OpenVPN 3 Core Library
Loading...
Searching...
No Matches
servproto.hpp
Go to the documentation of this file.
1// OpenVPN -- An application to securely tunnel IP networks
2// over a single port, with support for SSL/TLS-based
3// session authentication and key exchange,
4// packet encryption, packet authentication, and
5// packet compression.
6//
7// Copyright (C) 2012- OpenVPN Inc.
8//
9// SPDX-License-Identifier: MPL-2.0 OR AGPL-3.0-only WITH openvpn3-openssl-exception
10//
11
12// OpenVPN protocol implementation for client-instance object on server
13
14#ifndef OPENVPN_SERVER_SERVPROTO_H
15#define OPENVPN_SERVER_SERVPROTO_H
16
17#include <cstdlib> // defines std::abort()
18#include <memory>
19#include <utility> // for std::move
20
21#include <openvpn/common/size.hpp>
22#include <openvpn/common/exception.hpp>
23#include <openvpn/common/rc.hpp>
24#include <openvpn/common/unicode.hpp>
25#include <openvpn/common/link.hpp>
26#include <openvpn/buffer/bufstream.hpp>
27#include <openvpn/time/asiotimer.hpp>
28#include <openvpn/time/coarsetime.hpp>
29#include <openvpn/crypto/cryptodc.hpp>
30#include <openvpn/ssl/proto.hpp>
31#include <openvpn/transport/server/transbase.hpp>
32#include <openvpn/tun/server/tunbase.hpp>
33#include <openvpn/server/manage.hpp>
34
35#ifdef OPENVPN_DEBUG_SERVPROTO
36#define OPENVPN_LOG_SERVPROTO(x) OPENVPN_LOG(x)
37#else
38#define OPENVPN_LOG_SERVPROTO(x)
39#endif
40
41namespace openvpn {
42
43class ServerProto
44{
45 using TransportLink = Link<TransportClientInstance::Send, TransportClientInstance::Recv>;
46 using TunLink = Link<TunClientInstance::Send, TunClientInstance::Recv>;
47 using ManLink = Link<ManClientInstance::Send, ManClientInstance::Recv>;
48
49 public:
50 class Session;
51
102
103 // This is the main server-side client instance object
104 class Session : ProtoContextCallbackInterface, // Callback interface from protocol implementation
105 public TransportLink, // Transport layer
106 public TunLink, // Tun/routing layer
107 public ManLink // Management layer
108 {
109 friend class Factory; // calls constructor
110
111 public:
112 using Ptr = RCPtr<Session>;
113
114 bool defined() const override
115 {
116 return defined_();
117 }
118
119 TunClientInstance::Recv *override_tun(TunClientInstance::Send *tun) override
120 {
121 TunLink::send.reset(tun);
122 return this;
123 }
124
125 void start(const TransportClientInstance::Send::Ptr &parent,
126 const PeerAddr::Ptr &addr,
127 const int local_peer_id,
128 const ProtoSessionID cookie_psid = ProtoSessionID()) override
129 {
130 TransportLink::send = parent;
131 peer_addr = addr;
132
133 // init OpenVPN protocol handshake
134 proto_context.update_now();
135 proto_context.reset(cookie_psid);
136 proto_context.set_local_peer_id(local_peer_id);
137 proto_context.start(cookie_psid);
138 proto_context.flush(true);
139
140 // coarse wakeup range
141 housekeeping_schedule.init(Time::Duration::binary_ms(512), Time::Duration::binary_ms(1024));
142 }
143
144 PeerStats stats_poll() override
145 {
146 if (TransportLink::send)
147 return TransportLink::send->stats_poll();
148 return PeerStats();
149 }
150
151 bool should_preserve_session_id() override
152 {
153 return preserve_session_id;
154 }
155
156 void stop() override
157 {
158 if (!halt)
159 {
160 halt = true;
161 housekeeping_timer.cancel();
162
163 if (ManLink::send)
164 ManLink::send->pre_stop();
165
166 // deliver final peer stats to management layer
167 if (TransportLink::send && ManLink::send)
168 {
169 if (TransportLink::send->stats_pending())
170 ManLink::send->stats_notify(TransportLink::send->stats_poll(), true);
171 }
172
173 proto_context.pre_destroy();
174 proto_context.reset_dc_factory();
175 if (TransportLink::send)
176 {
177 TransportLink::send->stop();
178 TransportLink::send.reset();
179 }
180 if (TunLink::send)
181 {
182 TunLink::send->stop();
183 TunLink::send.reset();
184 }
185 if (ManLink::send)
186 {
187 ManLink::send->stop();
188 ManLink::send.reset();
189 }
190 }
191 }
192
193 // called with OpenVPN-encapsulated packets from transport layer
194 bool transport_recv(BufferAllocated &buf) override
195 {
196 bool ret = false;
197 if (!proto_context.primary_defined())
198 return false;
199 try
200 {
201 OPENVPN_LOG_SERVPROTO(instance_name() << " : Transport RECV[" << buf.size() << "] " << client_endpoint_render() << ' ' << proto_context.dump_packet(buf));
202
203 // update current time
204 proto_context.update_now();
205
206 // get packet type
207 ProtoContext::PacketType pt = proto_context.packet_type(buf);
208
209 // process packet
210 if (pt.is_data())
211 {
212 // data packet
213 ret = proto_context.data_decrypt(pt, buf);
214 if (!buf.empty())
215 {
216#ifdef OPENVPN_PACKET_LOG
217 log_packet(buf, false);
218#endif
219 // make packet appear as incoming on tun interface
220 if (true) // fixme: was tun
221 {
222 OPENVPN_LOG_SERVPROTO(instance_name() << " : TUN SEND[" << buf.size() << ']');
223 // fixme -- code me
224 }
225 }
226
227 // do a lightweight flush
228 proto_context.flush(false);
229 }
230 else if (pt.is_control())
231 {
232 // control packet
233 ret = proto_context.control_net_recv(pt, std::move(buf));
234
235 // do a full flush
236 proto_context.flush(true);
237 }
238
239 // schedule housekeeping wakeup
240 set_housekeeping_timer();
241 }
242 catch (const std::exception &e)
243 {
244 error(e);
245 ret = false;
246 }
247
248 return ret;
249 }
250
251 // called with cleartext IP packets from routing layer
252 void tun_recv(BufferAllocated &buf) override
253 {
254 // fixme -- code me
255 }
256
257 // Return true if keepalive parameter(s) are enabled.
258 bool is_keepalive_enabled() const override
259 {
260 return proto_context.is_keepalive_enabled();
261 }
262
263 // Disable keepalive for rest of session, but fetch
264 // the keepalive parameters (in seconds).
265 // Also, allow the management layer to override parameters.
266 void disable_keepalive(unsigned int &keepalive_ping,
267 unsigned int &keepalive_timeout) override
268 {
269 proto_context.disable_keepalive(keepalive_ping, keepalive_timeout);
270 if (ManLink::send)
271 ManLink::send->keepalive_override(keepalive_ping, keepalive_timeout);
272 }
273
274 // override the data channel factory
275 void override_dc_factory(const CryptoDCFactory::Ptr &dc_factory) override
276 {
277 proto_context.dc_settings().set_factory(dc_factory);
278 }
279
280 virtual ~Session()
281 {
282 // fatal error if destructor called while Session is active
283 if (defined_())
284 std::abort();
285 }
286
287 private:
288 Session(openvpn_io::io_context &io_context_arg,
289 const Factory &factory,
290 ManClientInstance::Factory::Ptr man_factory_arg,
291 TunClientInstance::Factory::Ptr tun_factory_arg)
292 : proto_context(this, factory.clone_proto_config(), factory.stats),
293 housekeeping_timer(io_context_arg),
294 disconnect_at(Time::infinite()),
295 stats(factory.stats),
296 man_factory(std::move(man_factory_arg)),
297 tun_factory(std::move(tun_factory_arg))
298 {
299 }
300
301 bool supports_epoch_data() override
302 {
303 /* TODO: currently all server implementations do not implement this feature in their data channel */
304 return false;
305 }
306
307 bool defined_() const
308 {
309 return !halt && TransportLink::send;
310 }
311
312 // proto base class calls here for control channel network sends
313 void control_net_send(const Buffer &net_buf) override
314 {
315 OPENVPN_LOG_SERVPROTO(instance_name() << " : Transport SEND[" << net_buf.size() << "] " << client_endpoint_render() << ' ' << proto_context.dump_packet(net_buf));
316 if (TransportLink::send)
317 {
318 if (TransportLink::send->transport_send_const(net_buf))
319 proto_context.update_last_sent();
320 }
321 }
322
323 // Called on server with credentials and peer info provided by client.
324 // Should be overriden by derived class if credentials are required.
325 void server_auth(const std::string &username,
326 const SafeString &password,
327 const std::string &peer_info,
328 const AuthCert::Ptr &auth_cert) override
329 {
330 constexpr size_t MAX_USERNAME_SIZE = 256;
331 constexpr size_t MAX_PASSWORD_SIZE = 16384;
332
333 if (get_management())
334 {
335 AuthCreds::Ptr auth_creds(new AuthCreds(Unicode::utf8_printable(username, MAX_USERNAME_SIZE | Unicode::UTF8_FILTER),
336 Unicode::utf8_printable(password, MAX_PASSWORD_SIZE | Unicode::UTF8_FILTER | Unicode::UTF8_PASS_FMT),
337 Unicode::utf8_printable(peer_info, Unicode::UTF8_FILTER | Unicode::UTF8_PASS_FMT)));
338 proto_request_push = ProtoContext::IvProtoHelper(auth_creds->peer_info).client_supports_request_push();
339 ManLink::send->auth_request(auth_creds, auth_cert, peer_addr);
340 }
341 }
342
343 // proto base class calls here for app-level control-channel messages received
344 void control_recv(BufferPtr &&app_bp) override
345 {
346 const std::string msg = ProtoContext::template read_control_string<std::string>(*app_bp);
347 if (!Unicode::is_valid_utf8(msg, Unicode::UTF8_NO_CTRL))
348 {
349 /* if we received invalid data from a client on the control channel terminate the connection */
350 const std::string reason("Control channel message with invalid characters received");
351 auth_failed(reason, reason);
352 return;
353 }
354
355 if (msg == "PUSH_REQUEST")
356 {
357 if (get_management())
358 ManLink::send->push_request(proto_context.conf_ptr());
359 else
360 auth_failed("no management provider", "");
361 }
362 else if (msg == "EXIT")
363 {
364 OPENVPN_LOG("Client disconnecting from server, EXIT received");
365 disconnect_type = DT_HALT_RESTART;
366 disconnect_in(Time::Duration::seconds(1));
367 }
368 else if (msg.starts_with("ACC,"))
369 {
370 if (get_management())
371 ManLink::send->app_control(msg);
372 }
373 else
374 {
375 OPENVPN_LOG(instance_name() << " : Unrecognized client request: " << msg);
376 }
377 }
378
379 void active(bool primary) override
380 {
381 if (proto_request_push && get_management())
382 ManLink::send->push_request(proto_context.conf_ptr());
383 }
384
385 void auth_failed(const std::string &reason,
386 const std::string &client_reason) override
387 {
388 push_halt_restart_msg(HaltRestart::AUTH_FAILED, reason, client_reason);
389 }
390
391 void relay(const IP::Addr &target, const int port) override
392 {
393 if (halt || disconnect_type == DT_HALT_RESTART)
394 return;
395
396 proto_context.update_now();
397
398 if (TunLink::send && (disconnect_type < DT_RELAY_TRANSITION))
399 {
400 disconnect_type = DT_RELAY_TRANSITION;
401 TunLink::send->relay(target, port);
402 disconnect_in(Time::Duration::seconds(10)); // not a real disconnect, just complete transition to relay
403 }
404
405 if (proto_context.primary_defined())
406 {
407 auto buf = BufferAllocatedRc::Create(64);
408 buf_append_string(*buf, "RELAY");
409 buf->null_terminate();
410 proto_context.control_send(std::move(buf));
411 proto_context.flush(true);
412 }
413
414 set_housekeeping_timer();
415 }
416
417 void push_reply(std::vector<BufferPtr> &&push_msgs) override
418 {
419 if (halt || (disconnect_type >= DT_RELAY_TRANSITION) || !proto_context.primary_defined())
420 return;
421
422 if (disconnect_type == DT_AUTH_PENDING)
423 {
424 disconnect_type = DT_NONE;
425 cancel_disconnect();
426 }
427
428 proto_context.update_now();
429
430 if (get_tun())
431 {
432 proto_context.init_data_channel();
433 for (auto &msg : push_msgs)
434 {
435 msg->null_terminate();
436 proto_context.control_send(std::move(msg));
437 }
438 proto_context.flush(true);
439 set_housekeeping_timer();
440 }
441 else
442 {
443 auth_failed("no tun provider", "");
444 }
445 }
446
447 TunClientInstance::NativeHandle tun_native_handle() override
448 {
449 if (get_tun())
450 return TunLink::send->tun_native_handle();
451 return TunClientInstance::NativeHandle();
452 }
453
454 void push_halt_restart_msg(const HaltRestart::Type type,
455 const std::string &reason,
456 const std::string &client_reason) override
457 {
458 if (halt || disconnect_type == DT_HALT_RESTART)
459 return;
460
461 proto_context.update_now();
462
463 auto buf = BufferAllocatedRc::Create(128, BufAllocFlags::GROW);
464 BufferStreamOut os(*buf);
465
466 std::string ts;
467
468 switch (type)
469 {
470 case HaltRestart::HALT:
471 ts = "HALT";
472 os << "HALT,";
473 if (!client_reason.empty())
474 os << client_reason;
475 else
476 os << "client was disconnected from server";
477 disconnect_type = DT_HALT_RESTART;
478 disconnect_in(Time::Duration::seconds(1));
479 preserve_session_id = false;
480 break;
481 case HaltRestart::RESTART:
482 ts = "RESTART";
483 os << "RESTART,";
484 if (!client_reason.empty())
485 os << client_reason;
486 else
487 os << "server requested a client reconnect";
488 disconnect_type = DT_HALT_RESTART;
489 disconnect_in(Time::Duration::seconds(1));
490 preserve_session_id = false;
491 break;
492 case HaltRestart::RESTART_PASSIVE:
493 ts = "RESTART_PASSIVE";
494 os << "RESTART,[P]:";
495 if (!client_reason.empty())
496 os << client_reason;
497 else
498 os << "server requested a client reconnect";
499 break;
500 case HaltRestart::RESTART_PSID:
501 ts = "RESTART_PSID";
502 os << "RESTART,[P]:";
503 if (!client_reason.empty())
504 os << client_reason;
505 else
506 os << "server requested a client reconnect";
507 disconnect_type = DT_HALT_RESTART;
508 disconnect_in(Time::Duration::seconds(1));
509 break;
510 case HaltRestart::AUTH_FAILED:
511 ts = "AUTH_FAILED";
512 os << ts;
513 if (!client_reason.empty())
514 os << ',' << client_reason;
515 disconnect_type = DT_HALT_RESTART;
516 disconnect_in(Time::Duration::seconds(1));
517 preserve_session_id = false;
518 break;
519 case HaltRestart::RAW:
520 {
521 const size_t pos = reason.find_first_of(',');
522 if (pos != std::string::npos)
523 ts = reason.substr(0, pos);
524 else
525 ts = reason;
526 os << reason;
527 disconnect_type = DT_HALT_RESTART;
528 disconnect_in(Time::Duration::seconds(1));
529 preserve_session_id = false;
530 break;
531 }
532 }
533
534 OPENVPN_LOG(instance_name() << " : Disconnect: " << ts << ' ' << reason);
535
536 if (proto_context.primary_defined())
537 {
538 buf->null_terminate();
539 proto_context.control_send(std::move(buf));
540 proto_context.flush(true);
541 }
542
543 set_housekeeping_timer();
544 }
545
546 void schedule_disconnect(const unsigned int seconds) override
547 {
548 if (halt || disconnect_type == DT_HALT_RESTART)
549 return;
550 proto_context.update_now();
551 disconnect_in(Time::Duration::seconds(seconds));
552 set_housekeeping_timer();
553 }
554
555 void schedule_auth_pending_timeout(const unsigned int seconds) override
556 {
557 if (halt || (disconnect_type >= DT_RELAY_TRANSITION) || !seconds)
558 return;
559 proto_context.update_now();
560 disconnect_type = DT_AUTH_PENDING;
561 disconnect_in(Time::Duration::seconds(seconds));
562 set_housekeeping_timer();
563 }
564
565 void post_cc_msg(BufferPtr &&msg) override
566 {
567 if (halt || !proto_context.primary_defined())
568 return;
569
570 proto_context.update_now();
571 msg->null_terminate();
572 proto_context.control_send(std::move(msg));
573 proto_context.flush(true);
574 set_housekeeping_timer();
575 }
576
577 void stats_notify(const PeerStats &ps, const bool final) override
578 {
579 if (ManLink::send)
580 ManLink::send->stats_notify(ps, final);
581 }
582
583 void float_notify(const PeerAddr::Ptr &addr) override
584 {
585 if (ManLink::send)
586 ManLink::send->float_notify(addr);
587 }
588
589 void ipma_notify(const struct ovpn_tun_head_ipma &ipma) override
590 {
591 if (ManLink::send)
592 ManLink::send->ipma_notify(ipma);
593 }
594
595 void data_limit_notify(const int key_id,
596 const DataLimit::Mode cdl_mode,
597 const DataLimit::State cdl_status) override
598 {
599 proto_context.update_now();
600 proto_context.data_limit_notify(key_id, cdl_mode, cdl_status);
601 proto_context.flush(true);
602 set_housekeeping_timer();
603 }
604
605 bool get_management()
606 {
607 if (halt)
608 OPENVPN_LOG("Debug: ServerProto: get_management() called with halt=true ManLink::send=" << bool(ManLink::send) << " man_factory=" << bool(man_factory));
609 if (!ManLink::send)
610 {
611 if (man_factory && !halt)
612 ManLink::send = man_factory->new_man_obj(this);
613 }
614 return bool(ManLink::send);
615 }
616
617 bool get_tun()
618 {
619 if (halt)
620 OPENVPN_LOG("Debug: ServerProto: get_tun() called with halt=true TunLink::send=" << bool(TunLink::send) << " tun_factory=" << bool(tun_factory));
621 if (!TunLink::send)
622 {
623 if (tun_factory && !halt)
624 TunLink::send = tun_factory->new_tun_obj(this);
625 }
626 return bool(TunLink::send);
627 }
628
629 // caller must ensure that update_now() was called before
630 // and set_housekeeping_timer() called after this method
631 void disconnect_in(const Time::Duration &dur)
632 {
633 disconnect_at = proto_context.now() + dur;
634 }
635
636 void cancel_disconnect()
637 {
638 disconnect_at = Time::infinite();
639 }
640
641 void housekeeping_callback(const openvpn_io::error_code &e)
642 {
643 try
644 {
645 if (!e && !halt)
646 {
647 // update current time
648 proto_context.update_now();
649
650 housekeeping_schedule.reset();
651 proto_context.housekeeping();
652 if (proto_context.invalidated())
653 invalidation_error(proto_context.invalidation_reason());
654 else if (proto_context.now() >= disconnect_at)
655 {
656 switch (disconnect_type)
657 {
658 case DT_HALT_RESTART:
659 error("disconnect triggered");
660 break;
661 case DT_RELAY_TRANSITION:
662 proto_context.pre_destroy();
663 break;
664 case DT_AUTH_PENDING:
665 auth_failed("Auth Pending Timeout", "Auth Pending Timeout");
666 break;
667 default:
668 error("unknown disconnect");
669 break;
670 }
671 }
672 else
673 set_housekeeping_timer();
674 }
675 }
676 catch (const std::exception &exc)
677 {
678 error(exc);
679 }
680 }
681
682 void set_housekeeping_timer()
683 {
684 Time next = proto_context.next_housekeeping();
685 next.min(disconnect_at);
686 if (!housekeeping_schedule.similar(next))
687 {
688 if (!next.is_infinite())
689 {
690 next.max(proto_context.now());
691 housekeeping_schedule.reset(next);
692 housekeeping_timer.expires_at(next);
693 housekeeping_timer.async_wait([self = Ptr(this)](const openvpn_io::error_code &error)
694 { self->housekeeping_callback(error); });
695 }
696 else
697 {
698 housekeeping_timer.cancel();
699 housekeeping_schedule.reset();
700 }
701 }
702 }
703
704 std::string client_endpoint_render()
705 {
706 if (TransportLink::send)
707 return TransportLink::send->transport_info();
708 return "";
709 }
710
711 void error(const std::string &error)
712 {
713 OPENVPN_LOG(instance_name() << " : ServerProto: " << error);
714 stop();
715 }
716
717 void error(const std::exception &e)
718 {
719 error(e.what());
720 }
721
722 void error()
723 {
724 stop();
725 }
726
727 void invalidation_error(const Error::Type err)
728 {
729 switch (err)
730 {
731 case Error::KEV_NEGOTIATE_ERROR:
732 case Error::KEEPALIVE_TIMEOUT:
733 error();
734 break;
735 default:
736 error(std::string("Session invalidated: ") + Error::name(err));
737 break;
738 }
739 }
740
741 std::string instance_name() const
742 {
743 if (ManLink::send)
744 return ManLink::send->instance_name();
745 return "UNNAMED_CLIENT";
746 }
747
748 // higher values are higher priority
756
757 ProtoContext proto_context;
758 int disconnect_type = DT_NONE;
759 bool preserve_session_id = true;
760
761 bool halt = false;
762
763 PeerAddr::Ptr peer_addr;
764
765 CoarseTime housekeeping_schedule;
766 AsioTimer housekeeping_timer;
767
768 Time disconnect_at;
769
770 SessionStats::Ptr stats;
771
772 ManClientInstance::Factory::Ptr man_factory;
773 TunClientInstance::Factory::Ptr tun_factory;
774
775 bool proto_request_push = false;
776 };
777};
778
783} // namespace openvpn
784
785#endif
openvpn::AsioTimer::expires_at
std::size_t expires_at(const Time &t)
Definition asiotimer.hpp:64
openvpn::CoarseTime::similar
bool similar(const Time &t) const
Definition coarsetime.hpp:47
openvpn::CoarseTime::init
void init(const Time::Duration &pre, const Time::Duration &post)
Definition coarsetime.hpp:32
openvpn::CoarseTime::reset
void reset(const Time &t)
Definition coarsetime.hpp:38
openvpn::ConstBufferType::size
size_t size() const
Returns the size of the buffer in T objects.
Definition buffer.hpp:1241
openvpn::ConstBufferType::empty
bool empty() const
Returns true if the buffer is empty.
Definition buffer.hpp:1235
openvpn::CryptoDCSettings::set_factory
void set_factory(const CryptoDCFactory::Ptr &factory)
Definition cryptodc.hpp:196
openvpn::ProtoContext::data_limit_notify
void data_limit_notify(const unsigned int key_id, const DataLimit::Mode cdl_mode, const DataLimit::State cdl_status)
Definition proto.hpp:4448
openvpn::ProtoContext::control_net_recv
bool control_net_recv(const PacketType &type, BufferPtr &&net_bp)
Definition proto.hpp:4270
openvpn::ProtoContext::set_local_peer_id
void set_local_peer_id(const int local_peer_id)
Definition proto.hpp:4471
openvpn::ProtoContext::now
const Time & now() const
Definition proto.hpp:4477
openvpn::ProtoContext::dc_settings
CryptoDCSettings & dc_settings()
Definition proto.hpp:4459
openvpn::ProtoContext::flush
void flush(const bool control_channel)
Definition proto.hpp:4197
openvpn::ProtoContext::control_send
void control_send(BufferPtr &&app_bp)
Definition proto.hpp:4253
openvpn::ProtoContext::packet_type
PacketType packet_type(const Buffer &buf)
Definition proto.hpp:4158
openvpn::ProtoContext::is_keepalive_enabled
bool is_keepalive_enabled() const
Definition proto.hpp:4424
openvpn::ProtoContext::conf_ptr
ProtoConfig::Ptr conf_ptr() const
Definition proto.hpp:4529
openvpn::ProtoContext::dump_packet
std::string dump_packet(const Buffer &buf)
Definition proto.hpp:1426
openvpn::ProtoContext::data_decrypt
bool data_decrypt(const PacketType &type, BufferAllocated &in_out)
Definition proto.hpp:4301
openvpn::ProtoContext::disable_keepalive
void disable_keepalive(unsigned int &keepalive_ping, unsigned int &keepalive_timeout)
Definition proto.hpp:4432
openvpn::ProtoContext::invalidation_reason
Error::Type invalidation_reason() const
Definition proto.hpp:4388
openvpn::ProtoContext::next_housekeeping
Time next_housekeeping() const
Definition proto.hpp:4235
openvpn::ProtoContext::invalidated
bool invalidated() const
Definition proto.hpp:4382
openvpn::ProtoContext::reset
void reset(const ProtoSessionID cookie_psid=ProtoSessionID())
Resets ProtoContext *this to it's initial state.
Definition proto.hpp:4042
openvpn::ProtoContext::start
void start(const ProtoSessionID cookie_psid=ProtoSessionID())
Initialize the state machine and start protocol negotiation.
Definition proto.hpp:4171
openvpn::RCPtr::reset
void reset() noexcept
Points this RCPtr<T> to nullptr safely.
Definition rc.hpp:290
openvpn::RcEnable::Create
static Ptr Create(ArgsT &&...args)
Creates a new instance of RcEnable with the given arguments.
Definition make_rc.hpp:43
openvpn::SafeString
A string-like type that clears the buffer contents on delete.
Definition safestr.hpp:27
openvpn::ServerProto::Factory::tls_crypt_preval
ProtoContext::TLSWrapPreValidate::Ptr tls_crypt_preval
Definition servproto.hpp:100
openvpn::ServerProto::Factory::Factory
Factory(openvpn_io::io_context &io_context_arg, const ProtoConfig &c)
Definition servproto.hpp:58
openvpn::ServerProto::Factory::new_client_instance
TransportClientInstance::Recv::Ptr new_client_instance() override
Definition servproto.hpp:779
openvpn::ServerProto::Factory::proto_context_config
ProtoConfig::Ptr proto_context_config
Definition servproto.hpp:91
openvpn::ServerProto::Factory::tun_factory
TunClientInstance::Factory::Ptr tun_factory
Definition servproto.hpp:94
openvpn::ServerProto::Factory::ProtoConfig
ProtoContext::ProtoConfig ProtoConfig
Definition servproto.hpp:56
openvpn::ServerProto::Factory::clone_proto_config
ProtoConfig::Ptr clone_proto_config() const
Definition servproto.hpp:85
openvpn::ServerProto::Factory::tls_auth_preval
ProtoContext::TLSWrapPreValidate::Ptr tls_auth_preval
Definition servproto.hpp:99
openvpn::ServerProto::Factory::validate_initial_packet
bool validate_initial_packet(const BufferAllocated &net_buf) override
Definition servproto.hpp:71
openvpn::ServerProto::Factory::io_context
openvpn_io::io_context & io_context
Definition servproto.hpp:90
openvpn::ServerProto::Factory::man_factory
ManClientInstance::Factory::Ptr man_factory
Definition servproto.hpp:93
openvpn::ServerProto::Session::disable_keepalive
void disable_keepalive(unsigned int &keepalive_ping, unsigned int &keepalive_timeout) override
Definition servproto.hpp:266
openvpn::ServerProto::Session::disconnect_in
void disconnect_in(const Time::Duration &dur)
Definition servproto.hpp:631
openvpn::ServerProto::Session::housekeeping_callback
void housekeeping_callback(const openvpn_io::error_code &e)
Definition servproto.hpp:641
openvpn::ServerProto::Session::override_dc_factory
void override_dc_factory(const CryptoDCFactory::Ptr &dc_factory) override
Definition servproto.hpp:275
openvpn::ServerProto::Session::error
void error(const std::exception &e)
Definition servproto.hpp:717
openvpn::ServerProto::Session::tun_recv
void tun_recv(BufferAllocated &buf) override
Definition servproto.hpp:252
openvpn::ServerProto::Session::control_net_send
void control_net_send(const Buffer &net_buf) override
Definition servproto.hpp:313
openvpn::ServerProto::Session::push_halt_restart_msg
void push_halt_restart_msg(const HaltRestart::Type type, const std::string &reason, const std::string &client_reason) override
Definition servproto.hpp:454
openvpn::ServerProto::Session::override_tun
TunClientInstance::Recv * override_tun(TunClientInstance::Send *tun) override
Definition servproto.hpp:119
openvpn::ServerProto::Session::schedule_disconnect
void schedule_disconnect(const unsigned int seconds) override
Definition servproto.hpp:546
openvpn::ServerProto::Session::man_factory
ManClientInstance::Factory::Ptr man_factory
Definition servproto.hpp:772
openvpn::ServerProto::Session::active
void active(bool primary) override
Called when KeyContext transitions to ACTIVE state.
Definition servproto.hpp:379
openvpn::ServerProto::Session::supports_epoch_data
bool supports_epoch_data() override
Definition servproto.hpp:301
openvpn::ServerProto::Session::data_limit_notify
void data_limit_notify(const int key_id, const DataLimit::Mode cdl_mode, const DataLimit::State cdl_status) override
Definition servproto.hpp:595
openvpn::ServerProto::Session::control_recv
void control_recv(BufferPtr &&app_bp) override
Definition servproto.hpp:344
openvpn::ServerProto::Session::tun_factory
TunClientInstance::Factory::Ptr tun_factory
Definition servproto.hpp:773
openvpn::ServerProto::Session::should_preserve_session_id
bool should_preserve_session_id() override
Definition servproto.hpp:151
openvpn::ServerProto::Session::defined
bool defined() const override
Definition servproto.hpp:114
openvpn::ServerProto::Session::error
void error(const std::string &error)
Definition servproto.hpp:711
openvpn::ServerProto::Session::relay
void relay(const IP::Addr &target, const int port) override
Definition servproto.hpp:391
openvpn::ServerProto::Session::tun_native_handle
TunClientInstance::NativeHandle tun_native_handle() override
Definition servproto.hpp:447
openvpn::ServerProto::Session::transport_recv
bool transport_recv(BufferAllocated &buf) override
Definition servproto.hpp:194
openvpn::ServerProto::Session::instance_name
std::string instance_name() const
Definition servproto.hpp:741
openvpn::ServerProto::Session::server_auth
void server_auth(const std::string &username, const SafeString &password, const std::string &peer_info, const AuthCert::Ptr &auth_cert) override
Definition servproto.hpp:325
openvpn::ServerProto::Session::stats_notify
void stats_notify(const PeerStats &ps, const bool final) override
Definition servproto.hpp:577
openvpn::ServerProto::Session::schedule_auth_pending_timeout
void schedule_auth_pending_timeout(const unsigned int seconds) override
Definition servproto.hpp:555
openvpn::ServerProto::Session::push_reply
void push_reply(std::vector< BufferPtr > &&push_msgs) override
Definition servproto.hpp:417
openvpn::ServerProto::Session::Session
Session(openvpn_io::io_context &io_context_arg, const Factory &factory, ManClientInstance::Factory::Ptr man_factory_arg, TunClientInstance::Factory::Ptr tun_factory_arg)
Definition servproto.hpp:288
openvpn::ServerProto::Session::start
void start(const TransportClientInstance::Send::Ptr &parent, const PeerAddr::Ptr &addr, const int local_peer_id, const ProtoSessionID cookie_psid=ProtoSessionID()) override
Definition servproto.hpp:125
openvpn::ServerProto::Session::is_keepalive_enabled
bool is_keepalive_enabled() const override
Definition servproto.hpp:258
openvpn::ServerProto::Session::auth_failed
void auth_failed(const std::string &reason, const std::string &client_reason) override
Definition servproto.hpp:385
openvpn::ServerProto::Session::ipma_notify
void ipma_notify(const struct ovpn_tun_head_ipma &ipma) override
Definition servproto.hpp:589
openvpn::ServerProto::Session::invalidation_error
void invalidation_error(const Error::Type err)
Definition servproto.hpp:727
openvpn::ServerProto::Session::client_endpoint_render
std::string client_endpoint_render()
Definition servproto.hpp:704
openvpn::ServerProto::Session::float_notify
void float_notify(const PeerAddr::Ptr &addr) override
Definition servproto.hpp:583
openvpn::ServerProto::Session::stats_poll
PeerStats stats_poll() override
Definition servproto.hpp:144
openvpn::ServerProto::Session::post_cc_msg
void post_cc_msg(BufferPtr &&msg) override
Definition servproto.hpp:565
openvpn::SessionStats::error
virtual void error(const size_t type, const std::string *text=nullptr)
Definition sessionstats.hpp:53
openvpn::TimeType< oulong >::infinite
static TimeType infinite()
Definition time.hpp:254
openvpn::TimeType::max
void max(const TimeType &t)
Definition time.hpp:343
openvpn::TimeType::min
void min(const TimeType &t)
Definition time.hpp:337
openvpn::TimeType::is_infinite
bool is_infinite() const
Definition time.hpp:266
OPENVPN_LOG
#define OPENVPN_LOG(args)
Definition logdatetime.hpp:23
openvpn::BufAllocFlags::GROW
constexpr BufferFlags GROW(1U<< 2)
if enabled, buffer will grow (otherwise buffer_full exception will be thrown)
openvpn::Error::name
const char * name(const size_t type)
Definition error.hpp:117
openvpn::Error::KEV_NEGOTIATE_ERROR
@ KEV_NEGOTIATE_ERROR
Definition error.hpp:99
openvpn::Error::KEEPALIVE_TIMEOUT
@ KEEPALIVE_TIMEOUT
Definition error.hpp:61
openvpn::Unicode::utf8_printable
STRING utf8_printable(const STRING &str, size_t max_len_flags)
Definition unicode.hpp:129
openvpn::Unicode::is_valid_utf8
bool is_valid_utf8(const STRING &str, const size_t max_len_flags=0)
Definition unicode.hpp:75
openvpn::buf_append_string
void buf_append_string(Buffer &buf, const std::string &str)
Definition bufstr.hpp:82
OPENVPN_LOG_SERVPROTO
#define OPENVPN_LOG_SERVPROTO(x)
Definition servproto.hpp:38
port
proxy_host_port port
Definition test_capture.cpp:707
ret
std::string ret
Definition test_capture.cpp:279
os
std::ostringstream os
Definition test_capture.cpp:1099
msg
#define msg(flags,...)
Definition xkey_msg_compat.h:14