OpenVPN
openvpn.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #elif defined(_MSC_VER)
27 #include "config-msvc.h"
28 #endif
29 
30 #include "syshead.h"
31 
32 #include "init.h"
33 #include "forward.h"
34 #include "multi.h"
35 #include "win32.h"
36 #include "platform.h"
37 
38 #include "memdbg.h"
39 
40 #define P2P_CHECK_SIG() EVENT_LOOP_CHECK_SIGNAL(c, process_signal_p2p, c);
41 
42 static bool
44 {
45  remap_signal(c);
46  return process_signal(c);
47 }
48 
49 
50 /**************************************************************************/
58 static void
60 {
61  context_clear_2(c);
62 
63  /* set point-to-point mode */
64  c->mode = CM_P2P;
65 
66  /* initialize tunnel instance */
68  if (IS_SIG(c))
69  {
70  return;
71  }
72 
73  /* main event loop */
74  while (true)
75  {
77 
78  /* process timers, TLS, etc. */
79  pre_select(c);
80  P2P_CHECK_SIG();
81 
82  /* set up and do the I/O wait */
83  io_wait(c, p2p_iow_flags(c));
84  P2P_CHECK_SIG();
85 
86  /* timeout? */
87  if (c->c2.event_set_status == ES_TIMEOUT)
88  {
89  perf_pop();
90  continue;
91  }
92 
93  /* process the I/O which triggered select */
94  process_io(c);
95  P2P_CHECK_SIG();
96 
97  perf_pop();
98  }
99 
101 
102  /* tear down tunnel instance (unless --persist-tun) */
103  close_instance(c);
104 }
105 
106 #undef PROCESS_SIGNAL_P2P
107 
108 
109 /**************************************************************************/
129 static
130 int
131 openvpn_main(int argc, char *argv[])
132 {
133  struct context c;
134 
135 #if PEDANTIC
136  fprintf(stderr, "Sorry, I was built with --enable-pedantic and I am incapable of doing any real work!\n");
137  return 1;
138 #endif
139 
140 #ifdef _WIN32
141  SetConsoleOutputCP(CP_UTF8);
142 #endif
143 
144  CLEAR(c);
145 
146  /* signify first time for components which can
147  * only be initialized once per program instantiation. */
148  c.first_time = true;
149 
150  /* initialize program-wide statics */
151  if (init_static())
152  {
153  /*
154  * This loop is initially executed on startup and then
155  * once per SIGHUP.
156  */
157  do
158  {
159  /* enter pre-initialization mode with regard to signal handling */
161 
162  /* zero context struct but leave first_time member alone */
164 
165  /* static signal info object */
167  c.sig = &siginfo_static;
168 
169  /* initialize garbage collector scoped to context object */
170  gc_init(&c.gc);
171 
172  /* initialize environmental variable store */
173  c.es = env_set_create(NULL);
174 #ifdef _WIN32
176 #endif
177 
178 #ifdef ENABLE_MANAGEMENT
179  /* initialize management subsystem */
180  init_management();
181 #endif
182 
183  /* initialize options to default state */
184  init_options(&c.options, true);
185 
186  /* parse command line options, and read configuration file */
187  parse_argv(&c.options, argc, argv, M_USAGE, OPT_P_DEFAULT, NULL, c.es);
188 
189 #ifdef ENABLE_PLUGIN
190  /* plugins may contribute options configuration */
192  init_plugins(&c);
194 #endif
195 
196  net_ctx_init(&c, &c.net_ctx);
197 
198  /* init verbosity and mute levels */
200 
201  /* set dev options */
203 
204  /* openssl print info? */
205  if (print_openssl_info(&c.options))
206  {
207  break;
208  }
209 
210  /* --genkey mode? */
211  if (do_genkey(&c.options))
212  {
213  break;
214  }
215 
216  /* tun/tap persist command? */
217  if (do_persist_tuntap(&c.options, &c.net_ctx))
218  {
219  break;
220  }
221 
222  /* sanity check on options */
224 
225  /* show all option settings */
227 
228  /* print version number */
229  msg(M_INFO, "%s", title_string);
230 #ifdef _WIN32
232 #endif
234 
235  /* misc stuff */
236  pre_setup(&c.options);
237 
238  /* test crypto? */
239  if (do_test_crypto(&c.options))
240  {
241  break;
242  }
243 
244  /* Query passwords before becoming a daemon if we don't use the
245  * management interface to get them. */
246 #ifdef ENABLE_MANAGEMENT
248 #endif
250 
251  /* become a daemon if --daemon */
252  if (c.first_time)
253  {
256  }
257 
258 #ifdef ENABLE_MANAGEMENT
259  /* open management subsystem */
260  if (!open_management(&c))
261  {
262  break;
263  }
264  /* query for passwords through management interface, if needed */
266  {
268  }
269 #endif
270 
271  /* set certain options as environmental variables */
272  setenv_settings(c.es, &c.options);
273 
274  /* finish context init */
275  context_init_1(&c);
276 
277  do
278  {
279  /* run tunnel depending on mode */
280  switch (c.options.mode)
281  {
282  case MODE_POINT_TO_POINT:
284  break;
285 
286  case MODE_SERVER:
287  tunnel_server(&c);
288  break;
289 
290  default:
291  ASSERT(0);
292  }
293 
294  /* indicates first iteration -- has program-wide scope */
295  c.first_time = false;
296 
297  /* any signals received? */
298  if (IS_SIG(&c))
299  {
300  print_signal(c.sig, NULL, M_INFO);
301  }
302 
303  /* pass restart status to management subsystem */
305  }
306  while (c.sig->signal_received == SIGUSR1);
307 
308  env_set_destroy(c.es);
310  gc_reset(&c.gc);
311  net_ctx_free(&c.net_ctx);
312  }
313  while (c.sig->signal_received == SIGHUP);
314  }
315 
316  context_gc_free(&c);
317 
318 #ifdef ENABLE_MANAGEMENT
319  /* close management interface */
321 #endif
322 
323  /* uninitialize program-wide statics */
324  uninit_static();
325 
326  openvpn_exit(OPENVPN_EXIT_STATUS_GOOD); /* exit point */
327  return 0; /* NOTREACHED */
328 }
329 
330 #ifdef _WIN32
331 int
332 wmain(int argc, wchar_t *wargv[])
333 {
334  char **argv;
335  int ret;
336  int i;
337 
338  if ((argv = calloc(argc+1, sizeof(char *))) == NULL)
339  {
340  return 1;
341  }
342 
343  for (i = 0; i < argc; i++)
344  {
345  int n = WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, NULL, 0, NULL, NULL);
346  argv[i] = malloc(n);
347  WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, argv[i], n, NULL, NULL);
348  }
349 
350  ret = openvpn_main(argc, argv);
351 
352  for (i = 0; i < argc; i++)
353  {
354  free(argv[i]);
355  }
356  free(argv);
357 
358  return ret;
359 }
360 #else /* ifdef _WIN32 */
361 int
362 main(int argc, char *argv[])
363 {
364  return openvpn_main(argc, argv);
365 }
366 #endif /* ifdef _WIN32 */
struct signal_info siginfo_static
Definition: sig.c:46
static int openvpn_main(int argc, char *argv[])
OpenVPN&#39;s main init-run-cleanup loop.
Definition: openvpn.c:131
void print_signal(const struct signal_info *si, const char *title, int msglevel)
Definition: sig.c:130
struct env_set * env_set_create(struct gc_arena *gc)
Definition: env_set.c:158
#define OPT_P_DEFAULT
Definition: options.h:689
unsigned int management_flags
Definition: options.h:392
struct options options
Options loaded from command line or configuration file.
Definition: openvpn.h:505
void init_verb_mute(struct context *c, unsigned int flags)
Definition: init.c:1017
const char * chroot_dir
Definition: options.h:306
#define PERF_EVENT_LOOP
Definition: perf.h:44
#define M_INFO
Definition: errlevel.h:55
Contains all state information for one tunnel.
Definition: openvpn.h:503
static void tunnel_point_to_point(struct context *c)
Main event loop for OpenVPN in client mode, where only one VPN tunnel is active.
Definition: openvpn.c:59
struct env_set * es
Set of environment variables.
Definition: openvpn.h:526
#define M_USAGE
Definition: error.h:111
void remap_signal(struct context *c)
Definition: sig.c:375
void openvpn_exit(const int status)
Definition: error.c:737
void close_instance(struct context *c)
Definition: init.c:4439
#define SIGUSR1
Definition: config-msvc.h:152
static void perf_pop(void)
Definition: perf.h:82
static void perf_push(int type)
Definition: perf.h:78
struct signal_info * sig
Internal error signaling object.
Definition: openvpn.h:530
void open_plugins(struct context *c, const bool import_options, int init_point)
Definition: init.c:3871
void pre_select(struct context *c)
Definition: forward.c:1799
int wmain(int argc, wchar_t *wargv[])
Definition: openvpn.c:332
void init_query_passwords(const struct context *c)
Query for private key and auth-user-pass username/passwords.
Definition: init.c:576
#define SIGHUP
Definition: config-msvc.h:150
#define ASSERT(x)
Definition: error.h:221
void close_management(void)
Definition: init.c:4077
#define ES_TIMEOUT
Definition: openvpn.h:258
bool init_static(void)
Definition: init.c:770
#define MODE_SERVER
Definition: options.h:205
bool print_openssl_info(const struct options *options)
Definition: init.c:1050
void init_instance_handle_signals(struct context *c, const struct env_set *env, const unsigned int flags)
Definition: init.c:4105
void pre_init_signal_catch(void)
Definition: sig.c:239
void init_options_dev(struct options *options)
Definition: init.c:1040
void write_pid_file(const char *filename, const char *chroot_dir)
Definition: init.c:4678
openvpn_net_ctx_t net_ctx
Networking API opaque context.
Definition: openvpn.h:528
bool open_management(struct context *c)
Definition: init.c:4026
#define CLEAR(x)
Definition: basic.h:33
void context_gc_free(struct context *c)
Definition: init.c:731
bool do_genkey(const struct options *options)
Definition: init.c:1089
void set_win_sys_path_via_env(struct env_set *es)
Definition: win32.c:1224
int mode
Definition: options.h:206
int main(void)
Definition: test.c:49
#define malloc
Definition: cmocka.c:1795
static void gc_init(struct gc_arena *a)
Definition: buffer.h:1002
static int net_ctx_init(struct context *c, openvpn_net_ctx_t *ctx)
Definition: networking.h:38
void uninit_static(void)
Definition: init.c:999
static bool process_signal_p2p(struct context *c)
Definition: openvpn.c:43
bool possibly_become_daemon(const struct options *options)
Definition: init.c:1213
#define OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE
static void io_wait(struct context *c, const unsigned int flags)
Definition: forward.h:392
void init_plugins(struct context *c)
Definition: init.c:3861
void process_io(struct context *c)
Definition: forward.c:2082
#define msg
Definition: error.h:173
Interface functions to the internal and external multiplexers.
#define IS_SIG(c)
Definition: sig.h:50
bool do_persist_tuntap(const struct options *options, openvpn_net_ctx_t *ctx)
Definition: init.c:1172
struct context_2 c2
Level 2 context.
Definition: openvpn.h:544
const char * writepid
Definition: options.h:311
void env_set_destroy(struct env_set *es)
Definition: env_set.c:168
void show_library_versions(const unsigned int flags)
Definition: options.c:4331
void context_clear_all_except_first_time(struct context *c)
Definition: init.c:91
void show_windows_version(const unsigned int flags)
Definition: options.c:4322
void context_init_1(struct context *c)
Definition: init.c:682
bool process_signal(struct context *c)
Definition: sig.c:436
void signal_restart_status(const struct signal_info *si)
Definition: sig.c:184
void tunnel_server(struct context *top)
Main event loop for OpenVPN in server mode.
Definition: multi.c:4057
#define MODE_POINT_TO_POINT
Definition: options.h:204
#define MF_QUERY_PASSWORDS
Definition: manage.h:337
void pre_setup(const struct options *options)
Definition: init.c:1342
volatile int signal_received
Definition: sig.h:45
void init_options(struct options *o, const bool init_gc)
Definition: options.c:794
void show_settings(const struct options *o)
Definition: options.c:1526
void uninit_options(struct options *o)
Definition: options.c:904
int mode
Role of this context within the OpenVPN process.
Definition: openvpn.h:517
bool do_test_crypto(const struct options *o)
Definition: init.c:4745
static void net_ctx_free(openvpn_net_ctx_t *ctx)
Definition: networking.h:50
void context_clear_2(struct context *c)
Definition: init.c:85
#define P2P_CHECK_SIG()
Definition: openvpn.c:40
bool first_time
True on the first iteration of OpenVPN&#39;s main loop.
Definition: openvpn.h:508
#define IVM_LEVEL_1
Definition: init.h:49
#define free
Definition: cmocka.c:1850
void init_management(void)
Definition: init.c:4017
static unsigned int p2p_iow_flags(const struct context *c)
Definition: forward.h:367
struct gc_arena gc
Garbage collection arena for allocations done in the scope of this context structure.
Definition: openvpn.h:522
void setenv_settings(struct env_set *es, const struct options *o)
Definition: options.c:990
static void gc_reset(struct gc_arena *a)
Definition: buffer.h:1036
Definition: argv.h:35
bool did_we_daemonize
Whether demonization has already taken place.
Definition: openvpn.h:537
void parse_argv(struct options *options, const int argc, char *argv[], const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
Definition: options.c:4845
unsigned int event_set_status
Definition: openvpn.h:267
#define CM_P2P
Definition: openvpn.h:512
#define OPENVPN_EXIT_STATUS_GOOD
Definition: error.h:55
const char title_string[]
Definition: options.c:67
#define CC_HARD_USR1_TO_HUP
Definition: init.h:108
void uninit_management_callback(void)
Definition: init.c:4090
void options_postprocess(struct options *options)
Definition: options.c:3535