, as with the current state of the minivpn, implements no authentication or encryption of the control channel. This issue will be tackled later on, by implementing
--tls-auth
and--tls-crypt
.Reference issue: https://github.com/ooni/minivpn/issues/47