#include "syshead.h"#include "win32.h"#include "init.h"#include "run_command.h"#include "sig.h"#include "occ.h"#include "list.h"#include "otime.h"#include "pool.h"#include "gremlin.h"#include "pkcs11.h"#include "ps.h"#include "lladdr.h"#include "ping.h"#include "mstats.h"#include "ssl_verify.h"#include "ssl_ncp.h"#include "tls_crypt.h"#include "forward.h"#include "auth_token.h"#include "mss.h"#include "mudp.h"#include "dco.h"#include "tun_afunix.h"#include "memdbg.h"
Go to the source code of this file.
Macros | |
| #define | CF_LOAD_PERSISTED_PACKET_ID (1<<0) |
| #define | CF_INIT_TLS_MULTI (1<<1) |
| #define | CF_INIT_TLS_AUTH_STANDALONE (1<<2) |
Functions | |
| static void | do_init_first_time (struct context *c) |
| static bool | do_deferred_p2p_ncp (struct context *c) |
| void | context_clear (struct context *c) |
| void | context_clear_1 (struct context *c) |
| void | context_clear_2 (struct context *c) |
| void | context_clear_all_except_first_time (struct context *c) |
| static void | run_up_down (const char *command, const struct plugin_list *plugins, int plugin_type, const char *arg, DWORD adapter_index, const char *dev_type, int tun_mtu, const char *ifconfig_local, const char *ifconfig_remote, const char *context, const char *signal_text, const char *script_type, struct env_set *es) |
| static void | update_options_ce_post (struct options *options) |
| static bool | management_callback_proxy_cmd (void *arg, const char **p) |
| static bool | ce_management_query_proxy (struct context *c) |
| static bool | management_callback_send_cc_message (void *arg, const char *command, const char *parameters) |
| This method sends a custom control channel message. | |
| static unsigned int | management_callback_remote_entry_count (void *arg) |
| static bool | management_callback_remote_entry_get (void *arg, unsigned int index, char **remote) |
| static bool | management_callback_remote_cmd (void *arg, const char **p) |
| static bool | ce_management_query_remote (struct context *c) |
| static void | init_connection_list (struct context *c) |
| static void | clear_remote_addrlist (struct link_socket_addr *lsa, bool free) |
| static void | next_connection_entry (struct context *c) |
| void | init_query_passwords (const struct context *c) |
| Query for private key and auth-user-pass username/passwords. | |
| static void | uninit_proxy_dowork (struct context *c) |
| static void | init_proxy_dowork (struct context *c) |
| static void | init_proxy (struct context *c) |
| static void | uninit_proxy (struct context *c) |
| static void | do_link_socket_addr_new (struct context *c) |
| void | context_init_1 (struct context *c) |
| void | context_gc_free (struct context *c) |
| bool | init_static (void) |
| void | uninit_static (void) |
| void | init_verb_mute (struct context *c, unsigned int flags) |
| void | init_options_dev (struct options *options) |
| bool | print_openssl_info (const struct options *options) |
| bool | do_genkey (const struct options *options) |
| bool | do_persist_tuntap (struct options *options, openvpn_net_ctx_t *ctx) |
| bool | possibly_become_daemon (const struct options *options) |
| static void | do_uid_gid_chroot (struct context *c, bool no_delay) |
| const char * | format_common_name (struct context *c, struct gc_arena *gc) |
| void | pre_setup (const struct options *options) |
| void | reset_coarse_timers (struct context *c) |
| static void | do_init_server_poll_timeout (struct context *c) |
| static void | do_init_timers (struct context *c, bool deferred) |
| static void | do_init_traffic_shaper (struct context *c) |
| static void | do_alloc_route_list (struct context *c) |
| static void | do_init_route_list (const struct options *options, struct route_list *route_list, const struct link_socket_info *link_socket_info, struct env_set *es, openvpn_net_ctx_t *ctx) |
| static void | do_init_route_ipv6_list (const struct options *options, struct route_ipv6_list *route_ipv6_list, const struct link_socket_info *link_socket_info, struct env_set *es, openvpn_net_ctx_t *ctx) |
| void | initialization_sequence_completed (struct context *c, const unsigned int flags) |
| static bool | route_noexec_enabled (const struct options *o, const struct tuntap *tt) |
| Determine if external route commands should be executed based on configured options and backend driver. | |
| bool | do_route (const struct options *options, struct route_list *route_list, struct route_ipv6_list *route_ipv6_list, const struct tuntap *tt, const struct plugin_list *plugins, struct env_set *es, openvpn_net_ctx_t *ctx) |
| static void | do_init_tun (struct context *c) |
| static bool | can_preserve_tun (struct tuntap *tt) |
| static void | add_wfp_block (struct context *c) |
| Add WFP filters to block traffic to local networks. | |
| static void | del_wfp_block (struct context *c, unsigned long adapter_index) |
| Remove any WFP block filters previously added. | |
| static bool | ifconfig_noexec_enabled (const struct context *c) |
| Determines if ifconfig execution should be disabled because of a. | |
| static void | open_tun_backend (struct context *c) |
| static bool | do_open_tun (struct context *c, int *error_flags) |
| static void | do_close_tun_simple (struct context *c) |
| static void | do_close_tun (struct context *c, bool force) |
| void | tun_abort (void) |
| static bool | options_hash_changed_or_zero (const struct sha256_digest *a, const struct sha256_digest *b) |
| Helper for do_up(). | |
| static void | add_delim_if_non_empty (struct buffer *buf, const char *header) |
| Helper function for tls_print_deferred_options_results Adds the ", " delimitor if there already some data in the buffer. | |
| static void | tls_print_deferred_options_results (struct context *c) |
| Prints the results of options imported for the data channel. | |
| static bool | do_deferred_options_part2 (struct context *c) |
| This function is expected to be invoked after open_tun() was performed. | |
| bool | do_up (struct context *c, bool pulled_options, unsigned int option_types_found) |
| unsigned int | pull_permission_mask (const struct context *c) |
| bool | do_deferred_options (struct context *c, const unsigned int found) |
| static bool | do_hold (int holdtime) |
| static void | socket_restart_pause (struct context *c) |
| static void | do_startup_pause (struct context *c) |
| static size_t | get_frame_mtu (struct context *c, const struct options *o) |
| static void | frame_finalize_options (struct context *c, const struct options *o) |
| static void | key_schedule_free (struct key_schedule *ks, bool free_ssl_ctx) |
| static void | init_crypto_pre (struct context *c, const unsigned int flags) |
| static void | do_init_crypto_static (struct context *c, const unsigned int flags) |
| static void | do_init_tls_wrap_key (struct context *c) |
| static void | do_init_crypto_tls_c1 (struct context *c) |
| static void | do_init_crypto_tls (struct context *c, const unsigned int flags) |
| static void | do_init_frame_tls (struct context *c) |
| static void | do_init_crypto_none (struct context *c) |
| static void | do_init_crypto (struct context *c, const unsigned int flags) |
| static void | do_init_frame (struct context *c) |
| static void | do_option_warnings (struct context *c) |
| struct context_buffers * | init_context_buffers (const struct frame *frame) |
| void | free_context_buffers (struct context_buffers *b) |
| static void | do_init_buffers (struct context *c) |
| static void | do_init_fragment (struct context *c) |
| static void | do_link_socket_new (struct context *c) |
| static void | do_init_socket_phase1 (struct context *c) |
| static void | do_init_socket_phase2 (struct context *c) |
| static void | do_print_data_channel_mtu_parms (struct context *c) |
| static void | do_compute_occ_strings (struct context *c) |
| static void | do_close_free_buf (struct context *c) |
| static void | do_close_tls (struct context *c) |
| static void | do_close_free_key_schedule (struct context *c, bool free_ssl_ctx) |
| static void | do_close_link_socket (struct context *c) |
| static void | do_close_packet_id (struct context *c) |
| static void | do_close_fragment (struct context *c) |
| static void | do_event_set_init (struct context *c, bool need_us_timeout) |
| static void | do_close_event_set (struct context *c) |
| static void | do_open_status_output (struct context *c) |
| static void | do_close_status_output (struct context *c) |
| static void | do_open_ifconfig_pool_persist (struct context *c) |
| static void | do_close_ifconfig_pool_persist (struct context *c) |
| static void | do_inherit_env (struct context *c, const struct env_set *src) |
| static void | do_env_set_destroy (struct context *c) |
| static void | do_setup_fast_io (struct context *c) |
| static void | do_signal_on_tls_errors (struct context *c) |
| void | init_plugins (struct context *c) |
| void | open_plugins (struct context *c, const bool import_options, int init_point) |
| static void | do_close_plugins (struct context *c) |
| static void | do_inherit_plugins (struct context *c, const struct context *src) |
| static void | management_callback_status_p2p (void *arg, const int version, struct status_output *so) |
| void | management_show_net_callback (void *arg, const int msglevel) |
| void | init_management_callback_p2p (struct context *c) |
| void | init_management (void) |
| bool | open_management (struct context *c) |
| void | close_management (void) |
| void | uninit_management_callback (void) |
| void | persist_client_stats (struct context *c) |
| void | init_instance_handle_signals (struct context *c, const struct env_set *env, const unsigned int flags) |
| void | init_instance (struct context *c, const struct env_set *env, const unsigned int flags) |
| void | close_instance (struct context *c) |
| void | inherit_context_child (struct context *dest, const struct context *src, struct link_socket *sock) |
| void | inherit_context_top (struct context *dest, const struct context *src) |
| void | close_context (struct context *c, int sig, unsigned int flags) |
| void | write_pid_file (const char *filename, const char *chroot_dir) |
| void | remove_pid_file (void) |
| static void * | test_crypto_thread (void *arg) |
| bool | do_test_crypto (const struct options *o) |
Variables | |
| static struct context * | static_context |
| static const char * | saved_pid_file_name |
Macro Definition Documentation
◆ CF_INIT_TLS_AUTH_STANDALONE
◆ CF_INIT_TLS_MULTI
◆ CF_LOAD_PERSISTED_PACKET_ID
Function Documentation
◆ add_delim_if_non_empty()
|
static |
Helper function for tls_print_deferred_options_results Adds the ", " delimitor if there already some data in the buffer.
Definition at line 2288 of file init.c.
References buf_len(), and buf_printf().
Referenced by tls_print_deferred_options_results().
◆ add_wfp_block()
|
static |
Add WFP filters to block traffic to local networks.
Depending on the configuration all or just DNS is filtered. This functionality is only available on Windows on all other systems this function is a noop.
- Parameters
-
c pointer to the connection context
Definition at line 1852 of file init.c.
References tuntap::adapter_index, block_local_needed(), options::block_outside_dns, context::c1, M_FATAL, msg, options::msg_channel, context::options, context_1::route_list, context_1::tuntap, and win_wfp_block().
Referenced by do_open_tun().
◆ can_preserve_tun()
|
static |
Definition at line 1830 of file init.c.
References tuntap::backend_driver, DRIVER_AFUNIX, and is_tun_type_set().
Referenced by do_open_tun().
◆ ce_management_query_proxy()
|
static |
Definition at line 257 of file init.c.
References alloc_buf_gc(), BSTR, buf_printf(), options::ce, CE_MAN_QUERY_PROXY, connection_entry::flags, gc, gc_free(), gc_new(), IS_SIG, buffer::len, connection_list::len, management_event_loop_n_seconds(), management_notify_generic(), np(), context::options, management::persist, connection_entry::proto, proto_is_udp(), connection_entry::remote, man_persist::special_state_msg, and update_time().
Referenced by next_connection_entry().
◆ ce_management_query_remote()
|
static |
Definition at line 424 of file init.c.
References connection_entry::af, alloc_buf_gc(), BSTR, buf_printf(), options::ce, CE_MAN_QUERY_REMOTE_MASK, CE_MAN_QUERY_REMOTE_QUERY, CE_MAN_QUERY_REMOTE_SHIFT, CE_MAN_QUERY_REMOTE_SKIP, connection_entry::flags, gc, gc_free(), gc_new(), IS_SIG, buffer::len, management_event_loop_n_seconds(), management_notify_generic(), np(), context::options, management::persist, connection_entry::proto, proto2ascii(), connection_entry::remote, connection_entry::remote_port, man_persist::special_state_msg, and update_time().
Referenced by next_connection_entry().
◆ clear_remote_addrlist()
|
static |
Definition at line 507 of file init.c.
References link_socket_addr::current_remote, and link_socket_addr::remote_list.
Referenced by do_close_link_socket(), and next_connection_entry().
◆ close_context()
| void close_context | ( | struct context * | c, |
| int | sig, | ||
| unsigned int | flags | ||
| ) |
Definition at line 5084 of file init.c.
References ASSERT, CC_GC_FREE, CC_HARD_USR1_TO_HUP, CC_NO_CLOSE, CC_USR1_TO_HUP, close_instance(), context_gc_free(), register_signal(), context::sig, SIG_SOURCE_HARD, signal_info::signal_received, and signal_info::source.
Referenced by init_instance(), multi_close_instance(), and multi_top_free().
◆ close_instance()
| void close_instance | ( | struct context * | c | ) |
Definition at line 4872 of file init.c.
References context::c2, CM_CHILD_TCP, CM_CHILD_UDP, CM_P2P, CM_TOP, dco_remove_peer(), do_close_event_set(), do_close_fragment(), do_close_free_buf(), do_close_free_key_schedule(), do_close_ifconfig_pool_persist(), do_close_link_socket(), do_close_packet_id(), do_close_plugins(), do_close_status_output(), do_close_tls(), do_close_tun(), do_env_set_destroy(), context_2::gc, gc_free(), management_notify_client_close(), context_2::mda_context, context::mode, and uninit_proxy().
Referenced by close_context(), tunnel_point_to_point(), and tunnel_server().
◆ close_management()
| void close_management | ( | void | ) |
Definition at line 4519 of file init.c.
References management_close().
Referenced by open_management(), and openvpn_main().
◆ context_clear()
| void context_clear | ( | struct context * | c | ) |
Definition at line 77 of file init.c.
References CLEAR.
Referenced by context_clear_all_except_first_time(), and do_test_crypto().
◆ context_clear_1()
| void context_clear_1 | ( | struct context * | c | ) |
Definition at line 83 of file init.c.
References context::c1, and CLEAR.
Referenced by context_init_1().
◆ context_clear_2()
| void context_clear_2 | ( | struct context * | c | ) |
Definition at line 89 of file init.c.
References context::c2, and CLEAR.
Referenced by tunnel_point_to_point(), and tunnel_server().
◆ context_clear_all_except_first_time()
| void context_clear_all_except_first_time | ( | struct context * | c | ) |
Definition at line 95 of file init.c.
References context_clear(), context::first_time, and context::persist.
Referenced by openvpn_main().
◆ context_gc_free()
| void context_gc_free | ( | struct context * | c | ) |
Definition at line 798 of file init.c.
References context::c2, context_2::gc, context::gc, options::gc, gc_free(), and context::options.
Referenced by close_context(), openvpn_main(), and test_crypto_thread().
◆ context_init_1()
| void context_init_1 | ( | struct context * | c | ) |
Definition at line 747 of file init.c.
References context::c1, options::ce, CLEAR, context_clear_1(), do_link_socket_addr_new(), context::first_time, get_user_pass(), GET_USER_PASS_MANAGEMENT, GET_USER_PASS_NEED_OK, init_connection_list(), local_list::len, context_1::link_sockets_num, connection_entry::local_list, M_INFO, MAX_PARMS, msg, context::options, packet_id_persist_init(), user_pass::password, context_1::pid_persist, and user_pass::username.
Referenced by openvpn_main(), and test_crypto_thread().
◆ del_wfp_block()
|
static |
Remove any WFP block filters previously added.
This functionality is only available on Windows on all other systems the function is a noop.
- Parameters
-
c pointer to the connection context adapter_index the VPN adapter index
Definition at line 1878 of file init.c.
References block_local_needed(), options::block_outside_dns, context::c1, M_FATAL, msg, options::msg_channel, context::options, context_1::route_list, and win_wfp_uninit().
Referenced by do_close_tun().
◆ do_alloc_route_list()
|
static |
Definition at line 1467 of file init.c.
References ALLOC_OBJ_CLEAR_GC, route_list::gc, route_ipv6_list::gc, and buffer::len.
Referenced by do_open_tun().
◆ do_close_event_set()
|
static |
Definition at line 4156 of file init.c.
References context::c2, event_free(), context_2::event_set, and context_2::event_set_owned.
Referenced by close_instance().
◆ do_close_fragment()
|
static |
Definition at line 4122 of file init.c.
References context::c2, context_2::fragment, and fragment_free().
Referenced by close_instance().
◆ do_close_free_buf()
|
static |
Definition at line 3980 of file init.c.
References context_2::buffers, context_2::buffers_owned, context::c2, and free_context_buffers().
Referenced by close_instance().
◆ do_close_free_key_schedule()
|
static |
Definition at line 4021 of file init.c.
References buf_clear(), context::c1, CLEAR, free_buf(), free_key_ctx(), free_key_ctx_bi(), key_schedule_free(), context_1::ks, context::sig, signal_info::signal_received, key_schedule::tls_crypt_v2_server_key, key_schedule::tls_crypt_v2_wkc, and key_schedule::tls_wrap_key.
Referenced by close_instance().
◆ do_close_ifconfig_pool_persist()
|
static |
Definition at line 4213 of file init.c.
References context::c1, context_1::ifconfig_pool_persist, ifconfig_pool_persist_close(), context_1::ifconfig_pool_persist_owned, context::sig, and signal_info::signal_received.
Referenced by close_instance().
◆ do_close_link_socket()
|
static |
Definition at line 4043 of file init.c.
References link_socket_addr::actual, link_socket_addr::bind_local, context::c1, context::c2, CLEAR, clear_remote_addrlist(), link_socket_addr::current_remote, context_1::link_socket_addrs, link_socket_close(), context_2::link_socket_owned, context_2::link_sockets, context_1::link_sockets_num, options::no_advance, context::options, options::persist_local_ip, options::persist_remote_ip, options::resolve_in_advance, link_socket::sd, context::sig, SIG_SOURCE_HARD, signal_info::signal_received, SOCKET_UNDEFINED, signal_info::source, context_1::tuntap, and tuntap_is_dco_win().
Referenced by close_instance().
◆ do_close_packet_id()
|
static |
Definition at line 4107 of file init.c.
References context::c1, context::c2, context_2::crypto_options, crypto_options::packet_id, packet_id_free(), packet_id_persist_close(), packet_id_persist_save(), context_1::pid_persist, context::sig, and signal_info::signal_received.
Referenced by close_instance().
◆ do_close_plugins()
|
static |
Definition at line 4340 of file init.c.
References plugin_list_close(), context::plugins, context::plugins_owned, context::sig, and signal_info::signal_received.
Referenced by close_instance().
◆ do_close_status_output()
|
static |
Definition at line 4185 of file init.c.
References context::c1, context::sig, signal_info::signal_received, status_close(), context_1::status_output, and context_1::status_output_owned.
Referenced by close_instance().
◆ do_close_tls()
|
static |
Definition at line 3994 of file init.c.
References context::c2, md_ctx_cleanup(), md_ctx_free(), context_2::options_string_local, context_2::options_string_remote, context_2::pulled_options_state, context_2::tls_auth_standalone, tls_auth_standalone_free(), context_2::tls_multi, and tls_multi_free().
Referenced by close_instance().
◆ do_close_tun()
|
static |
Definition at line 2129 of file init.c.
References tuntap::actual_name, tuntap::adapter_index, context::c1, context::c2, del_wfp_block(), delete_routes(), do_close_tun_simple(), options::down_pre, options::down_script, context_2::es, context_2::frame, gc, gc_free(), gc_new(), IA_EMPTY_IF_UNDEF, is_tun_type_set(), tuntap::local, management_pre_tunnel_close(), management_up_down(), context::net_ctx, context::options, options::persist_tun, context::plugins, print_in_addr_t(), tuntap::remote_netmask, context_1::route_ipv6_list, context_1::route_list, ROUTE_OPTION_FLAGS, options::route_predown_script, run_up_down(), context::sig, signal_description(), signal_info::signal_received, signal_info::signal_text, static_context, string_alloc(), frame::tun_mtu, context_1::tuntap, tuntap_is_dco_win(), context_1::tuntap_owned, and options::up_restart.
Referenced by close_instance(), do_up(), and tun_abort().
◆ do_close_tun_simple()
|
static |
Definition at line 2098 of file init.c.
References tuntap::actual_name, tuntap::backend_driver, context::c1, CLEAR, close_tun(), close_tun_afunix(), D_CLOSE, DRIVER_AFUNIX, DRIVER_NULL, ifconfig_noexec_enabled(), msg, context::net_ctx, print_tun_backend_driver(), context_1::pulled_options_digest_save, context_1::tuntap, context_1::tuntap_owned, and undo_ifconfig().
Referenced by do_close_tun().
◆ do_compute_occ_strings()
|
static |
Definition at line 3913 of file init.c.
References context::c1, context::c2, D_SHOW_OCC, context_2::frame, gc, gc_free(), gc_new(), msg, context::net_ctx, context::options, options_string(), context_2::options_string_local, context_2::options_string_remote, options_string_version(), context_2::tls_multi, tls_multi_init_set_options(), and context_1::tuntap.
Referenced by init_instance().
◆ do_deferred_options()
| bool do_deferred_options | ( | struct context * | c, |
| const unsigned int | found | ||
| ) |
Definition at line 2670 of file init.c.
References context::c1, context::c2, options::ce, check_compression_settings_valid(), check_pull_client_ncp(), CO_EPOCH_DATA_KEY_FORMAT, options::comp, D_PUSH, D_PUSH_DEBUG, D_PUSH_ERRORS, dco_check_pull_options(), dco_enabled(), do_init_timers(), do_init_traffic_shaper(), connection_entry::explicit_exit_notification, context_2::frame, options::imported_protocol_flags, link_socket::info, init_verb_mute(), IVM_LEVEL_1, IVM_LEVEL_2, link_socket_update_buffer_sizes(), link_socket_update_flags(), context_2::link_sockets, context_1::link_sockets_num, MAX_PEER_ID, min_int(), msg, OPT_P_COMP, OPT_P_DHCPDNS, OPT_P_EXPLICIT_NOTIFY, OPT_P_MESSAGES, OPT_P_PEER_ID, OPT_P_PERSIST, OPT_P_PUSH_MTU, OPT_P_ROUTE, OPT_P_ROUTE_EXTRAS, OPT_P_SETENV, OPT_P_SHAPER, OPT_P_SOCKBUF, OPT_P_SOCKFLAGS, OPT_P_TIMER, OPT_P_UP, context::options, options::peer_id, tls_multi::peer_id, link_socket_info::proto, proto_is_udp(), options::pull, options::rcvbuf, options::sndbuf, options::sockflags, context_2::tls_multi, frame::tun_max_mtu, frame::tun_mtu, connection_entry::tun_mtu, and tls_multi::use_peer_id.
Referenced by do_up(), and multi_client_connect_late_setup().
◆ do_deferred_options_part2()
|
static |
This function is expected to be invoked after open_tun() was performed.
This kind of behaviour is required by DCO, because the following operations can be done only after the DCO device was created and the new peer was properly added.
Definition at line 2432 of file init.c.
References context::c1, context::c2, options::ce, D_TLS_ERRORS, tuntap::dco, connection_entry::fragment, context_2::frame, context_2::frame_fragment, get_link_socket_info(), msg, context::options, tls_multi::session, context_2::tls_multi, tls_session_update_crypto_params(), TM_ACTIVE, and context_1::tuntap.
Referenced by do_up().
◆ do_deferred_p2p_ncp()
|
static |
Definition at line 2621 of file init.c.
References context::c1, context::c2, options::ce, options::ciphername, D_TLS_ERRORS, tuntap::dco, options::enable_ncp_fallback, connection_entry::fragment, context_2::frame, context_2::frame_fragment, options::gc, get_link_socket_info(), get_p2p_ncp_cipher(), msg, context::options, tls_multi::peer_info, tls_multi::session, context_2::tls_multi, tls_session_update_crypto_params(), TM_ACTIVE, context_1::tuntap, options::use_peer_id, and tls_multi::use_peer_id.
Referenced by do_up().
◆ do_env_set_destroy()
|
static |
Definition at line 4239 of file init.c.
References context::c2, env_set_destroy(), context_2::es, and context_2::es_owned.
Referenced by close_instance().
◆ do_event_set_init()
|
static |
Definition at line 4137 of file init.c.
References BASE_N_EVENTS, context::c2, EVENT_METHOD_FAST, EVENT_METHOD_US_TIMEOUT, context_2::event_set, event_set_init(), context_2::event_set_max, and context_2::event_set_owned.
Referenced by inherit_context_top(), and init_instance().
◆ do_genkey()
| bool do_genkey | ( | const struct options * | options | ) |
Definition at line 1031 of file init.c.
References auth_token_write_server_key_file(), D_GENKEY, options::genkey, GENKEY_AUTH_TOKEN, options::genkey_extra_data, options::genkey_filename, GENKEY_SECRET, GENKEY_TLS_CRYPTV2_CLIENT, GENKEY_TLS_CRYPTV2_SERVER, options::genkey_type, M_FATAL, M_NOPREFIX, M_USAGE, M_WARN, options::mlock, msg, platform_mlockall(), options::shared_secret_file, options::tls_crypt_v2_file, options::tls_crypt_v2_file_inline, tls_crypt_v2_write_client_key_file(), tls_crypt_v2_write_server_key_file(), and write_key_file().
Referenced by openvpn_main().
◆ do_hold()
|
static |
Definition at line 2832 of file init.c.
References management_hold().
Referenced by do_startup_pause(), open_management(), and socket_restart_pause().
◆ do_inherit_env()
Definition at line 4231 of file init.c.
References context::c2, env_set_create(), env_set_inherit(), context_2::es, and context_2::es_owned.
Referenced by init_instance().
◆ do_inherit_plugins()
Definition at line 4351 of file init.c.
References plugin_list_inherit(), context::plugins, and context::plugins_owned.
Referenced by inherit_context_child().
◆ do_init_buffers()
|
static |
Definition at line 3802 of file init.c.
References context_2::buffers, context_2::buffers_owned, context::c2, context_2::frame, and init_context_buffers().
Referenced by init_instance().
◆ do_init_crypto()
|
static |
Definition at line 3601 of file init.c.
References do_init_crypto_none(), do_init_crypto_static(), do_init_crypto_tls(), context::options, options::shared_secret_file, options::tls_client, and options::tls_server.
Referenced by init_instance().
◆ do_init_crypto_none()
|
static |
Definition at line 3584 of file init.c.
References ASSERT, context::c1, init_key_type(), key_schedule::key_type, context_1::ks, M_WARN, msg, context::options, and options::test_crypto.
Referenced by do_init_crypto().
◆ do_init_crypto_static()
|
static |
Definition at line 3094 of file init.c.
References ASSERT, options::authname, context::c1, context::c2, options::ciphername, CO_MUTE_REPLAY_WARNINGS, CO_PACKET_ID_LONG_FORM, context_2::crypto_options, crypto_read_openvpn_key(), crypto_options::flags, init_crypto_pre(), init_key_type(), crypto_options::key_ctx_bi, key_ctx_bi_defined(), options::key_direction, key_schedule::key_type, context_1::ks, M_INFO, msg, options::mute_replay_warnings, context::options, crypto_options::packet_id, packet_id_init(), packet_id_persist_load_obj(), crypto_options::pid_persist, context_1::pid_persist, options::replay_time, options::replay_window, options::shared_secret_file, options::shared_secret_file_inline, key_schedule::static_key, and options::test_crypto.
Referenced by do_init_crypto(), and test_crypto_thread().
◆ do_init_crypto_tls()
|
static |
Definition at line 3318 of file init.c.
References ASSERT, options::auth_token_call_auth, tls_options::auth_token_call_auth, options::auth_token_generate, tls_options::auth_token_generate, key_schedule::auth_token_key, tls_options::auth_token_key, options::auth_token_lifetime, tls_options::auth_token_lifetime, options::auth_token_renewal, tls_options::auth_token_renewal, options::auth_user_pass_file, tls_options::auth_user_pass_file, options::auth_user_pass_file_inline, tls_options::auth_user_pass_file_inline, options::auth_user_pass_verify_script, tls_options::auth_user_pass_verify_script, options::auth_user_pass_verify_script_via_file, tls_options::auth_user_pass_verify_script_via_file, context::c1, context::c2, options::ccd_exclusive, options::ce, CF_INIT_TLS_AUTH_STANDALONE, CF_INIT_TLS_MULTI, key_type::cipher, cipher_kt_mode_ofb_cfb(), options::ciphername, CLEAR, options::client_config_dir, tls_options::client_config_dir_exclusive, options::client_crresponse_script, tls_options::client_crresponse_script, CM_CHILD_TCP, CO_FORCE_TLSCRYPTV2_COOKIE, CO_MUTE_REPLAY_WARNINGS, CO_PACKET_ID_LONG_FORM, options::comp, tls_options::config_ciphername, tls_options::config_ncp_ciphers, options::crl_file, tls_options::crl_file, options::crl_file_inline, tls_options::crl_file_inline, tls_options::crypto_flags, tls_options::data_epoch_supported, tls_multi::dco, tuntap::dco, dco_enabled(), tls_options::dco_enabled, dco_supports_epoch_data(), do_init_crypto_tls_c1(), tls_options::ekm_label, tls_options::ekm_label_size, tls_options::ekm_size, context_2::es, tls_options::es, tls_options::export_peer_cert_dir, crypto_options::flags, context_2::gc, get_random(), tls_options::gremlin, options::handshake_window, tls_options::handshake_window, init_crypto_pre(), IS_SIG, crypto_options::key_ctx_bi, key_schedule::key_type, tls_options::key_type, context_1::ks, max_int(), context_2::mda_context, tls_options::mda_context, context::mode, options::mode, tls_wrap_ctx::mode, tls_options::mode, MODE_SERVER, options::mute_replay_warnings, options::ncp_ciphers, context::net_ctx, tls_options::net_ctx, options::ns_cert_type, tls_options::ns_cert_type, tls_wrap_ctx::opt, context::options, key_schedule::original_wrap_keydata, tls_wrap_ctx::original_wrap_keydata, tls_options::packet_timeout, crypto_options::pid_persist, context_1::pid_persist, context::plugins, tls_options::plugins, options::pull, tls_options::pull, options::push_peer_info, tls_options::push_peer_info_detail, options::remote_cert_eku, tls_options::remote_cert_eku, options::remote_cert_ku, tls_options::remote_cert_ku, options::renegotiate_bytes, tls_options::renegotiate_bytes, options::renegotiate_packets, tls_options::renegotiate_packets, options::renegotiate_seconds, tls_options::renegotiate_seconds, options::renegotiate_seconds_min, options::replay_time, tls_options::replay_time, options::replay_window, tls_options::replay_window, options::sc_info, tls_options::sci, tls_options::server, context_2::session_id_hmac, session_id_hmac_init(), options::single_session, tls_options::single_session, key_schedule::ssl_ctx, tls_options::ssl_ctx, options::ssl_flags, tls_options::ssl_flags, options::test_crypto, connection_entry::tls_auth_file, context_2::tls_auth_standalone, tls_auth_standalone_init(), options::tls_client, connection_entry::tls_crypt_file, tls_options::tls_crypt_v2, connection_entry::tls_crypt_v2_file, connection_entry::tls_crypt_v2_force_cookie, key_schedule::tls_crypt_v2_server_key, tls_wrap_ctx::tls_crypt_v2_server_key, options::tls_crypt_v2_verify_script, tls_options::tls_crypt_v2_verify_script, key_schedule::tls_crypt_v2_wkc, tls_wrap_ctx::tls_crypt_v2_wkc, options::tls_export_peer_cert_dir, context_2::tls_multi, tls_multi_init(), options::tls_server, options::tls_timeout, options::tls_verify, tls_options::tls_wrap, key_schedule::tls_wrap_key, options::tmp_dir, tls_options::tmp_dir, options::transition_window, tls_options::transition_window, context_1::tuntap, tls_options::verify_command, options::verify_hash, tls_options::verify_hash, options::verify_hash_algo, tls_options::verify_hash_algo, options::verify_hash_depth, tls_options::verify_hash_depth, options::verify_hash_no_ca, tls_options::verify_hash_no_ca, options::verify_x509_name, tls_options::verify_x509_name, options::verify_x509_type, tls_options::verify_x509_type, options::x509_track, tls_options::x509_track, tls_options::x509_username_field, X509_USERNAME_FIELD_DEFAULT, and tls_options::xmit_hold.
Referenced by do_init_crypto().
◆ do_init_crypto_tls_c1()
|
static |
Definition at line 3221 of file init.c.
References AR_INTERACT, AR_NOINTERACT, AR_NONE, ASSERT, auth_retry_get(), options::auth_token_generate, auth_token_init_secret(), key_schedule::auth_token_key, options::auth_token_secret_file, options::auth_token_secret_file_inline, options::authname, context::c0, context::c1, options::ciphername, D_INIT_MEDIUM, do_init_tls_wrap_key(), options::enable_ncp_fallback, init_key_type(), init_ssl(), key_schedule::key_type, context_1::ks, M_FATAL, msg, options::ncp_ciphers, context::options, options::priv_key_file_inline, register_signal(), context::sig, key_schedule::ssl_ctx, ssl_purge_auth(), streq, string_clear(), tls_ctx_initialised(), tls_item_in_cipher_list(), and context_0::uid_gid_chroot_set.
Referenced by do_init_crypto_tls().
◆ do_init_first_time()
|
static |
Definition at line 3947 of file init.c.
References ALLOC_OBJ_CLEAR_GC, context::c0, options::cd_dir, context::did_we_daemonize, context::first_time, context::gc, options::groupname, options::nice, context::options, platform_chdir(), platform_group_get(), platform_nice(), context_0::platform_state_group, context_0::platform_state_user, platform_user_get(), context_0::uid_gid_specified, and options::username.
Referenced by init_instance().
◆ do_init_fragment()
|
static |
Definition at line 3814 of file init.c.
References ASSERT, context::c1, context::c2, options::ce, context_2::fragment, connection_entry::fragment, fragment_frame_init(), context_2::frame, frame_calculate_dynamic(), context_2::frame_fragment, get_link_socket_info(), key_schedule::key_type, context_1::ks, and context::options.
Referenced by init_instance().
◆ do_init_frame()
|
static |
Definition at line 3618 of file init.c.
References context::c2, options::ce, frame::extra_tun, connection_entry::fragment, connection_entry::fragment_encap, context_2::frame, frame_finalize_options(), M_WARN, msg, connection_entry::mssfix, connection_entry::mssfix_encap, options::mtu_test, context::options, connection_entry::tun_mtu_extra, and connection_entry::tun_mtu_extra_defined.
Referenced by init_instance().
◆ do_init_frame_tls()
|
static |
Definition at line 3556 of file init.c.
References alloc_buf_gc(), ASSERT, frame::buf, BUF_SIZE, context::c2, options::ce, D_MTU_INFO, context_2::frame, tls_options::frame, tls_auth_standalone::frame, frame_print(), context_2::gc, tls_multi::opt, context::options, frame::payload_size, context_2::tls_auth_standalone, tls_init_control_channel_frame_parameters(), connection_entry::tls_mtu, context_2::tls_multi, tls_multi_init_finalize(), tls_auth_standalone::tls_wrap, frame::tun_max_mtu, tls_wrap_ctx::work, and tls_auth_standalone::workbuf.
Referenced by init_instance().
◆ do_init_route_ipv6_list()
|
static |
Definition at line 1531 of file init.c.
References add_route_ipv6_to_option_list(), DCO_DEFAULT_METRIC, dco_enabled(), es, route_ipv6_option_list::flags, route_ipv6_option_list::gc, options::ifconfig_ipv6_remote, init_route_ipv6_list(), buffer::len, link_socket_current_remote_ipv6(), RG_REROUTE_GW, options::route_default_metric, options::route_ipv6_default_gateway, options::routes_ipv6, setenv_routes_ipv6(), and string_alloc().
Referenced by do_open_tun().
◆ do_init_route_list()
|
static |
Definition at line 1485 of file init.c.
References DCO_DEFAULT_METRIC, dco_enabled(), options::dev, options::dev_type, dev_type_enum(), DEV_TYPE_TUN, es, options::ifconfig_remote_netmask, init_route_list(), buffer::len, link_socket_current_remote(), options::route_default_gateway, options::route_default_metric, options::routes, setenv_routes(), TOP_NET30, TOP_P2P, and options::topology.
Referenced by do_open_tun().
◆ do_init_server_poll_timeout()
|
static |
Definition at line 1353 of file init.c.
References event_timeout_init(), buffer::len, now, and update_time().
Referenced by init_instance().
◆ do_init_socket_phase1()
|
static |
Definition at line 3853 of file init.c.
References context::c1, CM_CHILD_TCP, CM_TOP, link_socket_init_phase1(), context_1::link_sockets_num, LS_MODE_DEFAULT, LS_MODE_TCP_ACCEPT_FROM, LS_MODE_TCP_LISTEN, context::mode, options::mode, MODE_SERVER, and context::options.
Referenced by init_instance().
◆ do_init_socket_phase2()
|
static |
Definition at line 3885 of file init.c.
References context::c1, context::c2, link_socket_init_phase2(), context_2::link_sockets, and context_1::link_sockets_num.
Referenced by init_instance().
◆ do_init_timers()
|
static |
Definition at line 1366 of file init.c.
References dco_enabled(), event_timeout_clear(), event_timeout_init(), interval_init(), buffer::len, now, OCC_INTERVAL_SECONDS, OCC_MTU_LOAD_INTERVAL_SECONDS, reset_coarse_timers(), TLS_MODE, TLS_MULTI_HORIZON, TLS_MULTI_REFRESH, and update_time().
Referenced by do_deferred_options(), and init_instance().
◆ do_init_tls_wrap_key()
|
static |
Definition at line 3143 of file init.c.
References options::authname, buf_len(), context::c1, options::ce, key_type::cipher, CLEAR, crypto_read_openvpn_key(), key_type::digest, connection_entry::key_direction, context_1::ks, M_FATAL, M_WARN, md_valid(), msg, context::options, key_schedule::original_wrap_keydata, connection_entry::tls_auth_file, connection_entry::tls_auth_file_inline, key_schedule::tls_auth_key_type, tls_crypt_buf_overhead(), connection_entry::tls_crypt_file, connection_entry::tls_crypt_file_inline, tls_crypt_init_key(), connection_entry::tls_crypt_v2_file, connection_entry::tls_crypt_v2_file_inline, tls_crypt_v2_init_client_key(), tls_crypt_v2_init_server_key(), key_schedule::tls_crypt_v2_server_key, key_schedule::tls_crypt_v2_wkc, connection_entry::tls_mtu, options::tls_server, and key_schedule::tls_wrap_key.
Referenced by do_init_crypto_tls_c1().
◆ do_init_traffic_shaper()
|
static |
Definition at line 1451 of file init.c.
References buffer::len, shaper_init(), and shaper_msg().
Referenced by do_deferred_options(), and init_instance().
◆ do_init_tun()
|
static |
Definition at line 1775 of file init.c.
References tuntap::backend_driver, link_socket_addr::bind_local, context::c1, context::c2, dco_enabled(), options::dev, options::dev_node, options::dev_type, DRIVER_AFUNIX, DRIVER_DCO, DRIVER_GENERIC_TUNTAP, DRIVER_NULL, context_2::es, context_2::frame, options::ifconfig_ipv6_local, options::ifconfig_ipv6_netbits, options::ifconfig_ipv6_remote, options::ifconfig_local, options::ifconfig_nowarn, options::ifconfig_remote_netmask, init_tun(), init_tun_post(), is_dev_type(), is_tun_afunix(), context_1::link_socket_addrs, context::net_ctx, context::options, link_socket_addr::remote_list, options::topology, context_1::tuntap, options::tuntap_options, context_1::tuntap_owned, and options::windows_driver.
Referenced by do_open_tun().
◆ do_link_socket_addr_new()
|
static |
Definition at line 740 of file init.c.
References ALLOC_ARRAY_CLEAR_GC, context::c1, context::gc, context_1::link_socket_addrs, and context_1::link_sockets_num.
Referenced by context_init_1(), and inherit_context_child().
◆ do_link_socket_new()
|
static |
Definition at line 3835 of file init.c.
References ALLOC_ARRAY_GC, ASSERT, context::c1, context::c2, context_2::gc, link_socket_new(), context_2::link_socket_owned, context_2::link_sockets, and context_1::link_sockets_num.
Referenced by init_instance().
◆ do_open_ifconfig_pool_persist()
|
static |
Definition at line 4202 of file init.c.
References context::c1, context_1::ifconfig_pool_persist, options::ifconfig_pool_persist_filename, ifconfig_pool_persist_init(), context_1::ifconfig_pool_persist_owned, options::ifconfig_pool_persist_refresh_freq, and context::options.
Referenced by init_instance().
◆ do_open_status_output()
|
static |
Definition at line 4171 of file init.c.
References context::c1, context::options, options::status_file, options::status_file_update_freq, status_open(), context_1::status_output, context_1::status_output_owned, and STATUS_OUTPUT_WRITE.
Referenced by init_instance().
◆ do_open_tun()
|
static |
Definition at line 1927 of file init.c.
References tuntap::actual_name, tuntap::adapter_index, add_wfp_block(), ASSERT, context::c1, context::c2, can_preserve_tun(), D_ROUTE, tls_multi::dco, tuntap::dco, dco_enabled(), options::dev, options::dev_node, options::dev_type, dev_type_string(), do_alloc_route_list(), do_ifconfig(), do_ifconfig_setenv(), do_init_route_ipv6_list(), do_init_route_list(), do_init_tun(), do_route(), context_2::es, context_2::frame, gc, gc_free(), gc_new(), guess_tuntap_dev(), IA_EMPTY_IF_UNDEF, IFCONFIG_AFTER_TUN_OPEN, IFCONFIG_BEFORE_TUN_OPEN, ifconfig_noexec_enabled(), ifconfig_order(), link_socket::info, ISC_ROUTE_ERRORS, context_2::link_sockets, options::lladdr, tuntap::local, M_INFO, context::mode, msg, options::msg_channel, tuntap_options::msg_channel, context::net_ctx, open_tun_backend(), context::options, tuntap::options, ovpn_dco_init(), context::plugins, print_in_addr_t(), tuntap::remote_netmask, ROUTE_AFTER_TUN, ROUTE_BEFORE_TUN, options::route_delay_defined, context_1::route_ipv6_list, context_1::route_list, route_order(), options::routes, options::routes_ipv6, run_up_down(), set_lladdr(), static_context, status, context_2::tls_multi, frame::tun_mtu, context_1::tuntap, context_1::tuntap_owned, options::up_restart, and options::up_script.
Referenced by do_up(), and init_instance().
◆ do_option_warnings()
|
static |
Definition at line 3663 of file init.c.
References options::chroot_dir, options::client_config_dir, options::duplicate_cn, context::first_time, options::groupname, options::ifconfig_local, options::ifconfig_pool_persist_filename, options::keepalive_ping, options::keepalive_timeout, M_WARN, options::mode, MODE_SERVER, msg, context::net_ctx, NS_CERT_CHECK_SERVER, options::ns_cert_type, context::options, options::persist_tun, options::ping_rec_timeout, options::ping_send_timeout, options::pull, options::remote_cert_eku, script_security(), options::server_bridge_defined, options::server_bridge_proxy_dhcp, SSEC_PW_ENV, SSEC_SCRIPTS, options::tls_client, options::tls_server, options::tls_verify, options::user_script_used, options::username, options::verify_hash, options::verify_hash_depth, VERIFY_X509_NONE, options::verify_x509_type, and warn_on_use_of_common_subnets().
Referenced by init_instance().
◆ do_persist_tuntap()
| bool do_persist_tuntap | ( | struct options * | options, |
| openvpn_net_ctx_t * | ctx | ||
| ) |
Definition at line 1114 of file init.c.
References options::ce, dco_enabled(), options::dev, options::dev_node, options::dev_type, dev_type_enum(), DEV_TYPE_TUN, options::disable_dco, options::groupname, options::ifconfig_local, options::ifconfig_remote_netmask, options::lladdr, M_FATAL, M_OPTERR, M_WARN, msg, notnull(), options::persist_config, options::persist_mode, connection_entry::remote, set_lladdr(), options::shared_secret_file, options::tls_client, options::tls_server, tuncfg(), options::tuntap_options, and options::username.
Referenced by openvpn_main().
◆ do_print_data_channel_mtu_parms()
|
static |
Definition at line 3897 of file init.c.
References context::c2, D_MTU_INFO, context_2::fragment, context_2::frame, context_2::frame_fragment, and frame_print().
Referenced by init_instance().
◆ do_route()
| bool do_route | ( | const struct options * | options, |
| struct route_list * | route_list, | ||
| struct route_ipv6_list * | route_ipv6_list, | ||
| const struct tuntap * | tt, | ||
| const struct plugin_list * | plugins, | ||
| struct env_set * | es, | ||
| openvpn_net_ctx_t * | ctx | ||
| ) |
Definition at line 1717 of file init.c.
References add_routes(), argv_free(), argv_new(), argv_parse_cmd(), check_debug_level(), D_SHOW_NET, es, M_INFO, M_NOPREFIX, M_WARN, management_up_down(), msg, openvpn_run_script(), plugin_call(), plugin_defined(), route_did_redirect_default_gateway(), route_noexec_enabled(), ROUTE_OPTION_FLAGS, options::route_script, setenv_int(), setenv_str(), show_adapters(), options::show_net_up, and show_routes().
Referenced by check_add_routes_action(), and do_open_tun().
◆ do_setup_fast_io()
|
static |
Definition at line 4258 of file init.c.
References context::c2, context_2::fast_io, options::fast_io, M_INFO, msg, context::options, and options::shaper.
Referenced by init_instance().
◆ do_signal_on_tls_errors()
|
static |
Definition at line 4278 of file init.c.
References context::c2, context::options, options::tls_exit, and context_2::tls_exit_signal.
Referenced by init_instance().
◆ do_startup_pause()
|
static |
Definition at line 2929 of file init.c.
References do_hold(), context::first_time, and socket_restart_pause().
Referenced by init_instance().
◆ do_test_crypto()
| bool do_test_crypto | ( | const struct options * | o | ) |
Definition at line 5187 of file init.c.
References context_clear(), context::first_time, M_INFO, msg, context::options, options_detach(), options::test_crypto, test_crypto_thread(), and title_string.
Referenced by openvpn_main().
◆ do_uid_gid_chroot()
|
static |
Definition at line 1219 of file init.c.
References context::c0, options::chroot_dir, context::first_time, M_ERR, M_INFO, msg, context::options, platform_chroot(), context_0::platform_state_group, context_0::platform_state_user, platform_user_group_set(), context_0::uid_gid_chroot_set, and context_0::uid_gid_specified.
Referenced by init_instance(), and initialization_sequence_completed().
◆ do_up()
| bool do_up | ( | struct context * | c, |
| bool | pulled_options, | ||
| unsigned int | option_types_found | ||
| ) |
Definition at line 2457 of file init.c.
References context::c1, context::c2, CAS_CONNECT_DONE, CAS_RECONNECT_PENDING, D_DCO, D_PUSH_ERRORS, D_TLS_ERRORS, dco_p2p_add_new_peer(), context_2::did_open_tun, do_close_tun(), do_deferred_options(), do_deferred_options_part2(), do_deferred_p2p_ncp(), do_open_tun(), context_2::do_up_ran, event_timeout_init(), initialization_sequence_completed(), context_2::link_sockets, M_INFO, M_NONFATAL, management_sleep(), context::mode, options::mode, MODE_POINT_TO_POINT, msg, tls_multi::multi_state, now, context::options, options_hash_changed_or_zero(), PULL_DEFINED, context_2::pulled_options_digest, context_1::pulled_options_digest_save, reset_coarse_timers(), ROUTE_AFTER_TUN, options::route_delay, options::route_delay_defined, options::route_delay_window, route_order(), context_2::route_wakeup, context_2::route_wakeup_expire, link_socket::sd, SOCKET_UNDEFINED, context_2::tls_multi, tls_print_deferred_options_results(), tun_standby_init(), context_1::tuntap, tuntap_is_dco_win(), options::up_delay, and update_time().
Referenced by check_connection_established(), and incoming_push_message().
◆ format_common_name()
Definition at line 1303 of file init.c.
References alloc_buf_gc(), BSTR, buf_printf(), gc, buffer::len, and tls_common_name().
Referenced by trigger_ping_timeout_signal().
◆ frame_finalize_options()
Definition at line 2974 of file init.c.
References frame::buf, context::c2, options::ce, crypto_max_overhead(), D_MTU_DEBUG, context_2::frame, get_frame_mtu(), frame::headroom, max_int(), msg, context::options, frame::payload_size, frame::tailroom, connection_entry::tls_mtu, frame::tun_max_mtu, frame::tun_mtu, connection_entry::tun_mtu_defined, connection_entry::tun_mtu_extra, and connection_entry::tun_mtu_max.
Referenced by do_init_frame(), and test_crypto_thread().
◆ free_context_buffers()
| void free_context_buffers | ( | struct context_buffers * | b | ) |
Definition at line 3777 of file init.c.
References context_buffers::aux_buf, context_buffers::decrypt_buf, context_buffers::encrypt_buf, free_buf(), context_buffers::read_link_buf, and context_buffers::read_tun_buf.
Referenced by do_close_free_buf(), and multi_top_free().
◆ get_frame_mtu()
Definition at line 2942 of file init.c.
References ASSERT, context::c1, context::c2, options::ce, context_2::frame, frame_calculate_protocol_header_size(), frame_print(), key_schedule::key_type, context_1::ks, connection_entry::link_mtu, connection_entry::link_mtu_defined, M_FATAL, M_WARN, msg, connection_entry::tun_mtu, connection_entry::tun_mtu_defined, and TUN_MTU_MIN.
Referenced by frame_finalize_options().
◆ ifconfig_noexec_enabled()
|
static |
Determines if ifconfig execution should be disabled because of a.
- Parameters
-
c
- Returns
Definition at line 1897 of file init.c.
References tuntap::backend_driver, context::c1, DRIVER_AFUNIX, DRIVER_NULL, options::ifconfig_noexec, context::options, and context_1::tuntap.
Referenced by do_close_tun_simple(), and do_open_tun().
◆ inherit_context_child()
| void inherit_context_child | ( | struct context * | dest, |
| const struct context * | src, | ||
| struct link_socket * | sock | ||
| ) |
Definition at line 4947 of file init.c.
References context_2::accept_from, ALLOC_ARRAY_GC, ALLOC_OBJ_CLEAR_GC, ALLOC_OBJ_GC, ASSERT, key_schedule::auth_token_key, options::authname, context_2::buffers, context::c1, context::c2, CC_NO_CLOSE, CC_USR1_TO_HUP, options::ce, options::ciphername, CLEAR, CM_CHILD_TCP, CM_CHILD_UDP, link_socket_info::connection_established, do_inherit_plugins(), do_link_socket_addr_new(), context_2::es, context_2::event_set, context::gc, gc_new(), link_socket::info, init_instance(), IS_SIG, key_schedule::key_type, context_1::ks, context_1::link_socket_addrs, context_2::link_socket_infos, context_2::link_sockets, context_1::link_sockets_num, connection_entry::local_list, link_socket_info::lsa, context::mode, context::options, options_detach(), packet_id_persist_init(), context_1::pid_persist, connection_entry::proto, link_socket_info::proto, proto_is_dgram(), context::sig, key_schedule::ssl_ctx, key_schedule::tls_auth_key_type, key_schedule::tls_crypt_v2_server_key, key_schedule::tls_wrap_key, and context_1::tuntap.
Referenced by multi_create_instance().
◆ inherit_context_top()
Definition at line 5037 of file init.c.
References context_2::buffers_owned, context::c0, context::c1, context::c2, CM_TOP_CLONE, do_event_set_init(), context_2::es_owned, context_2::event_set, context_2::event_set_owned, context::first_time, context_2::gc, context::gc, gc_detach(), context_1::ifconfig_pool_persist_owned, context_2::link_socket_owned, context::mode, context::options, options_detach(), context::plugins_owned, context_1::status_output_owned, context_2::tls_multi, and context_1::tuntap_owned.
Referenced by multi_top_init().
◆ init_connection_list()
|
static |
Definition at line 481 of file init.c.
References connection_list::array, connection_list::current, get_random(), and connection_list::len.
Referenced by context_init_1().
◆ init_context_buffers()
| struct context_buffers * init_context_buffers | ( | const struct frame * | frame | ) |
Definition at line 3752 of file init.c.
References alloc_buf(), ALLOC_OBJ_CLEAR, context_buffers::aux_buf, BUF_SIZE, context_buffers::decrypt_buf, context_buffers::encrypt_buf, context_buffers::read_link_buf, and context_buffers::read_tun_buf.
Referenced by do_init_buffers(), and multi_top_init().
◆ init_crypto_pre()
|
static |
Definition at line 3066 of file init.c.
References context::c1, CF_LOAD_PERSISTED_PACKET_ID, crypto_init_lib_engine(), options::engine, context::options, options::packet_id_file, packet_id_persist_load(), and context_1::pid_persist.
Referenced by do_init_crypto_static(), and do_init_crypto_tls().
◆ init_instance()
Definition at line 4580 of file init.c.
References AR_INTERACT, auth_retry_get(), context::c1, context::c2, options::ce, CF_INIT_TLS_AUTH_STANDALONE, CF_INIT_TLS_MULTI, CF_LOAD_PERSISTED_PACKET_ID, close_context(), CM_CHILD_TCP, CM_CHILD_UDP, CM_P2P, CM_TOP, options::comp, context_2::did_open_tun, do_compute_occ_strings(), do_event_set_init(), do_inherit_env(), do_init_buffers(), do_init_crypto(), do_init_first_time(), do_init_fragment(), do_init_frame(), do_init_frame_tls(), do_init_server_poll_timeout(), do_init_socket_phase1(), do_init_socket_phase2(), do_init_timers(), do_init_traffic_shaper(), do_link_socket_new(), do_open_ifconfig_pool_persist(), do_open_status_output(), do_open_tun(), do_option_warnings(), do_preresolve(), do_print_data_channel_mtu_parms(), do_setup_fast_io(), do_signal_on_tls_errors(), do_startup_pause(), do_uid_gid_chroot(), context::first_time, context_2::fragment, connection_entry::fragment, fragment_init(), context_2::frame, frame_calculate_dynamic(), context_2::gc, gc_init(), link_socket::info, init_management_callback_p2p(), init_proxy(), init_query_passwords(), init_verb_mute(), IS_SIG, IVM_LEVEL_2, key_schedule::key_type, context_1::ks, context_2::link_sockets, context_1::link_sockets_num, options::mlock, context::mode, next_connection_entry(), context_2::occ_op, occ_reset_op(), open_plugins(), context::options, P2P_ERROR_DELAY_MS, platform_mlockall(), pre_connect_restore(), PULL_DEFINED, options::resolve_in_advance, set_check_status_error_delay(), SHAPER_DEFINED, context::sig, signal_info::signal_text, and options::up_delay.
Referenced by inherit_context_child(), and init_instance_handle_signals().
◆ init_instance_handle_signals()
| void init_instance_handle_signals | ( | struct context * | c, |
| const struct env_set * | env, | ||
| const unsigned int | flags | ||
| ) |
Definition at line 4558 of file init.c.
References management_callback::flags, init_instance(), IS_SIG, post_init_signal_catch(), pre_init_signal_catch(), remap_signal(), and uninit_management_callback().
Referenced by tunnel_point_to_point(), and tunnel_server().
◆ init_management()
| void init_management | ( | void | ) |
◆ init_management_callback_p2p()
| void init_management_callback_p2p | ( | struct context * | c | ) |
Definition at line 4434 of file init.c.
References management_callback::arg, CLEAR, management_callback_proxy_cmd(), management_callback_remote_cmd(), management_callback_remote_entry_count(), management_callback_remote_entry_get(), management_callback_send_cc_message(), management_callback_status_p2p(), management_set_callback(), management_show_net_callback(), management_callback::proxy_cmd, management_callback::remote_cmd, management_callback::remote_entry_count, management_callback::remote_entry_get, management_callback::send_cc_message, management_callback::show_net, and management_callback::status.
Referenced by init_instance().
◆ init_options_dev()
| void init_options_dev | ( | struct options * | options | ) |
Definition at line 982 of file init.c.
References basename(), options::dev, options::dev_node, and string_alloc().
Referenced by openvpn_main().
◆ init_plugins()
| void init_plugins | ( | struct context * | c | ) |
Definition at line 4293 of file init.c.
References context::options, options::plugin_list, plugin_list_init(), context::plugins, and context::plugins_owned.
Referenced by openvpn_main().
◆ init_proxy()
|
static |
Definition at line 728 of file init.c.
References init_proxy_dowork().
Referenced by init_instance().
◆ init_proxy_dowork()
|
static |
Definition at line 696 of file init.c.
References context::c1, options::ce, context::first_time, http_proxy_options::first_time, context_1::http_proxy, http_proxy_new(), connection_entry::http_proxy_options, context_1::http_proxy_owned, context::options, context_1::socks_proxy, connection_entry::socks_proxy_authfile, socks_proxy_new(), context_1::socks_proxy_owned, connection_entry::socks_proxy_port, connection_entry::socks_proxy_server, and uninit_proxy_dowork().
Referenced by init_proxy().
◆ init_query_passwords()
| void init_query_passwords | ( | const struct context * | c | ) |
Query for private key and auth-user-pass username/passwords.
Definition at line 651 of file init.c.
References options::auth_user_pass_file, options::auth_user_pass_file_inline, auth_user_pass_setup(), enable_auth_user_pass(), options::key_pass_file, context::options, pem_password_setup(), and options::sc_info.
Referenced by init_instance(), and openvpn_main().
◆ init_static()
| bool init_static | ( | void | ) |
Definition at line 837 of file init.c.
References error_reset(), gc, gc_free(), gc_new(), init_ssl_lib(), init_win32(), M_INFO, M_WARN, msg, platform_create_temp_file(), reset_check_status(), sleep, srandom, status_close(), status_open(), STATUS_OUTPUT_WRITE, status_printf(), time_test(), and update_time().
Referenced by openvpn_main().
◆ init_verb_mute()
| void init_verb_mute | ( | struct context * | c, |
| unsigned int | flags | ||
| ) |
Definition at line 959 of file init.c.
References context::c2, check_debug_level(), D_LINK_ERRORS, D_LOG_RW, D_READ_WRITE, status_output::flags, IVM_LEVEL_1, IVM_LEVEL_2, context_2::log_rw, options::mute, context::options, SDL_CONSTRAIN, set_check_status(), set_debug_level(), set_mute_cutoff(), and options::verbosity.
Referenced by do_deferred_options(), init_early(), init_instance(), openvpn_main(), and test_crypto_thread().
◆ initialization_sequence_completed()
| void initialization_sequence_completed | ( | struct context * | c, |
| const unsigned int | flags | ||
| ) |
Definition at line 1590 of file init.c.
References link_socket_addr::actual, openvpn_sockaddr::addr, addr_defined(), context::c1, context::c2, CLEAR, link_socket_actual::dest, do_uid_gid_chroot(), fork_register_dns_action(), get_link_socket_info(), openvpn_sockaddr::in4, openvpn_sockaddr::in6, ISC_ERRORS, ISC_ROUTE_ERRORS, ISC_SERVER, buffer::len, context_2::link_sockets, tuntap::local, tuntap::local_ipv6, link_socket_info::lsa, M_INFO, M_NOPREFIX, management_post_tunnel_open(), management_set_state(), msg, OPENVPN_STATE_CONNECTED, openvpn_sockaddr::sa, link_socket::sd, show_adapters(), show_routes(), and context_1::tuntap.
Referenced by check_add_routes_action(), do_up(), and tunnel_server().
◆ key_schedule_free()
|
static |
Definition at line 3054 of file init.c.
References key_schedule::auth_token_key, CLEAR, free_key_ctx(), free_key_ctx_bi(), key_schedule::ssl_ctx, key_schedule::static_key, tls_ctx_free(), and tls_ctx_initialised().
Referenced by do_close_free_key_schedule(), and test_crypto_thread().
◆ management_callback_proxy_cmd()
|
static |
Definition at line 211 of file init.c.
References http_proxy_options::auth_retry, context::c2, options::ce, connection_entry::flags, context_2::gc, gc, connection_entry::http_proxy_options, init_http_proxy_options_once(), M_WARN, msg, context::options, PAR_ALL, PAR_NCT, http_proxy_options::port, connection_entry::proto, PROTO_TCP, PROTO_TCP_CLIENT, http_proxy_options::server, connection_entry::socks_proxy_port, connection_entry::socks_proxy_server, streq, string_alloc(), and update_time().
Referenced by init_management_callback_p2p().
◆ management_callback_remote_cmd()
|
static |
Definition at line 376 of file init.c.
References ALLOC_OBJ_CLEAR_GC, options::ce, options::ce_advance_count, CE_MAN_QUERY_REMOTE_ACCEPT, CE_MAN_QUERY_REMOTE_MASK, CE_MAN_QUERY_REMOTE_MOD, CE_MAN_QUERY_REMOTE_QUERY, CE_MAN_QUERY_REMOTE_SHIFT, CE_MAN_QUERY_REMOTE_SKIP, connection_entry::flags, options::gc, remote_host_store::host, context::options, remote_host_store::port, connection_entry::remote, connection_entry::remote_port, RH_HOST_LEN, RH_PORT_LEN, options::rh_store, and strncpynt().
Referenced by init_management_callback_p2p().
◆ management_callback_remote_entry_count()
|
static |
Definition at line 332 of file init.c.
References buffer::len, and connection_list::len.
Referenced by init_management_callback_p2p().
◆ management_callback_remote_entry_get()
|
static |
Definition at line 342 of file init.c.
References connection_entry::af, connection_list::array, CE_DISABLED, check_malloc_return(), connection_entry::flags, connection_list::len, M_WARN, msg, connection_entry::proto, proto2ascii(), connection_entry::remote, connection_entry::remote_port, and status.
Referenced by init_management_callback_p2p().
◆ management_callback_send_cc_message()
|
static |
This method sends a custom control channel message.
This will write the control message
command parm1,parm2,...
to the control channel.
- Parameters
-
arg The context struct command The command being sent parameters the parameters to the command
- Returns
- if sending was successful
Definition at line 307 of file init.c.
References alloc_buf_gc(), ASSERT, BSTR, buf_printf(), D_PUSH, gc, gc_free(), gc_new(), buffer::len, PUSH_BUNDLE_SIZE, send_control_channel_string(), and status.
Referenced by init_management_callback_p2p().
◆ management_callback_status_p2p()
|
static |
Definition at line 4365 of file init.c.
References print_status().
Referenced by init_management_callback_p2p().
◆ management_show_net_callback()
| void management_show_net_callback | ( | void * | arg, |
| const int | msglevel | ||
| ) |
Definition at line 4372 of file init.c.
References msg, show_adapters(), and show_routes().
Referenced by init_management_callback_multi(), and init_management_callback_p2p().
◆ next_connection_entry()
|
static |
Definition at line 521 of file init.c.
References options::advance_next_remote, connection_list::array, ASSERT, context::c1, options::ce, options::ce_advance_count, CE_DISABLED, ce_management_query_proxy(), ce_management_query_remote(), clear_remote_addrlist(), options::connect_retry_max, connection_list::current, link_socket_addr::current_remote, connection_entry::flags, IS_SIG, connection_list::len, context_1::link_socket_addrs, M_FATAL, management_query_proxy_enabled(), management_query_remote_enabled(), msg, options::no_advance, context::options, options::persist_remote_ip, link_socket_addr::remote_list, options::resolve_in_advance, options::unsuccessful_attempts, and update_options_ce_post().
Referenced by init_instance(), and test_crypto_thread().
◆ open_management()
| bool open_management | ( | struct context * | c | ) |
Definition at line 4469 of file init.c.
References close_management(), do_hold(), management_callback::flags, IS_SIG, M_WARN, options::management_addr, options::management_client_group, options::management_client_user, options::management_echo_buffer_size, options::management_flags, options::management_log_history_cache, management_open(), options::management_port, management_set_state(), options::management_state_buffer_size, options::management_user_pass, MF_SERVER, options::mode, MODE_SERVER, msg, OPENVPN_STATE_CONNECTING, context::options, and options::remap_sigusr1.
Referenced by openvpn_main().
◆ open_plugins()
| void open_plugins | ( | struct context * | c, |
| const bool | import_options, | ||
| int | init_point | ||
| ) |
Definition at line 4303 of file init.c.
References context::c2, D_IMPORT_ERRORS, context_2::es, context::es, plugin_return::list, M_OPTERR, plugin_return::n, OPT_P_DEFAULT, OPT_P_PLUGIN, context::options, options_string_import(), options::plugin_list, plugin_list_open(), plugin_return_defined(), plugin_return_free(), plugin_return_get_column(), plugin_return_init(), context::plugins, and context::plugins_owned.
Referenced by init_instance(), and openvpn_main().
◆ open_tun_backend()
|
static |
Definition at line 1905 of file init.c.
References tuntap::actual_name, tuntap::backend_driver, context::c1, context::c2, options::dev, options::dev_node, options::dev_type, DRIVER_AFUNIX, DRIVER_NULL, context_2::es, context_2::frame, M_INFO, msg, context::net_ctx, open_tun(), open_tun_afunix(), open_tun_null(), context::options, print_tun_backend_driver(), frame::tun_mtu, and context_1::tuntap.
Referenced by do_open_tun().
◆ options_hash_changed_or_zero()
|
static |
◆ persist_client_stats()
| void persist_client_stats | ( | struct context * | c | ) |
Definition at line 4543 of file init.c.
References man_persist_client_stats().
Referenced by tunnel_point_to_point().
◆ possibly_become_daemon()
| bool possibly_become_daemon | ( | const struct options * | options | ) |
Definition at line 1177 of file init.c.
References daemon(), options::daemon, options::log, M_ERR, msg, restore_signal_state(), and set_std_files_to_null().
Referenced by openvpn_main().
◆ pre_setup()
| void pre_setup | ( | const struct options * | options | ) |
Definition at line 1314 of file init.c.
References options::config, options::exit_event_initial_state, options::exit_event_name, buffer::len, win32_signal::mode, win32_signal_open(), window_title_generate(), window_title_save(), WSO_FORCE_CONSOLE, WSO_FORCE_SERVICE, and WSO_MODE_CONSOLE.
Referenced by openvpn_main().
◆ print_openssl_info()
| bool print_openssl_info | ( | const struct options * | options | ) |
Definition at line 992 of file init.c.
References options::cipher_list, options::cipher_list_tls13, show_available_ciphers(), show_available_curves(), show_available_digests(), show_available_engines(), show_available_tls_ciphers(), options::show_ciphers, options::show_curves, options::show_digests, options::show_engines, options::show_tls_ciphers, and options::tls_cert_profile.
Referenced by openvpn_main().
◆ pull_permission_mask()
| unsigned int pull_permission_mask | ( | const struct context * | c | ) |
Definition at line 2592 of file init.c.
References OPT_P_COMP, OPT_P_DHCPDNS, OPT_P_ECHO, OPT_P_EXPLICIT_NOTIFY, OPT_P_MESSAGES, OPT_P_NCP, OPT_P_PEER_ID, OPT_P_PERSIST, OPT_P_PULL_MODE, OPT_P_PUSH_MTU, OPT_P_ROUTE, OPT_P_ROUTE_EXTRAS, OPT_P_SETENV, OPT_P_SHAPER, OPT_P_SOCKBUF, OPT_P_SOCKFLAGS, OPT_P_TIMER, OPT_P_UP, context::options, and options::route_nopull.
Referenced by incoming_push_message().
◆ remove_pid_file()
| void remove_pid_file | ( | void | ) |
Definition at line 5150 of file init.c.
References platform_unlink(), and saved_pid_file_name.
Referenced by openvpn_exit().
◆ reset_coarse_timers()
| void reset_coarse_timers | ( | struct context * | c | ) |
Definition at line 1342 of file init.c.
References buffer::len.
Referenced by check_connection_established(), check_tls(), do_init_timers(), do_up(), process_explicit_exit_notification_init(), and schedule_exit().
◆ route_noexec_enabled()
Determine if external route commands should be executed based on configured options and backend driver.
Definition at line 1705 of file init.c.
References tuntap::backend_driver, DRIVER_AFUNIX, DRIVER_NULL, and options::route_noexec.
Referenced by do_route().
◆ run_up_down()
|
static |
Definition at line 109 of file init.c.
References argv_free(), argv_msg(), argv_new(), argv_parse_cmd(), argv_printf(), argv_printf_cat(), ASSERT, es, gc, gc_free(), gc_new(), M_FATAL, M_INFO, msg, openvpn_run_script(), plugin_call(), plugin_defined(), S_FATAL, setenv_int(), and setenv_str().
Referenced by do_close_tun(), and do_open_tun().
◆ socket_restart_pause()
|
static |
Definition at line 2851 of file init.c.
References AR_NOINTERACT, auth_retry_get(), options::ce, CM_CHILD_TCP, CM_CHILD_UDP, CM_TOP, connection_entry::connect_retry_seconds, connection_entry::connect_retry_seconds_max, options::connection_list, D_RESTART, do_hold(), connection_list::len, management_sleep(), max_int(), min_int(), context::mode, msg, context::options, context::persist, connection_entry::proto, PROTO_UDP, context_persist::restart_sleep_seconds, options::server_backoff_time, options::tls_client, and options::unsuccessful_attempts.
Referenced by do_startup_pause().
◆ test_crypto_thread()
|
static |
Definition at line 5164 of file init.c.
References ASSERT, context::c1, context::c2, context_gc_free(), context_init_1(), context_2::crypto_options, do_init_crypto_static(), context_2::frame, frame_finalize_options(), init_verb_mute(), IVM_LEVEL_1, key_schedule_free(), context_1::ks, next_connection_entry(), context::options, crypto_options::packet_id, packet_id_free(), test_crypto(), and options::test_crypto.
Referenced by do_test_crypto().
◆ tls_print_deferred_options_results()
|
static |
Prints the results of options imported for the data channel.
- Parameters
-
c
Definition at line 2302 of file init.c.
References add_delim_if_non_empty(), BSTR, buf_clear(), buf_len(), buf_printf(), buf_set_write(), cipher_kt_mode_aead(), cipher_kt_name(), CO_EPOCH_DATA_KEY_FORMAT, CO_USE_CC_EXIT_NOTIFY, CO_USE_DYNAMIC_TLS_CRYPT, CO_USE_TLS_KEY_MATERIAL_EXPORT, D_HANDSHAKE, buffer::len, md_kt_name(), msg, context::options, PING_EXIT, and PING_UNDEF.
Referenced by do_up().
◆ tun_abort()
| void tun_abort | ( | void | ) |
Definition at line 2255 of file init.c.
References do_close_tun(), and static_context.
Referenced by openvpn_exit().
◆ uninit_management_callback()
| void uninit_management_callback | ( | void | ) |
Definition at line 4532 of file init.c.
References management_clear_callback().
Referenced by init_instance_handle_signals(), tunnel_point_to_point(), and tunnel_server().
◆ uninit_proxy()
|
static |
Definition at line 734 of file init.c.
References uninit_proxy_dowork().
Referenced by close_instance().
◆ uninit_proxy_dowork()
|
static |
Definition at line 679 of file init.c.
References context::c1, context_1::http_proxy, http_proxy_close(), context_1::http_proxy_owned, context_1::socks_proxy, socks_proxy_close(), and context_1::socks_proxy_owned.
Referenced by init_proxy_dowork(), and uninit_proxy().
◆ uninit_static()
| void uninit_static | ( | void | ) |
◆ update_options_ce_post()
|
static |
Definition at line 192 of file init.c.
References options::ce, options::ping_rec_timeout, options::ping_rec_timeout_action, PING_RESTART, PING_UNDEF, PRE_PULL_INITIAL_PING_RESTART, connection_entry::proto, proto_is_dgram(), and options::pull.
Referenced by next_connection_entry().
◆ write_pid_file()
| void write_pid_file | ( | const char * | filename, |
| const char * | chroot_dir | ||
| ) |
Definition at line 5116 of file init.c.
References options::chroot_dir, M_ERR, M_FATAL, msg, platform_fopen(), platform_getpid(), and saved_pid_file_name.
Referenced by openvpn_main().
Variable Documentation
◆ saved_pid_file_name
|
static |
Definition at line 63 of file init.c.
Referenced by remove_pid_file(), and write_pid_file().
◆ static_context
|
static |
Definition at line 62 of file init.c.
Referenced by do_close_tun(), do_open_tun(), and tun_abort().
