OpenVPN
openvpn.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #elif defined(_MSC_VER)
27 #include "config-msvc.h"
28 #endif
29 
30 #include "syshead.h"
31 
32 #include "init.h"
33 #include "forward.h"
34 #include "multi.h"
35 #include "win32.h"
36 #include "platform.h"
37 
38 #include "memdbg.h"
39 
40 #include "forward-inline.h"
41 
42 #define P2P_CHECK_SIG() EVENT_LOOP_CHECK_SIGNAL(c, process_signal_p2p, c);
43 
44 static bool
46 {
47  remap_signal(c);
48  return process_signal(c);
49 }
50 
51 /* Write our PID to a file */
52 static void
53 write_pid(const char *filename)
54 {
55  if (filename)
56  {
57  unsigned int pid = 0;
58  FILE *fp = platform_fopen(filename, "w");
59  if (!fp)
60  {
61  msg(M_ERR, "Open error on pid file %s", filename);
62  }
63 
64  pid = platform_getpid();
65  fprintf(fp, "%u\n", pid);
66  if (fclose(fp))
67  {
68  msg(M_ERR, "Close error on pid file %s", filename);
69  }
70  }
71 }
72 
73 
74 /**************************************************************************/
82 static void
84 {
85  context_clear_2(c);
86 
87  /* set point-to-point mode */
88  c->mode = CM_P2P;
89 
90  /* initialize tunnel instance */
92  if (IS_SIG(c))
93  {
94  return;
95  }
96 
97  /* main event loop */
98  while (true)
99  {
101 
102  /* process timers, TLS, etc. */
103  pre_select(c);
104  P2P_CHECK_SIG();
105 
106  /* set up and do the I/O wait */
107  io_wait(c, p2p_iow_flags(c));
108  P2P_CHECK_SIG();
109 
110  /* timeout? */
111  if (c->c2.event_set_status == ES_TIMEOUT)
112  {
113  perf_pop();
114  continue;
115  }
116 
117  /* process the I/O which triggered select */
118  process_io(c);
119  P2P_CHECK_SIG();
120 
121  perf_pop();
122  }
123 
125 
126  /* tear down tunnel instance (unless --persist-tun) */
127  close_instance(c);
128 }
129 
130 #undef PROCESS_SIGNAL_P2P
131 
132 
133 /**************************************************************************/
153 static
154 int
155 openvpn_main(int argc, char *argv[])
156 {
157  struct context c;
158 
159 #if PEDANTIC
160  fprintf(stderr, "Sorry, I was built with --enable-pedantic and I am incapable of doing any real work!\n");
161  return 1;
162 #endif
163 
164 #ifdef _WIN32
165  SetConsoleOutputCP(CP_UTF8);
166 #endif
167 
168  CLEAR(c);
169 
170  /* signify first time for components which can
171  * only be initialized once per program instantiation. */
172  c.first_time = true;
173 
174  /* initialize program-wide statics */
175  if (init_static())
176  {
177  /*
178  * This loop is initially executed on startup and then
179  * once per SIGHUP.
180  */
181  do
182  {
183  /* enter pre-initialization mode with regard to signal handling */
185 
186  /* zero context struct but leave first_time member alone */
188 
189  /* static signal info object */
191  c.sig = &siginfo_static;
192 
193  /* initialize garbage collector scoped to context object */
194  gc_init(&c.gc);
195 
196  /* initialize environmental variable store */
197  c.es = env_set_create(NULL);
198 #ifdef _WIN32
200 #endif
201 
202 #ifdef ENABLE_MANAGEMENT
203  /* initialize management subsystem */
204  init_management(&c);
205 #endif
206 
207  /* initialize options to default state */
208  init_options(&c.options, true);
209 
210  /* parse command line options, and read configuration file */
211  parse_argv(&c.options, argc, argv, M_USAGE, OPT_P_DEFAULT, NULL, c.es);
212 
213 #ifdef ENABLE_PLUGIN
214  /* plugins may contribute options configuration */
216  init_plugins(&c);
217  open_plugins(&c, true, OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE);
218 #endif
219 
220  /* init verbosity and mute levels */
222 
223  /* set dev options */
225 
226  /* openssl print info? */
227  if (print_openssl_info(&c.options))
228  {
229  break;
230  }
231 
232  /* --genkey mode? */
233  if (do_genkey(&c.options))
234  {
235  break;
236  }
237 
238  /* tun/tap persist command? */
239  if (do_persist_tuntap(&c.options))
240  {
241  break;
242  }
243 
244  /* sanity check on options */
246 
247  /* show all option settings */
249 
250  /* print version number */
251  msg(M_INFO, "%s", title_string);
252 #ifdef _WIN32
254 #endif
256 
257  /* misc stuff */
258  pre_setup(&c.options);
259 
260  /* test crypto? */
261  if (do_test_crypto(&c.options))
262  {
263  break;
264  }
265 
266  /* Query passwords before becoming a daemon if we don't use the
267  * management interface to get them. */
268 #ifdef ENABLE_MANAGEMENT
270 #endif
272 
273  /* become a daemon if --daemon */
274  if (c.first_time)
275  {
278  }
279 
280 #ifdef ENABLE_MANAGEMENT
281  /* open management subsystem */
282  if (!open_management(&c))
283  {
284  break;
285  }
286  /* query for passwords through management interface, if needed */
288  {
290  }
291 #endif
292 
293  /* set certain options as environmental variables */
294  setenv_settings(c.es, &c.options);
295 
296  /* finish context init */
297  context_init_1(&c);
298 
299  do
300  {
301  /* run tunnel depending on mode */
302  switch (c.options.mode)
303  {
304  case MODE_POINT_TO_POINT:
306  break;
307 
308 #if P2MP_SERVER
309  case MODE_SERVER:
310  tunnel_server(&c);
311  break;
312 
313 #endif
314  default:
315  ASSERT(0);
316  }
317 
318  /* indicates first iteration -- has program-wide scope */
319  c.first_time = false;
320 
321  /* any signals received? */
322  if (IS_SIG(&c))
323  {
324  print_signal(c.sig, NULL, M_INFO);
325  }
326 
327  /* pass restart status to management subsystem */
329  }
330  while (c.sig->signal_received == SIGUSR1);
331 
333  gc_reset(&c.gc);
334  }
335  while (c.sig->signal_received == SIGHUP);
336  }
337 
338  context_gc_free(&c);
339 
340  env_set_destroy(c.es);
341 
342 #ifdef ENABLE_MANAGEMENT
343  /* close management interface */
345 #endif
346 
347  /* uninitialize program-wide statics */
348  uninit_static();
349 
350  openvpn_exit(OPENVPN_EXIT_STATUS_GOOD); /* exit point */
351  return 0; /* NOTREACHED */
352 }
353 
354 #ifdef _WIN32
355 int
356 wmain(int argc, wchar_t *wargv[])
357 {
358  char **argv;
359  int ret;
360  int i;
361 
362  if ((argv = calloc(argc+1, sizeof(char *))) == NULL)
363  {
364  return 1;
365  }
366 
367  for (i = 0; i < argc; i++)
368  {
369  int n = WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, NULL, 0, NULL, NULL);
370  argv[i] = malloc(n);
371  WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, argv[i], n, NULL, NULL);
372  }
373 
374  ret = openvpn_main(argc, argv);
375 
376  for (i = 0; i < argc; i++)
377  {
378  free(argv[i]);
379  }
380  free(argv);
381 
382  return ret;
383 }
384 #else /* ifdef _WIN32 */
385 int
386 main(int argc, char *argv[])
387 {
388  return openvpn_main(argc, argv);
389 }
390 #endif /* ifdef _WIN32 */
struct signal_info siginfo_static
Definition: sig.c:46
static int openvpn_main(int argc, char *argv[])
OpenVPN&#39;s main init-run-cleanup loop.
Definition: openvpn.c:155
void print_signal(const struct signal_info *si, const char *title, int msglevel)
Definition: sig.c:130
unsigned int platform_getpid(void)
Definition: platform.c:176
#define OPT_P_DEFAULT
Definition: options.h:648
unsigned int management_flags
Definition: options.h:366
struct options options
Options loaded from command line or configuration file.
Definition: openvpn.h:510
void init_verb_mute(struct context *c, unsigned int flags)
Definition: init.c:963
#define OPENVPN_EXIT_STATUS_GOOD
Definition: error.h:55
#define PERF_EVENT_LOOP
Definition: perf.h:44
#define M_INFO
Definition: errlevel.h:55
Contains all state information for one tunnel.
Definition: openvpn.h:508
static void tunnel_point_to_point(struct context *c)
Main event loop for OpenVPN in client mode, where only one VPN tunnel is active.
Definition: openvpn.c:83
struct env_set * es
Set of environment variables.
Definition: openvpn.h:531
void remap_signal(struct context *c)
Definition: sig.c:374
void openvpn_exit(const int status)
Definition: error.c:733
void close_instance(struct context *c)
Definition: init.c:4265
#define ASSERT(x)
Definition: error.h:221
#define SIGUSR1
Definition: config-msvc.h:116
static void write_pid(const char *filename)
Definition: openvpn.c:53
static void perf_pop(void)
Definition: perf.h:82
static void perf_push(int type)
Definition: perf.h:78
#define CLEAR(x)
Definition: basic.h:33
struct signal_info * sig
Internal error signaling object.
Definition: openvpn.h:533
void open_plugins(struct context *c, const bool import_options, int init_point)
Definition: init.c:3694
void pre_select(struct context *c)
Definition: forward.c:1553
int wmain(int argc, wchar_t *wargv[])
Definition: openvpn.c:356
void init_query_passwords(const struct context *c)
Query for private key and auth-user-pass username/passwords.
Definition: init.c:530
#define SIGHUP
Definition: config-msvc.h:114
void init_management(struct context *c)
Definition: init.c:3839
void close_management(void)
Definition: init.c:3899
#define ES_TIMEOUT
Definition: openvpn.h:245
bool init_static(void)
Definition: init.c:703
#define MODE_SERVER
Definition: options.h:179
bool print_openssl_info(const struct options *options)
Definition: init.c:996
void init_instance_handle_signals(struct context *c, const struct env_set *env, const unsigned int flags)
Definition: init.c:3927
void pre_init_signal_catch(void)
Definition: sig.c:239
void init_options_dev(struct options *options)
Definition: init.c:986
FILE * platform_fopen(const char *path, const char *mode)
Definition: platform.c:300
bool open_management(struct context *c)
Definition: init.c:3848
void context_gc_free(struct context *c)
Definition: init.c:664
bool do_genkey(const struct options *options)
Definition: init.c:1035
void set_win_sys_path_via_env(struct env_set *es)
Definition: win32.c:1221
int mode
Definition: options.h:180
int main(void)
Definition: test.c:44
#define M_USAGE
Definition: error.h:111
bool do_persist_tuntap(const struct options *options)
Definition: init.c:1065
static void gc_init(struct gc_arena *a)
Definition: buffer.h:969
void uninit_static(void)
Definition: init.c:943
#define M_ERR
Definition: error.h:110
static bool process_signal_p2p(struct context *c)
Definition: openvpn.c:45
bool possibly_become_daemon(const struct options *options)
Definition: init.c:1107
struct env_set * env_set_create(struct gc_arena *gc)
Definition: misc.c:437
void init_plugins(struct context *c)
Definition: init.c:3684
void process_io(struct context *c)
Definition: forward.c:1815
Interface functions to the internal and external multiplexers.
#define IS_SIG(c)
Definition: sig.h:50
struct context_2 c2
Level 2 context.
Definition: openvpn.h:547
const char * writepid
Definition: options.h:286
void show_library_versions(const unsigned int flags)
Definition: options.c:4125
void context_clear_all_except_first_time(struct context *c)
Definition: init.c:87
void show_windows_version(const unsigned int flags)
Definition: options.c:4116
void context_init_1(struct context *c)
Definition: init.c:617
bool process_signal(struct context *c)
Definition: sig.c:439
void signal_restart_status(const struct signal_info *si)
Definition: sig.c:184
void tunnel_server(struct context *top)
Main event loop for OpenVPN in server mode.
Definition: multi.c:3370
#define MODE_POINT_TO_POINT
Definition: options.h:178
#define MF_QUERY_PASSWORDS
Definition: manage.h:338
void pre_setup(const struct options *options)
Definition: init.c:1238
volatile int signal_received
Definition: sig.h:45
void init_options(struct options *o, const bool init_gc)
Definition: options.c:783
void show_settings(const struct options *o)
Definition: options.c:1543
void uninit_options(struct options *o)
Definition: options.c:905
int mode
Role of this context within the OpenVPN process.
Definition: openvpn.h:522
#define msg
Definition: error.h:173
bool do_test_crypto(const struct options *o)
Definition: init.c:4534
static unsigned int p2p_iow_flags(const struct context *c)
void context_clear_2(struct context *c)
Definition: init.c:81
#define P2P_CHECK_SIG()
Definition: openvpn.c:42
bool first_time
True on the first iteration of OpenVPN&#39;s main loop.
Definition: openvpn.h:513
#define IVM_LEVEL_1
Definition: init.h:49
struct gc_arena gc
Garbage collection arena for allocations done in the scope of this context structure.
Definition: openvpn.h:527
void setenv_settings(struct env_set *es, const struct options *o)
Definition: options.c:987
static void gc_reset(struct gc_arena *a)
Definition: buffer.h:1003
Definition: argv.h:35
bool did_we_daemonize
Whether demonization has already taken place.
Definition: openvpn.h:540
void parse_argv(struct options *options, const int argc, char *argv[], const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
Definition: options.c:4634
void env_set_destroy(struct env_set *es)
Definition: misc.c:447
static void io_wait(struct context *c, const unsigned int flags)
unsigned int event_set_status
Definition: openvpn.h:254
#define CM_P2P
Definition: openvpn.h:517
const char title_string[]
Definition: options.c:64
#define CC_HARD_USR1_TO_HUP
Definition: init.h:107
void uninit_management_callback(void)
Definition: init.c:3912
void options_postprocess(struct options *options)
Definition: options.c:3351