OpenVPN
sample
sample-plugins
simple
simple.c
Go to the documentation of this file.
1
/*
2
* OpenVPN -- An application to securely tunnel IP networks
3
* over a single TCP/UDP port, with support for SSL/TLS-based
4
* session authentication and key exchange,
5
* packet encryption, packet authentication, and
6
* packet compression.
7
*
8
* Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9
*
10
* This program is free software; you can redistribute it and/or modify
11
* it under the terms of the GNU General Public License version 2
12
* as published by the Free Software Foundation.
13
*
14
* This program is distributed in the hope that it will be useful,
15
* but WITHOUT ANY WARRANTY; without even the implied warranty of
16
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
* GNU General Public License for more details.
18
*
19
* You should have received a copy of the GNU General Public License along
20
* with this program; if not, see <https://www.gnu.org/licenses/>.
21
*/
22
23
/*
24
* This file implements a simple OpenVPN plugin module which
25
* will examine the username/password provided by a client,
26
* and make an accept/deny determination. Will run
27
* on Windows or *nix.
28
*
29
* See the README file for build instructions.
30
*/
31
32
#include <stdio.h>
33
#include <string.h>
34
#include <stdlib.h>
35
36
#include "openvpn-plugin.h"
37
38
/*
39
* Our context, where we keep our state.
40
*/
41
struct
plugin_context
42
{
43
const
char
*
username
;
44
const
char
*
password
;
45
};
46
47
/*
48
* Given an environmental variable name, search
49
* the envp array for its value, returning it
50
* if found or NULL otherwise.
51
*/
52
static
const
char
*
53
get_env
(
const
char
*name,
const
char
*envp[])
54
{
55
if
(envp)
56
{
57
const
size_t
namelen = strlen(name);
58
for
(
int
i
= 0; envp[
i
]; ++
i
)
59
{
60
if
(!strncmp(envp[
i
], name, namelen))
61
{
62
const
char
*cp = envp[
i
] + namelen;
63
if
(*cp ==
'='
)
64
{
65
return
cp + 1;
66
}
67
}
68
}
69
}
70
return
NULL;
71
}
72
73
OPENVPN_EXPORT openvpn_plugin_handle_t
74
openvpn_plugin_open_v1
(
unsigned
int
*type_mask,
const
char
*
argv
[],
const
char
*envp[])
75
{
76
struct
plugin_context
*
context
;
77
78
/*
79
* Allocate our context
80
*/
81
context
= (
struct
plugin_context
*)calloc(1,
sizeof
(
struct
plugin_context
));
82
if
(
context
== NULL)
83
{
84
printf(
"PLUGIN: allocating memory for context failed\n"
);
85
return
NULL;
86
}
87
88
/*
89
* Set the username/password we will require.
90
*/
91
context
->username =
"foo"
;
92
context
->password =
"bar"
;
93
94
/*
95
* We are only interested in intercepting the
96
* --auth-user-pass-verify callback.
97
*/
98
*type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY);
99
100
return
(openvpn_plugin_handle_t)
context
;
101
}
102
103
OPENVPN_EXPORT
int
104
openvpn_plugin_func_v1
(openvpn_plugin_handle_t handle,
const
int
type,
const
char
*
argv
[],
105
const
char
*envp[])
106
{
107
struct
plugin_context
*
context
= (
struct
plugin_context
*)handle;
108
109
/* get username/password from envp string array */
110
const
char
*
username
=
get_env
(
"username"
, envp);
111
const
char
*
password
=
get_env
(
"password"
, envp);
112
113
/* check entered username/password against what we require */
114
if
(
username
&& !strcmp(
username
,
context
->username) &&
password
115
&& !strcmp(
password
,
context
->password))
116
{
117
return
OPENVPN_PLUGIN_FUNC_SUCCESS;
118
}
119
else
120
{
121
return
OPENVPN_PLUGIN_FUNC_ERROR;
122
}
123
}
124
125
OPENVPN_EXPORT
void
126
openvpn_plugin_close_v1
(openvpn_plugin_handle_t handle)
127
{
128
struct
plugin_context
*
context
= (
struct
plugin_context
*)handle;
129
free(
context
);
130
}
openvpn_plugin_func_v1
OPENVPN_EXPORT int openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
Definition
simple.c:104
openvpn_plugin_close_v1
OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
Definition
simple.c:126
openvpn_plugin_open_v1
OPENVPN_EXPORT openvpn_plugin_handle_t openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[])
Definition
simple.c:74
get_env
static const char * get_env(const char *name, const char *envp[])
Definition
simple.c:53
argv
Definition
argv.h:35
context
Contains all state information for one tunnel.
Definition
openvpn.h:474
plugin_context
Definition
sample-client-connect.c:62
plugin_context::password
const char * password
Definition
log.c:42
plugin_context::username
const char * username
Definition
log.c:41
i
int i
Definition
test_push_update_msg.c:120
Generated by
1.9.8