57#include "openvpn-plugin.h"
86 snprintf(logid, 128,
"%s",
MODULE);
90 va_start(arglist, fmt);
107#define OPENVPN_PLUGIN_VERSION_MIN 3
108#define OPENVPN_PLUGIN_STRUCTVER_MIN 5
128 const size_t namelen = strlen(name);
129 for (
int i = 0; envp[
i]; ++
i)
131 if (!strncmp(envp[
i], name, namelen))
133 const char *cp = envp[
i] + namelen;
181 struct openvpn_plugin_args_open_return *ret)
185 fprintf(stderr,
"%s: this plugin is incompatible with the running version of OpenVPN\n",
187 return OPENVPN_PLUGIN_FUNC_ERROR;
193 plog(NULL, PLOG_NOTE,
"FUNC: openvpn_plugin_open_v3");
206 if ((args->argv[4]) && !args->argv[5])
208 context->authid = strdup(args->argv[1]);
215 context->test_valid_user = strdup(args->argv[3]);
221 context->test_valid_pass = strdup(args->argv[4]);
230 plog(
context, PLOG_ERR,
"Too many arguments provided");
234 if (
context->test_deferred_auth > 0)
242 ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY);
243 ret->handle = (openvpn_plugin_handle_t *)
context;
245 plog(
context, PLOG_NOTE,
"initialization succeeded");
246 return OPENVPN_PLUGIN_FUNC_SUCCESS;
254 return OPENVPN_PLUGIN_FUNC_ERROR;
260 plog(
context, PLOG_NOTE,
"expect_user=%s, received_user=%s, expect_passw=%s, received_passw=%s",
268 plog(
context, PLOG_ERR,
"User/Password auth result: FAIL");
273 plog(
context, PLOG_NOTE,
"User/Password auth result: PASS");
283 const char *
argv[],
const char *envp[])
289 if (!
context->test_deferred_auth)
293 : OPENVPN_PLUGIN_FUNC_ERROR;
297 const char *auth_control_file =
get_env(
"auth_control_file", envp);
298 plog(
context, PLOG_NOTE,
"auth_control_file=%s", auth_control_file);
301 if (!auth_control_file)
303 return OPENVPN_PLUGIN_FUNC_ERROR;
316 return OPENVPN_PLUGIN_FUNC_ERROR;
320 waitpid(p1, NULL, 0);
321 return OPENVPN_PLUGIN_FUNC_DEFERRED;
328 plog(
context, PLOG_ERR | PLOG_ERRNO,
"BACKGROUND: fork(2) failed");
344 useconds_t wait_time = (useconds_t)
context->test_deferred_auth * 1000;
345 plog(
context, PLOG_NOTE,
"in async/deferred handler, usleep(%u)", wait_time);
349 int fd = open(auth_control_file, O_WRONLY);
352 plog(
context, PLOG_ERR | PLOG_ERRNO,
"open('%s') failed", auth_control_file);
356 char result[2] =
"0\0";
362 if (
write(fd, result, 1) != 1)
364 plog(
context, PLOG_ERR | PLOG_ERRNO,
"write to '%s' failed", auth_control_file);
374 struct openvpn_plugin_args_func_return *ret)
378 fprintf(stderr,
"%s: this plugin is incompatible with the running version of OpenVPN\n",
380 return OPENVPN_PLUGIN_FUNC_ERROR;
383 const char **envp = args->envp;
389 case OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY:
390 plog(
context, PLOG_NOTE,
"OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY");
395 return OPENVPN_PLUGIN_FUNC_ERROR;
403 plog(
context, PLOG_NOTE,
"FUNC: openvpn_plugin_client_constructor_v1");
411 plog(
context, PLOG_NOTE,
"FUNC: openvpn_plugin_client_destructor_v1");
412 free(per_client_context);
419 plog(
context, PLOG_NOTE,
"FUNC: openvpn_plugin_close_v1");
OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
static int auth_user_pass_verify(struct plugin_context *context, struct plugin_per_client_context *pcc, const char *argv[], const char *envp[])
OPENVPN_EXPORT void openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *per_client_context)
static const char * np(const char *str)
#define OPENVPN_PLUGIN_VERSION_MIN
#define OPENVPN_PLUGIN_STRUCTVER_MIN
static const char * get_env(const char *name, const char *envp[])
OPENVPN_EXPORT int openvpn_plugin_func_v3(const int v3structver, struct openvpn_plugin_args_func_in const *args, struct openvpn_plugin_args_func_return *ret)
OPENVPN_EXPORT void * openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
static bool do_auth_user_pass(struct plugin_context *context, const char *username, const char *password)
OPENVPN_EXPORT int openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args, struct openvpn_plugin_args_open_return *ret)
OPENVPN_EXPORT int openvpn_plugin_min_version_required_v1(void)
static int atoi_null0(const char *str)
static plugin_vlog_t _plugin_vlog_func
static void plog(const struct plugin_context *ctx, int flags, char *fmt,...)
Contains all state information for one tunnel.