27 #ifdef ENABLE_MANAGEMENT 34 #define MANAGEMENT_VERSION 2 35 #define MANAGEMENT_N_PASSWORD_RETRIES 3 36 #define MANAGEMENT_LOG_HISTORY_INITIAL_SIZE 100 37 #define MANAGEMENT_ECHO_BUFFER_SIZE 100 38 #define MANAGEMENT_STATE_BUFFER_SIZE 100 43 #ifdef MANAGEMENT_DEF_AUTH 44 struct man_def_auth_context {
47 #define DAF_CONNECTION_ESTABLISHED (1<<0) 48 #define DAF_CONNECTION_CLOSED (1<<1) 49 #define DAF_INITIAL_AUTH (1<<2) 52 unsigned int mda_key_id_counter;
54 time_t bytecount_last_update;
94 struct in6_addr local_ip6;
100 #define LOG_PRINT_LOG_PREFIX (1<<0) 101 #define LOG_PRINT_ECHO_PREFIX (1<<1) 102 #define LOG_PRINT_STATE_PREFIX (1<<2) 104 #define LOG_PRINT_INT_DATE (1<<3) 105 #define LOG_PRINT_MSG_FLAGS (1<<4) 106 #define LOG_PRINT_STATE (1<<5) 107 #define LOG_PRINT_LOCAL_IP (1<<6) 109 #define LOG_PRINT_CRLF (1<<7) 110 #define LOG_FATAL_NOTIFY (1<<8) 112 #define LOG_PRINT_INTVAL (1<<9) 114 #define LOG_PRINT_REMOTE_IP (1<<10) 116 #define LOG_ECHO_TO_LOG (1<<11) 158 #define MCF_SERVER (1<<0) 163 int (*kill_by_cn) (
void *arg,
const char *common_name);
164 int (*kill_by_addr) (
void *arg,
const in_addr_t addr,
const int port);
165 void (*delete_event) (
void *arg,
event_t event);
166 int (*n_clients) (
void *arg);
167 #ifdef MANAGEMENT_DEF_AUTH 168 bool (*kill_by_cid)(
void *arg,
const unsigned long cid,
const char *kill_msg);
169 bool (*client_auth) (
void *arg,
170 const unsigned long cid,
171 const unsigned int mda_key_id,
174 const char *client_reason,
176 char *(*get_peer_info) (
void *arg,
const unsigned long cid);
179 bool (*client_pf)(
void *arg,
180 const unsigned long cid,
183 bool (*proxy_cmd)(
void *arg,
const char **p);
184 bool (*remote_cmd) (
void *arg,
const char **p);
185 #ifdef TARGET_ANDROID 186 int (*network_change)(
void *arg,
bool samenetwork);
228 #if UNIX_SOCK_SUPPORT 229 struct sockaddr_un local_unix;
241 #define MANSIG_IGNORE_USR1_HUP (1<<0) 242 #define MANSIG_MAP_USR1_TO_HUP (1<<1) 243 #define MANSIG_MAP_USR1_TO_TERM (1<<2) 248 #define UP_QUERY_DISABLED 0 249 #define UP_QUERY_USER_PASS 1 250 #define UP_QUERY_PASS 2 251 #define UP_QUERY_NEED_OK 3 252 #define UP_QUERY_NEED_STR 4 257 #define MS_CC_WAIT_READ 2 258 #define MS_CC_WAIT_WRITE 3 279 #define IEC_CLIENT_AUTH 1 280 #define IEC_CLIENT_PF 2 281 #define IEC_RSA_SIGN 3 282 #define IEC_CERTIFICATE 4 283 #define IEC_PK_SIGN 5 286 #ifdef MANAGEMENT_DEF_AUTH 287 unsigned long in_extra_cid;
288 unsigned int in_extra_kid;
291 #define EKS_SOLICIT 1 311 #ifdef TARGET_ANDROID 332 #define MF_SERVER (1<<0) 333 #define MF_QUERY_PASSWORDS (1<<1) 334 #define MF_HOLD (1<<2) 335 #define MF_SIGNAL (1<<3) 336 #define MF_FORGET_DISCONNECT (1<<4) 337 #define MF_CONNECT_AS_CLIENT (1<<5) 338 #ifdef MANAGEMENT_DEF_AUTH 339 #define MF_CLIENT_AUTH (1<<6) 342 #define MF_CLIENT_PF (1<<7) 344 #define MF_UNIX_SOCK (1<<8) 345 #define MF_EXTERNAL_KEY (1<<9) 346 #define MF_UP_DOWN (1<<10) 347 #define MF_QUERY_REMOTE (1<<11) 348 #define MF_QUERY_PROXY (1<<12) 349 #define MF_EXTERNAL_CERT (1<<13) 354 const char *pass_file,
355 const char *client_user,
356 const char *client_group,
357 const int log_history_cache,
358 const int echo_buffer_size,
359 const int state_buffer_size,
360 const char *write_peer_info_file,
361 const int remap_sigusr1,
362 const unsigned int flags);
373 unsigned int *persistent);
385 const unsigned int flags,
386 const char *static_challenge);
388 #ifdef TARGET_ANDROID 389 bool management_android_control(
struct management *man,
const char *command,
const char *
msg);
391 #define ANDROID_KEEP_OLD_TUN 1 392 #define ANDROID_OPEN_AFTER_CLOSE 2 393 #define ANDROID_OPEN_BEFORE_CLOSE 3 394 int managment_android_persisttun_action(
struct management *man);
408 void management_notify(
struct management *man,
const char *severity,
const char *type,
const char *text);
412 #ifdef MANAGEMENT_DEF_AUTH 413 void management_notify_client_needing_auth(
struct management *management,
414 const unsigned int auth_id,
415 struct man_def_auth_context *mdac,
418 void management_connection_established(
struct management *management,
419 struct man_def_auth_context *mdac,
422 void management_notify_client_close(
struct management *management,
423 struct man_def_auth_context *mdac,
426 void management_learn_addr(
struct management *management,
427 struct man_def_auth_context *mdac,
463 management_enable_pf(
const struct management *man)
469 #ifdef MANAGEMENT_DEF_AUTH 471 management_enable_def_auth(
const struct management *man)
482 #define OPENVPN_STATE_INITIAL 0 483 #define OPENVPN_STATE_CONNECTING 1 484 #define OPENVPN_STATE_ASSIGN_IP 2 485 #define OPENVPN_STATE_ADD_ROUTES 3 486 #define OPENVPN_STATE_CONNECTED 4 487 #define OPENVPN_STATE_RECONNECTING 5 488 #define OPENVPN_STATE_EXITING 6 491 #define OPENVPN_STATE_WAIT 7 492 #define OPENVPN_STATE_AUTH 8 493 #define OPENVPN_STATE_GET_CONFIG 9 494 #define OPENVPN_STATE_RESOLVE 10 495 #define OPENVPN_STATE_TCP_CONNECT 11 497 #define OPENVPN_STATE_CLIENT_BASE 7 503 const struct in6_addr *tun_local_ip6,
511 void management_echo(
struct management *man,
const char *
string,
const bool pull);
573 #ifdef MANAGEMENT_DEF_AUTH 575 void man_bytecount_output_server(
struct management *man,
578 struct man_def_auth_context *mdac);
581 management_bytes_server(
struct management *man,
584 struct man_def_auth_context *mdac)
588 && (mdac->flags & (DAF_CONNECTION_ESTABLISHED|DAF_CONNECTION_CLOSED)) == DAF_CONNECTION_ESTABLISHED)
590 man_bytecount_output_server(man, bytes_in_total, bytes_out_total, mdac);
void command_line_free(struct command_line *cl)
const char * log_entry_print(const struct log_entry *e, unsigned int flags, struct gc_arena *gc)
void management_pre_tunnel_close(struct management *man)
static int buf_len(const struct buffer *buf)
bool management_over_tunnel
struct log_history * state
void management_sleep(const int n)
A sleep function that services the management layer for n seconds rather than doing nothing...
bool management_query_user_pass(struct management *man, struct user_pass *up, const char *type, const unsigned int flags, const char *static_challenge)
static int log_history_size(const struct log_history *h)
bool management_would_hold(struct management *man)
struct man_persist persist
void management_echo(struct management *man, const char *string, const bool pull)
const char * up_query_type
struct man_connection connection
bool management_open(struct management *man, const char *addr, const char *port, const char *pass_file, const char *client_user, const char *client_group, const int log_history_cache, const int echo_buffer_size, const int state_buffer_size, const char *write_peer_info_file, const int remap_sigusr1, const unsigned int flags)
struct management_callback callback
void command_line_add(struct command_line *cl, const unsigned char *buf, const int len)
struct buffer_list * in_extra
const struct log_entry * log_history_ref(const struct log_history *h, const int index)
void management_socket_set(struct management *man, struct event_set *es, void *arg, unsigned int *persistent)
void management_up_down(struct management *man, const char *updown, const struct env_set *es)
time_t bytecount_last_update
static void management_bytes_out_client(struct management *man, const int size)
char * management_query_pk_sig(struct management *man, const char *b64_data)
void command_line_next(struct command_line *cl)
struct buffer_list * ext_key_input
char * write_peer_info_file
struct command_line * command_line_new(const int buf_len)
void management_auth_token(struct management *man, const char *token)
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local_addr, const struct openvpn_sockaddr *remote_addr)
const char * command_line_get(struct command_line *cl)
static void management_bytes_in(struct management *man, const int size)
void management_notify_generic(struct management *man, const char *str)
void management_event_loop_n_seconds(struct management *man, int sec)
static SERVICE_STATUS status
static void management_bytes_in_client(struct management *man, const int size)
void management_set_callback(struct management *man, const struct management_callback *cb)
struct management * management
unsigned int counter_type
void log_history_close(struct log_history *h)
socket_descriptor_t sd_cli
static bool management_connected(const struct management *man)
void management_io(struct management *man)
struct log_history * log_history_init(const int capacity)
void management_clear_callback(struct management *man)
static int log_history_capacity(const struct log_history *h)
void management_post_tunnel_open(struct management *man, const in_addr_t tun_local_ip)
void log_history_resize(struct log_history *h, const int capacity)
#define MF_QUERY_PASSWORDS
const char * special_state_msg
struct management * management_init(void)
void log_history_add(struct log_history *h, const struct log_entry *le)
void management_auth_failure(struct management *man, const char *type, const char *reason)
static bool management_query_user_pass_enabled(const struct management *man)
SOCKET socket_descriptor_t
Wrapper structure for dynamically allocated memory.
struct buffer_list * ext_cert_input
static settings_t settings
static void man_bytecount_possible_output_client(struct management *man)
socket_descriptor_t sd_top
bool management_should_daemonize(struct management *man)
static void management_bytes_out(struct management *man, const int size)
Garbage collection arena used to keep track of dynamically allocated memory.
bool management_hold(struct management *man, int holdtime)
char * management_query_cert(struct management *man, const char *cert_name)
void management_close(struct management *man)
static bool management_query_remote_enabled(const struct management *man)
int bytecount_update_seconds
void management_notify(struct management *man, const char *severity, const char *type, const char *text)
static bool management_query_proxy_enabled(const struct management *man)
struct man_settings settings
void command_line_reset(struct command_line *cl)
struct log_history * echo
void man_bytecount_output_client(struct management *man)