#include "syshead.h"
#include "buffer.h"
#include "misc.h"
#include "base64.h"
#include "tun.h"
#include "error.h"
#include "otime.h"
#include "plugin.h"
#include "options.h"
#include "manage.h"
#include "crypto.h"
#include "route.h"
#include "console.h"
#include "win32.h"
#include "memdbg.h"

Include dependency graph for misc.c:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros
#define	n_rnd_bytes 6

Functions
void	set_std_files_to_null (bool stdin_only)

const char *	hostname_randomize (const char hostname, struct gc_arena gc)

static bool	auth_user_pass_mgmt (struct user_pass up, const char prefix, const unsigned int flags, const char *auth_challenge)

static struct auth_challenge_info *	parse_auth_challenge (const char auth_challenge, struct gc_arena gc)
	Parses an authentication challenge string and returns an auth_challenge_info structure.

bool	get_user_pass_cr (struct user_pass up, const char auth_file, const char prefix, const unsigned int flags, const char auth_challenge)
	Retrieves the user credentials from various sources depending on the flags.

void	purge_user_pass (struct user_pass *up, const bool force)

void	set_auth_token (struct user_pass tk, const char token)
	Sets the auth-token to token.

void	set_auth_token_user (struct user_pass tk, const char username)
	Sets the auth-token username by base64 decoding the passed username.

const char *	safe_print (const char str, struct gc_arena gc)

const char **	make_arg_array (const char first, const char parms, struct gc_arena *gc)

static const char **	make_inline_array (const char str, struct gc_arena gc)

static const char **	make_arg_copy (char *p, struct gc_arena gc)

const char **	make_extended_arg_array (char *p, bool is_inline, struct gc_arena gc)

const char *	sanitize_control_message (const char src, struct gc_arena gc)

bool	validate_peer_info_line (char *line)

void	output_peer_info_env (struct env_set es, const char peer_info)

struct buffer	prepend_dir (const char dir, const char path, struct gc_arena *gc)
	Prepend a directory to a path.

void	protect_user_pass (struct user_pass *up)
	Encrypt username and password buffers in user_pass.

void	unprotect_user_pass (struct user_pass *up)
	Decrypt username and password buffers in user_pass.

Macro Definition Documentation

◆ n_rnd_bytes

#define n_rnd_bytes 6

Function Documentation

◆ auth_user_pass_mgmt()

static bool auth_user_pass_mgmt	(	struct user_pass *	up,
		const char *	prefix,
		const unsigned int	flags,
		const char *	auth_challenge
	)

static

Definition at line 100 of file misc.c.

References auth_challenge, GET_USER_PASS_NOFATAL, GET_USER_PASS_PREVIOUS_CREDS_FAILED, GET_USER_PASS_STATIC_CHALLENGE, buffer::len, M_FATAL, management_auth_failure(), management_query_user_pass(), and msg.

Referenced by get_user_pass_cr().

◆ get_user_pass_cr()

bool get_user_pass_cr	(	struct user_pass *	up,
		const char *	auth_file,
		const char *	prefix,
		const unsigned int	flags,
		const char *	auth_challenge
	)

Retrieves the user credentials from various sources depending on the flags.

Parameters

up	The user_pass structure to store the retrieved credentials.
auth_file	The path to the authentication file. Might be NULL.
prefix	The prefix to prepend to user prompts.
flags	Additional flags to control the behavior of the function.
auth_challenge	The authentication challenge string.

Returns: true if the user credentials were successfully retrieved, false otherwise.

Definition at line 211 of file misc.c.

References alloc_buf_gc(), auth_challenge, auth_user_pass_mgmt(), BLEN, BOOL_CAST, BSTR, buf_parse(), buf_printf(), buf_set_read(), buf_set_write(), CC_CRLF, CC_PRINT, chomp(), CR_ECHO, D_LOW, user_pass::defined, gc, gc_free(), gc_malloc(), gc_new(), GET_USER_PASS_DYNAMIC_CHALLENGE, GET_USER_PASS_INLINE_CREDS, GET_USER_PASS_MANAGEMENT, GET_USER_PASS_NEED_OK, GET_USER_PASS_PASSWORD_ONLY, GET_USER_PASS_PREVIOUS_CREDS_FAILED, GET_USER_PASS_STATIC_CHALLENGE, GET_USER_PASS_STATIC_CHALLENGE_CONCAT, GET_USER_PASS_STATIC_CHALLENGE_ECHO, buffer::len, M_ERR, M_FATAL, M_INFO, M_WARN, management_query_user_pass_enabled(), msg, openvpn_base64_encode(), parse_auth_challenge(), user_pass::password, platform_fopen(), query_user_add(), query_user_clear(), query_user_exec(), query_user_SINGLE(), streq, string_clear(), string_mod(), strncpynt(), unprotect_user_pass(), USER_PASS_LEN, and user_pass::username.

Referenced by auth_user_pass_setup(), test_get_user_pass_authfile_file(), test_get_user_pass_authfile_stdin(), test_get_user_pass_defined(), test_get_user_pass_dynamic_challenge(), test_get_user_pass_inline_creds(), test_get_user_pass_needok(), and test_get_user_pass_static_challenge().

◆ hostname_randomize()

const char * hostname_randomize	(	const char *	hostname,
		struct gc_arena *	gc
	)

Definition at line 82 of file misc.c.

References alloc_buf_gc(), BSTR, buf_printf(), format_hex_ex(), gc, buffer::len, n_rnd_bytes, and prng_bytes().

Referenced by openvpn_getaddrinfo().

◆ make_arg_array()

const char ** make_arg_array	(	const char *	first,
		const char *	parms,
		struct gc_arena *	gc
	)

Definition at line 563 of file misc.c.

References ALLOC_ARRAY_CLEAR_GC, ASSERT, gc, buffer::len, M_WARN, MAX_PARMS, parse_line(), and string_alloc().

Referenced by make_extended_arg_array().

◆ make_arg_copy()

static const char ** make_arg_copy	(	char **	p,
		struct gc_arena *	gc
	)

static

Definition at line 621 of file misc.c.

References ALLOC_ARRAY_CLEAR_GC, gc, buffer::len, and string_array_len().

Referenced by make_extended_arg_array().

◆ make_extended_arg_array()

const char ** make_extended_arg_array	(	char **	p,
		bool	is_inline,
		struct gc_arena *	gc
	)

Definition at line 640 of file misc.c.

References gc, buffer::len, make_arg_array(), make_arg_copy(), make_inline_array(), and string_array_len().

Referenced by plugin_option_list_add(), and push_options().

◆ make_inline_array()

static const char ** make_inline_array	(	const char *	str,
		struct gc_arena *	gc
	)

static

Definition at line 590 of file misc.c.

References ALLOC_ARRAY_CLEAR_GC, ASSERT, buf_parse(), buf_set_read(), chomp(), gc, buffer::len, OPTION_LINE_SIZE, skip_leading_whitespace(), and string_alloc().

Referenced by make_extended_arg_array().

◆ output_peer_info_env()

void output_peer_info_env	(	struct env_set *	es,
		const char *	peer_info
	)

Definition at line 771 of file misc.c.

References buf_parse(), buf_set_read(), chomp(), env_set_add(), es, buffer::len, M_INFO, M_WARN, msg, and validate_peer_info_line().

Referenced by key_method_2_read().

◆ parse_auth_challenge()

static struct auth_challenge_info * parse_auth_challenge	(	const char *	auth_challenge,
		struct gc_arena *	gc
	)

static

Parses an authentication challenge string and returns an auth_challenge_info structure.

The authentication challenge string should follow the dynamic challenge/response protocol.

See doc/management-notes.txt for more info on the dynamic challenge/response protocol implemented here.

Parameters

auth_challenge	The authentication challenge string to parse. Can't be NULL.
gc	The gc_arena structure for memory allocation.

Returns: A pointer to the parsed auth_challenge_info structure, or NULL if parsing fails.

Definition at line 141 of file misc.c.

References ALLOC_OBJ_CLEAR_GC, ASSERT, auth_challenge, BSTR, buf_parse(), buf_set_read(), CR_ECHO, CR_RESPONSE, gc, gc_malloc(), buffer::len, openvpn_base64_decode(), and string_alloc().

Referenced by get_user_pass_cr().

◆ prepend_dir()

struct buffer prepend_dir	(	const char *	dir,
		const char *	path,
		struct gc_arena *	gc
	)

Prepend a directory to a path.

Definition at line 793 of file misc.c.

References alloc_buf_gc(), ASSERT, buf_printf(), gc, buffer::len, and PATH_SEPARATOR_STR.

Referenced by check_file_access_chroot(), and init_ssl().

◆ protect_user_pass()

void protect_user_pass ( struct user_pass * up )

Encrypt username and password buffers in user_pass.

Definition at line 804 of file misc.c.

References user_pass::password, protect_buffer_win32(), user_pass::protected, purge_user_pass(), and user_pass::username.

Referenced by get_user_pass_http(), key_method_2_write(), purge_user_pass(), set_auth_token(), and set_auth_token_user().

◆ purge_user_pass()

void purge_user_pass	(	struct user_pass *	up,
		const bool	force
	)

Definition at line 485 of file misc.c.

References buffer::len, M_WARN, msg, user_pass::nocache, protect_user_pass(), and secure_memzero().

Referenced by clear_user_pass_http(), establish_http_proxy_passthru(), key_method_2_write(), pem_password_callback(), protect_user_pass(), ssl_clean_auth_token(), ssl_purge_auth(), and unprotect_user_pass().

◆ safe_print()

const char * safe_print	(	const char *	str,
		struct gc_arena *	gc
	)

Definition at line 557 of file misc.c.

References CC_CRLF, CC_PRINT, gc, buffer::len, and string_mod_const().

Referenced by options_warning_safe_scan2().

◆ sanitize_control_message()

const char * sanitize_control_message	(	const char *	src,
		struct gc_arena *	gc
	)

Definition at line 670 of file misc.c.

References check_debug_level(), D_SHOW_KEYS, gc, gc_malloc(), and buffer::len.

Referenced by incoming_push_message(), and send_control_channel_string_dowork().

◆ set_auth_token()

void set_auth_token	(	struct user_pass *	tk,
		const char *	token
	)

Sets the auth-token to token.

The method will also purge up if the auth-nocache option is active.

Parameters

tk	auth-token userpass to set
token	token to use as password for the auth-token

Note: all parameters to this function must not be null.

Definition at line 510 of file misc.c.

References buffer::len, protect_user_pass(), strncpynt(), unprotect_user_pass(), and USER_PASS_LEN.

Referenced by ssl_set_auth_token().

◆ set_auth_token_user()

void set_auth_token_user	(	struct user_pass *	tk,
		const char *	username
	)

Sets the auth-token username by base64 decoding the passed username.

Parameters

tk	auth-token userpass to set
username	base64 encoded username to set

Note: all parameters to this function must not be null.

Definition at line 530 of file misc.c.

References CLEAR, D_PUSH, buffer::len, msg, openvpn_base64_decode(), protect_user_pass(), unprotect_user_pass(), and USER_PASS_LEN.

Referenced by ssl_set_auth_token_user().

◆ set_std_files_to_null()

void set_std_files_to_null ( bool stdin_only )

Definition at line 56 of file misc.c.

Referenced by open_syslog(), and possibly_become_daemon().

◆ unprotect_user_pass()

void unprotect_user_pass ( struct user_pass * up )

Decrypt username and password buffers in user_pass.

Definition at line 824 of file misc.c.

References user_pass::password, user_pass::protected, purge_user_pass(), unprotect_buffer_win32(), and user_pass::username.

Referenced by auth_user_pass_setup(), establish_http_proxy_passthru(), get_user_pass_cr(), key_method_2_write(), pem_password_setup(), set_auth_token(), and set_auth_token_user().

◆ validate_peer_info_line()

bool validate_peer_info_line ( char * line )

Definition at line 733 of file misc.c.

References buffer::len.

Referenced by man_output_peer_info_env(), and output_peer_info_env().

Macros

Functions

Macro Definition Documentation

◆ n_rnd_bytes

Function Documentation

◆ auth_user_pass_mgmt()

◆ get_user_pass_cr()

◆ hostname_randomize()

◆ make_arg_array()

◆ make_arg_copy()

◆ make_extended_arg_array()

◆ make_inline_array()

◆ output_peer_info_env()

◆ parse_auth_challenge()

◆ prepend_dir()

◆ protect_user_pass()

◆ purge_user_pass()

◆ safe_print()

◆ sanitize_control_message()

◆ set_auth_token()

◆ set_auth_token_user()

◆ set_std_files_to_null()

◆ unprotect_user_pass()

◆ validate_peer_info_line()