OpenVPN
log.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22
23/*
24 * This plugin is similar to simple.c, except it also logs extra information
25 * to stdout for every plugin method called by OpenVPN.
26 *
27 * See the README file for build instructions.
28 */
29
30#include <stdio.h>
31#include <string.h>
32#include <stdlib.h>
33
34#include "openvpn-plugin.h"
35
36/*
37 * Our context, where we keep our state.
38 */
39struct plugin_context
40{
41 const char *username;
42 const char *password;
43};
44
45/*
46 * Given an environmental variable name, search
47 * the envp array for its value, returning it
48 * if found or NULL otherwise.
49 */
50static const char *
51get_env(const char *name, const char *envp[])
52{
53 if (envp)
54 {
55 const size_t namelen = strlen(name);
56 for (int i = 0; envp[i]; ++i)
57 {
58 if (!strncmp(envp[i], name, namelen))
59 {
60 const char *cp = envp[i] + namelen;
61 if (*cp == '=')
62 {
63 return cp + 1;
64 }
65 }
66 }
67 }
68 return NULL;
69}
70
71OPENVPN_EXPORT openvpn_plugin_handle_t
72openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[])
73{
74 struct plugin_context *context;
75
76 /*
77 * Allocate our context
78 */
79 context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
80 if (context == NULL)
81 {
82 printf("PLUGIN: allocating memory for context failed\n");
83 return NULL;
84 }
85
86 /*
87 * Set the username/password we will require.
88 */
89 context->username = "foo";
90 context->password = "bar";
91
92 /*
93 * Which callbacks to intercept.
94 */
95 *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
96 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
97 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
98 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
99 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
100 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
101 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
102 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
103 | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
104
105 return (openvpn_plugin_handle_t)context;
106}
107
108void
109show(const int type, const char *argv[], const char *envp[])
110{
111 size_t i;
112 switch (type)
113 {
114 case OPENVPN_PLUGIN_UP:
115 printf("OPENVPN_PLUGIN_UP\n");
116 break;
117
118 case OPENVPN_PLUGIN_DOWN:
119 printf("OPENVPN_PLUGIN_DOWN\n");
120 break;
121
122 case OPENVPN_PLUGIN_ROUTE_UP:
123 printf("OPENVPN_PLUGIN_ROUTE_UP\n");
124 break;
125
126 case OPENVPN_PLUGIN_IPCHANGE:
127 printf("OPENVPN_PLUGIN_IPCHANGE\n");
128 break;
129
130 case OPENVPN_PLUGIN_TLS_VERIFY:
131 printf("OPENVPN_PLUGIN_TLS_VERIFY\n");
132 break;
133
134 case OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY:
135 printf("OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY\n");
136 break;
137
138 case OPENVPN_PLUGIN_CLIENT_CONNECT_V2:
139 printf("OPENVPN_PLUGIN_CLIENT_CONNECT_V2\n");
140 break;
141
142 case OPENVPN_PLUGIN_CLIENT_DISCONNECT:
143 printf("OPENVPN_PLUGIN_CLIENT_DISCONNECT\n");
144 break;
145
146 case OPENVPN_PLUGIN_LEARN_ADDRESS:
147 printf("OPENVPN_PLUGIN_LEARN_ADDRESS\n");
148 break;
149
150 case OPENVPN_PLUGIN_TLS_FINAL:
151 printf("OPENVPN_PLUGIN_TLS_FINAL\n");
152 break;
153
154 default:
155 printf("OPENVPN_PLUGIN_?\n");
156 break;
157 }
158
159 printf("ARGV\n");
160 for (i = 0; argv[i] != NULL; ++i)
161 {
162 printf("%d '%s'\n", (int)i, argv[i]);
163 }
164
165 printf("ENVP\n");
166 for (i = 0; envp[i] != NULL; ++i)
167 {
168 printf("%d '%s'\n", (int)i, envp[i]);
169 }
170}
171
172OPENVPN_EXPORT int
173openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[],
174 const char *envp[])
175{
176 struct plugin_context *context = (struct plugin_context *)handle;
177
178 show(type, argv, envp);
179
180 /* check entered username/password against what we require */
181 if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
182 {
183 /* get username/password from envp string array */
184 const char *username = get_env("username", envp);
185 const char *password = get_env("password", envp);
186
187 if (username && !strcmp(username, context->username) && password
188 && !strcmp(password, context->password))
189 {
190 return OPENVPN_PLUGIN_FUNC_SUCCESS;
191 }
192 else
193 {
194 return OPENVPN_PLUGIN_FUNC_ERROR;
195 }
196 }
197 else
198 {
199 return OPENVPN_PLUGIN_FUNC_SUCCESS;
200 }
201}
202
203OPENVPN_EXPORT void
204openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
205{
206 struct plugin_context *context = (struct plugin_context *)handle;
207 free(context);
208}
OPENVPN_EXPORT int openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
Definition log.c:173
OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
Definition log.c:204
void show(const int type, const char *argv[], const char *envp[])
Definition log.c:109
OPENVPN_EXPORT openvpn_plugin_handle_t openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[])
Definition log.c:72
static const char * get_env(const char *name, const char *envp[])
Definition log.c:51
Definition argv.h:35
Contains all state information for one tunnel.
Definition openvpn.h:474
const char * password
Definition log.c:42
const char * username
Definition log.c:41