OpenVPN
Data Structures | Macros | Functions | Variables
options.c File Reference
#include "syshead.h"
#include "buffer.h"
#include "error.h"
#include "common.h"
#include "run_command.h"
#include "shaper.h"
#include "crypto.h"
#include "ssl.h"
#include "options.h"
#include "misc.h"
#include "socket.h"
#include "packet_id.h"
#include "pkcs11.h"
#include "win32.h"
#include "push.h"
#include "pool.h"
#include "helper.h"
#include "manage.h"
#include "forward.h"
#include "ssl_verify.h"
#include "platform.h"
#include <ctype.h>
#include "memdbg.h"
Include dependency graph for options.c:

Go to the source code of this file.

Data Structures

struct  pull_filter
 
struct  pull_filter_list
 
struct  in_src
 

Macros

#define PUF_TYPE_UNDEF   0 /** undefined filter type */
 
#define PUF_TYPE_ACCEPT   1 /** filter type to accept a matching option */
 
#define PUF_TYPE_IGNORE   2 /** filter type to ignore a matching option */
 
#define PUF_TYPE_REJECT   3 /** filter type to reject and trigger SIGUSR1 */
 
#define SHOW_PARM(name, value, format)   msg(D_SHOW_PARMS, " " #name " = " format, (value))
 
#define SHOW_STR(var)   SHOW_PARM(var, (o->var ? o->var : "[UNDEF]"), "'%s'")
 
#define SHOW_INT(var)   SHOW_PARM(var, o->var, "%d")
 
#define SHOW_UINT(var)   SHOW_PARM(var, o->var, "%u")
 
#define SHOW_UNSIGNED(var)   SHOW_PARM(var, o->var, "0x%08x")
 
#define SHOW_BOOL(var)   SHOW_PARM(var, (o->var ? "ENABLED" : "DISABLED"), "%s");
 
#define MUST_BE_UNDEF(parm)
 
#define CHKACC_FILE   (1<<0) /** Check for a file/directory presence */
 Expect people using the stripped down version to know what they do. More...
 
#define CHKACC_DIRPATH   (1<<1) /** Check for directory presence where a file should reside */
 
#define CHKACC_FILEXSTWR   (1<<2) /** If file exists, is it writable? */
 
#define CHKACC_INLINE   (1<<3) /** File is present if it's an inline file */
 
#define CHKACC_ACPTSTDIN   (1<<4) /** If filename is stdin, it's allowed and "exists" */
 
#define CHKACC_PRIVATE   (1<<5) /** Warn if this (private) file is group/others accessible */
 
#define TLS_CLIENT   (o->tls_client)
 
#define TLS_SERVER   (o->tls_server)
 
#define LZO_LIB_VER_STR   "", ""
 
#define IS_TYPE_FP   1
 
#define IS_TYPE_BUF   2
 
#define VERIFY_PERMISSION(mask)   { if (!verify_permission(p[0], file, line, (mask), permission_mask, option_types_found, msglevel, options)) {goto err;}}
 
#define NM_QUOTE_HINT   (1<<0)
 

Functions

void init_options (struct options *o, const bool init_gc)
 
void uninit_options (struct options *o)
 
static const char * pull_filter_type_name (int type)
 
static void setenv_connection_entry (struct env_set *es, const struct connection_entry *e, const int i)
 
void setenv_settings (struct env_set *es, const struct options *o)
 
static in_addr_t get_ip_addr (const char *ip_string, int msglevel, bool *error)
 
static char * get_ipv6_addr_no_netbits (const char *addr, struct gc_arena *gc)
 Returns newly allocated string containing address part without "/nn". More...
 
static bool ipv6_addr_safe_hexplusbits (const char *ipv6_prefix_spec)
 
static char * string_substitute (const char *src, int from, int to, struct gc_arena *gc)
 
static uint8_tparse_hash_fingerprint (const char *str, int nbytes, int msglevel, struct gc_arena *gc)
 
static void show_dhcp_option_addrs (const char *name, const in_addr_t *array, int len)
 
static void show_tuntap_options (const struct tuntap_options *o)
 
static void dhcp_option_dns6_parse (const char *parm, struct in6_addr *dns6_list, int *len, int msglevel)
 
static void dhcp_option_address_parse (const char *name, const char *parm, in_addr_t *array, int *len, int msglevel)
 
static void show_p2mp_parms (const struct options *o)
 
static void option_iroute (struct options *o, const char *network_str, const char *netmask_str, int msglevel)
 
static void option_iroute_ipv6 (struct options *o, const char *prefix_str, int msglevel)
 
static void show_http_proxy_options (const struct http_proxy_options *o)
 
void options_detach (struct options *o)
 
void rol_check_alloc (struct options *options)
 
static void rol6_check_alloc (struct options *options)
 
static void cnol_check_alloc (struct options *options)
 
static void show_connection_entry (const struct connection_entry *o)
 
static void show_connection_entries (const struct options *o)
 
static void show_pull_filter_list (const struct pull_filter_list *l)
 
void show_settings (const struct options *o)
 
static struct http_proxy_optionsparse_http_proxy_override (const char *server, const char *port, const char *flags, const int msglevel, struct gc_arena *gc)
 
static void options_postprocess_http_proxy_override (struct options *o)
 
static struct connection_listalloc_connection_list_if_undef (struct options *options)
 
static struct connection_entryalloc_connection_entry (struct options *options, const int msglevel)
 
static struct remote_listalloc_remote_list_if_undef (struct options *options)
 
static struct remote_entryalloc_remote_entry (struct options *options, const int msglevel)
 
static struct pull_filter_listalloc_pull_filter_list (struct options *o)
 
static struct pull_filteralloc_pull_filter (struct options *o, const int msglevel)
 
static void connection_entry_load_re (struct connection_entry *ce, const struct remote_entry *re)
 
static void options_postprocess_verify_ce (const struct options *options, const struct connection_entry *ce)
 
static void options_postprocess_mutate_ce (struct options *o, struct connection_entry *ce)
 
static void remap_redirect_gateway_flags (struct options *opt)
 
static void options_postprocess_mutate_invariant (struct options *options)
 
static void options_postprocess_verify (const struct options *o)
 
static void options_postprocess_mutate (struct options *o)
 
static bool check_file_access (const int type, const char *file, const int mode, const char *opt)
 
static bool check_file_access_chroot (const char *chroot, const int type, const char *file, const int mode, const char *opt)
 
static bool check_cmd_access (const char *command, const char *opt, const char *chroot)
 
static void options_postprocess_filechecks (struct options *options)
 
void options_postprocess (struct options *options)
 
void pre_pull_save (struct options *o)
 
void pre_pull_restore (struct options *o, struct gc_arena *gc)
 
static size_t calc_options_string_link_mtu (const struct options *o, const struct frame *frame)
 Calculate the link-mtu to advertise to our peer. More...
 
char * options_string (const struct options *o, const struct frame *frame, struct tuntap *tt, bool remote, struct gc_arena *gc)
 
bool options_cmp_equal (char *actual, const char *expected)
 
void options_warning (char *actual, const char *expected)
 
static const char * options_warning_extract_parm1 (const char *option_string, struct gc_arena *gc_ret)
 
static void options_warning_safe_scan2 (const int msglevel, const int delim, const bool report_inconsistent, const char *p1, const struct buffer *b2_src, const char *b1_name, const char *b2_name)
 
static void options_warning_safe_scan1 (const int msglevel, const int delim, const bool report_inconsistent, const struct buffer *b1_src, const struct buffer *b2_src, const char *b1_name, const char *b2_name)
 
static void options_warning_safe_ml (const int msglevel, char *actual, const char *expected, size_t actual_n)
 
bool options_cmp_equal_safe (char *actual, const char *expected, size_t actual_n)
 
void options_warning_safe (char *actual, const char *expected, size_t actual_n)
 
const char * options_string_version (const char *s, struct gc_arena *gc)
 
char * options_string_extract_option (const char *options_string, const char *opt_name, struct gc_arena *gc)
 Given an OpenVPN options string, extract the value of an option. More...
 
static void foreign_option (struct options *o, char *argv[], int len, struct env_set *es)
 
int parse_topology (const char *str, const int msglevel)
 
const char * print_topology (const int topology)
 
int auth_retry_get (void)
 
bool auth_retry_set (const int msglevel, const char *option)
 
const char * auth_retry_print (void)
 
static void usage (void)
 
void usage_small (void)
 
void show_windows_version (const unsigned int flags)
 
void show_library_versions (const unsigned int flags)
 
static void usage_version (void)
 
void notnull (const char *arg, const char *description)
 
bool string_defined_equal (const char *s1, const char *s2)
 
static int positive_atoi (const char *str)
 
static unsigned int atou (const char *str)
 
static bool space (unsigned char c)
 
int parse_line (const char *line, char *p[], const int n, const char *file, const int line_num, int msglevel, struct gc_arena *gc)
 
static void bypass_doubledash (char **p)
 
static bool in_src_get (const struct in_src *is, char *line, const int size)
 
static char * read_inline_file (struct in_src *is, const char *close_tag, struct gc_arena *gc)
 
static bool check_inline_file (struct in_src *is, char *p[], struct gc_arena *gc)
 
static bool check_inline_file_via_fp (FILE *fp, char *p[], struct gc_arena *gc)
 
static bool check_inline_file_via_buf (struct buffer *multiline, char *p[], struct gc_arena *gc)
 
static void add_option (struct options *options, char *p[], const char *file, int line, const int level, const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
 
static void read_config_file (struct options *options, const char *file, int level, const char *top_file, const int top_line, const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
 
static void read_config_string (const char *prefix, struct options *options, const char *config, const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
 
void parse_argv (struct options *options, const int argc, char *argv[], const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
 
static bool apply_pull_filter (const struct options *o, char *line)
 Filter an option line by all pull filters. More...
 
bool apply_push_options (struct options *options, struct buffer *buf, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
 
void options_server_import (struct options *o, const char *filename, int msglevel, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
 
void options_string_import (struct options *options, const char *config, const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
 
static bool verify_permission (const char *name, const char *file, int line, const unsigned int type, const unsigned int allowed, unsigned int *found, const int msglevel, struct options *options)
 
static bool no_more_than_n_args (const int msglevel, char *p[], const int max, const unsigned int flags)
 
static int msglevel_forward_compatible (struct options *options, const int msglevel)
 
static void set_user_script (struct options *options, const char **script, const char *new_script, const char *type, bool in_chroot)
 

Variables

const char title_string []
 
static const char usage_message []
 
static int global_auth_retry
 

Macro Definition Documentation

◆ CHKACC_ACPTSTDIN

#define CHKACC_ACPTSTDIN   (1<<4) /** If filename is stdin, it's allowed and "exists" */

Definition at line 3091 of file options.c.

Referenced by check_file_access(), and options_postprocess_filechecks().

◆ CHKACC_DIRPATH

#define CHKACC_DIRPATH   (1<<1) /** Check for directory presence where a file should reside */

Definition at line 3088 of file options.c.

Referenced by check_file_access(), and options_postprocess_filechecks().

◆ CHKACC_FILE

#define CHKACC_FILE   (1<<0) /** Check for a file/directory presence */

Expect people using the stripped down version to know what they do.

Definition at line 3087 of file options.c.

Referenced by check_cmd_access(), check_file_access(), and options_postprocess_filechecks().

◆ CHKACC_FILEXSTWR

#define CHKACC_FILEXSTWR   (1<<2) /** If file exists, is it writable? */

Definition at line 3089 of file options.c.

Referenced by check_file_access(), and options_postprocess_filechecks().

◆ CHKACC_INLINE

#define CHKACC_INLINE   (1<<3) /** File is present if it's an inline file */

Definition at line 3090 of file options.c.

Referenced by check_file_access(), and options_postprocess_filechecks().

◆ CHKACC_PRIVATE

#define CHKACC_PRIVATE   (1<<5) /** Warn if this (private) file is group/others accessible */

Definition at line 3092 of file options.c.

Referenced by check_file_access(), and options_postprocess_filechecks().

◆ IS_TYPE_BUF

#define IS_TYPE_BUF   2

Definition at line 4415 of file options.c.

Referenced by check_inline_file_via_buf(), and in_src_get().

◆ IS_TYPE_FP

#define IS_TYPE_FP   1

Definition at line 4414 of file options.c.

Referenced by check_inline_file_via_fp(), and in_src_get().

◆ LZO_LIB_VER_STR

#define LZO_LIB_VER_STR   "", ""

Referenced by show_library_versions().

◆ MUST_BE_UNDEF

#define MUST_BE_UNDEF (   parm)
Value:
if (options->parm != defaults.parm) {msg(M_USAGE, err, #parm); \
}
#define M_USAGE
Definition: error.h:111
#define msg
Definition: error.h:173

Referenced by options_postprocess_verify_ce().

◆ NM_QUOTE_HINT

#define NM_QUOTE_HINT   (1<<0)

Definition at line 4871 of file options.c.

Referenced by add_option(), and no_more_than_n_args().

◆ PUF_TYPE_ACCEPT

#define PUF_TYPE_ACCEPT   1 /** filter type to accept a matching option */

Definition at line 927 of file options.c.

Referenced by add_option(), apply_pull_filter(), and pull_filter_type_name().

◆ PUF_TYPE_IGNORE

#define PUF_TYPE_IGNORE   2 /** filter type to ignore a matching option */

Definition at line 928 of file options.c.

Referenced by add_option(), apply_pull_filter(), and pull_filter_type_name().

◆ PUF_TYPE_REJECT

#define PUF_TYPE_REJECT   3 /** filter type to reject and trigger SIGUSR1 */

Definition at line 929 of file options.c.

Referenced by add_option(), apply_pull_filter(), and pull_filter_type_name().

◆ PUF_TYPE_UNDEF

#define PUF_TYPE_UNDEF   0 /** undefined filter type */

Definition at line 926 of file options.c.

◆ SHOW_BOOL

#define SHOW_BOOL (   var)    SHOW_PARM(var, (o->var ? "ENABLED" : "DISABLED"), "%s");

◆ SHOW_INT

#define SHOW_INT (   var)    SHOW_PARM(var, o->var, "%d")

◆ SHOW_PARM

#define SHOW_PARM (   name,
  value,
  format 
)    msg(D_SHOW_PARMS, " " #name " = " format, (value))

Definition at line 965 of file options.c.

Referenced by show_connection_entry(), and show_settings().

◆ SHOW_STR

#define SHOW_STR (   var)    SHOW_PARM(var, (o->var ? o->var : "[UNDEF]"), "'%s'")

◆ SHOW_UINT

#define SHOW_UINT (   var)    SHOW_PARM(var, o->var, "%u")

Definition at line 968 of file options.c.

◆ SHOW_UNSIGNED

#define SHOW_UNSIGNED (   var)    SHOW_PARM(var, o->var, "0x%08x")

Definition at line 969 of file options.c.

◆ TLS_CLIENT

#define TLS_CLIENT   (o->tls_client)

Referenced by options_string().

◆ TLS_SERVER

#define TLS_SERVER   (o->tls_server)

Referenced by options_string().

◆ VERIFY_PERMISSION

#define VERIFY_PERMISSION (   mask)    { if (!verify_permission(p[0], file, line, (mask), permission_mask, option_types_found, msglevel, options)) {goto err;}}

Definition at line 4813 of file options.c.

Referenced by add_option().

Function Documentation

◆ add_option()

static void add_option ( struct options options,
char *  p[],
const char *  file,
int  line,
const int  level,
const int  msglevel,
const unsigned int  permission_mask,
unsigned int *  option_types_found,
struct env_set es 
)
static

Definition at line 4939 of file options.c.

References add_client_nat_to_option_list(), add_route_ipv6_to_option_list(), add_route_to_option_list(), connection_entry::af, remote_entry::af, ALLOC_ARRAY_GC, alloc_buf_gc(), alloc_connection_entry(), alloc_pull_filter(), alloc_remote_entry(), options::allow_pull_fqdn, options::allow_recursive_routing, ascii2af(), ascii2ipset(), ascii2keydirection(), ascii2proto(), ASSERT, atou(), http_proxy_options::auth_file, http_proxy_options::auth_method_string, http_proxy_options::auth_retry, auth_retry_set(), options::auth_token_generate, options::auth_token_lifetime, options::auth_user_pass_file, options::auth_user_pass_verify_script, options::auth_user_pass_verify_script_via_file, options::authname, connection_entry::bind_defined, connection_entry::bind_ipv6_only, connection_entry::bind_local, options::block_ipv6, options::block_outside_dns, BOOL_CAST, BSTR, buf_printf(), options::ca_file, options::ca_file_inline, options::ca_path, options::ccd_exclusive, options::cd_dir, options::ce, options::cert_file, options::cert_file_inline, options::cf_max, options::cf_per, static_challenge_info::challenge_text, options::chroot_dir, options::cipher_list, options::cipher_list_tls13, options::ciphername, options::client, options::client_config_dir, options::client_connect_script, options::client_disconnect_script, options::client_nat, cnol_check_alloc(), options::config, options::connect_retry_max, connection_entry::connect_retry_seconds, connection_entry::connect_retry_seconds_max, connection_entry::connect_timeout, connection_entry_load_re(), http_custom_header::content, options::crl_file, options::crl_file_inline, http_proxy_options::custom_headers, D_PUSH, options::daemon, options::dev, options::dev_node, options::dev_type, options::dh_file, options::dh_file_inline, tuntap_options::dhcp_lease_time, tuntap_options::dhcp_masq_custom_offset, tuntap_options::dhcp_masq_offset, dhcp_option_address_parse(), dhcp_option_dns6_parse(), tuntap_options::dhcp_options, tuntap_options::dhcp_pre_release, dhcp_release_by_adapter_index(), tuntap_options::dhcp_renew, dhcp_renew_by_adapter_index(), options::disable, tuntap_options::disable_nbt, tuntap_options::dns, tuntap_options::dns6, tuntap_options::dns6_len, tuntap_options::dns_len, tuntap_options::domain, options::down_pre, options::down_script, options::duplicate_cn, options::ecdh_curve, options::enable_c2c, options::engine, errors_to_stderr(), options::exit_event_initial_state, options::exit_event_name, connection_entry::explicit_exit_notification, options::extra_certs_file, options::extra_certs_file_inline, http-client::f, false, options::fast_io, route_option_list::flags, static_challenge_info::flags, route_ipv6_option_list::flags, foreign_option(), options::forward_compatible, connection_entry::fragment, options::gc, gc_free(), gc_new(), gc_transfer(), options::genkey, get_default_gateway(), get_default_gateway_ipv6(), get_ip_addr(), get_ipv6_addr(), get_ipv6_addr_no_netbits(), getaddr(), GETADDR_HOST_ORDER, GETADDR_RESOLVE, options::groupname, options::handshake_window, connection_entry::http_proxy_options, options::http_proxy_override, http_proxy_options::http_version, options::ifconfig_ipv6_local, options::ifconfig_ipv6_netbits, options::ifconfig_ipv6_pool_base, options::ifconfig_ipv6_pool_defined, options::ifconfig_ipv6_pool_netbits, options::ifconfig_ipv6_remote, options::ifconfig_local, options::ifconfig_noexec, options::ifconfig_nowarn, options::ifconfig_pool_defined, options::ifconfig_pool_end, options::ifconfig_pool_netmask, options::ifconfig_pool_persist_filename, options::ifconfig_pool_persist_refresh_freq, options::ifconfig_pool_start, ifconfig_pool_verify_range(), options::ifconfig_remote_netmask, options::ignore_unknown_option, in_addr_t, options::inactivity_minimum_bytes, options::inactivity_timeout, options::inetd, INETD_NOWAIT, INETD_WAIT, init_http_proxy_options_once(), init_options(), http_proxy_options::inline_creds, INLINE_FILE_TAG, ip_addr_dotted_quad_safe(), ip_or_dns_addr_safe(), options::ip_remote_hint, tuntap_options::ip_win32_defined, tuntap_options::ip_win32_type, options::ipchange, ipconfig_register_dns(), ipset2ascii_all(), ipv6_addr_safe(), ipv6_addr_safe_hexplusbits(), IPW32_SET_ADAPTIVE, IPW32_SET_ADAPTIVE_DELAY_WINDOW, IPW32_SET_DHCP_MASQ, is_special_addr(), options::keepalive_ping, options::keepalive_timeout, connection_entry::key_direction, options::key_direction, KEY_DIRECTION_BIDIRECTIONAL, options::key_method, KEY_METHOD_MAX, KEY_METHOD_MIN, options::key_pass_file, options::keysize, options::learn_address_script, connection_entry::link_mtu, connection_entry::link_mtu_defined, options::lladdr, connection_entry::local, connection_entry::local_port, connection_entry::local_port_defined, options::log, M_ERR, M_INFO, M_NOPREFIX, M_WARN, mac_addr_safe(), options::machine_readable_output, options::management_addr, management_auth_token(), options::management_certificate, options::management_client_group, options::management_client_user, management_echo(), options::management_flags, options::management_log_history_cache, options::management_port, options::management_user_pass, options::management_write_peer_info_file, options::mark, MAX_CIPHER_KEY_LENGTH, options::max_clients, MAX_CUSTOM_HTTP_HEADER, max_int(), MAX_PARMS, MAX_PEER_ID, options::max_routes_per_client, MAX_SEQ_BACKTRACK, MAX_TIME_BACKTRACK, MD_SHA1, MD_SHA256, MF_CONNECT_AS_CLIENT, MF_EXTERNAL_CERT, MF_EXTERNAL_KEY, MF_FORGET_DISCONNECT, MF_HOLD, MF_QUERY_PASSWORDS, MF_QUERY_PROXY, MF_QUERY_REMOTE, MF_SIGNAL, MF_UNIX_SOCK, MF_UP_DOWN, MIN_SEQ_BACKTRACK, MIN_TIME_BACKTRACK, options::mlock, options::mode, MODE_POINT_TO_POINT, MODE_SERVER, msg, options::msg_channel, msglevel_forward_compatible(), connection_entry::mssfix, connection_entry::mssfix_default, connection_entry::mtu_discover_type, options::mtu_test, options::mute, options::mute_replay_warnings, options::n_bcast_buf, http_custom_header::name, tuntap_options::nbdd, tuntap_options::nbdd_len, options::ncp_ciphers, options::ncp_enabled, tuntap_options::netbios_node_type, tuntap_options::netbios_scope, options::nice, NM_QUOTE_HINT, no_more_than_n_args(), NONCE_SECRET_LEN_MAX, NONCE_SECRET_LEN_MIN, NS_CERT_CHECK_CLIENT, NS_CERT_CHECK_SERVER, options::ns_cert_type, tuntap_options::ntp, tuntap_options::ntp_len, options::occ, open_syslog(), openvpn_exit(), OPENVPN_EXIT_STATUS_GOOD, OPENVPN_KU_REQUIRED, OPT_P_COMP, OPT_P_CONFIG, OPT_P_CONNECTION, OPT_P_ECHO, OPT_P_EXPLICIT_NOTIFY, OPT_P_GENERAL, OPT_P_INHERIT, OPT_P_INSTANCE, OPT_P_IPWIN32, OPT_P_MESSAGES, OPT_P_MTU, OPT_P_NCP, OPT_P_NICE, OPT_P_PEER_ID, OPT_P_PERSIST, OPT_P_PERSIST_IP, OPT_P_PLUGIN, OPT_P_PULL_MODE, OPT_P_PUSH, OPT_P_ROUTE, OPT_P_ROUTE_EXTRAS, OPT_P_SCRIPT, OPT_P_SETENV, OPT_P_SHAPER, OPT_P_SOCKBUF, OPT_P_SOCKFLAGS, OPT_P_TIMER, OPT_P_TLS_PARMS, OPT_P_UP, option_iroute(), option_iroute_ipv6(), OPTION_PARM_SIZE, PACKAGE_VERSION, options::packet_id_file, PAR_ALL, PAR_NCT, parse_hash_fingerprint(), parse_http_proxy_override(), parse_topology(), pull_filter::pattern, options::peer_id, options::persist_config, options::persist_key, options::persist_local_ip, options::persist_mode, options::persist_remote_ip, options::persist_tun, PING_EXIT, options::ping_rec_timeout, options::ping_rec_timeout_action, PING_RESTART, options::ping_send_timeout, options::ping_timer_remote, options::pkcs12_file, options::pkcs12_file_inline, platform_chdir(), options::plugin_list, plugin_option_list_add(), plugin_option_list_new(), http_proxy_options::port, positive_atoi(), print_default_gateway(), options::priv_key_file, options::priv_key_file_inline, options::prng_hash, options::prng_nonce_secret_len, connection_entry::proto, remote_entry::proto, proto2ascii_all(), options::proto_force, PUF_TYPE_ACCEPT, PUF_TYPE_IGNORE, PUF_TYPE_REJECT, options::pull, options::push_continuation, options::push_ifconfig_constraint_defined, options::push_ifconfig_constraint_netmask, options::push_ifconfig_constraint_network, options::push_ifconfig_defined, options::push_ifconfig_ipv6_blocked, options::push_ifconfig_ipv6_defined, options::push_ifconfig_ipv6_local, options::push_ifconfig_ipv6_netbits, options::push_ifconfig_ipv6_remote, options::push_ifconfig_local, options::push_ifconfig_local_alias, options::push_ifconfig_remote_netmask, push_options(), options::push_peer_info, push_remove_option(), push_reset(), options::rcvbuf, read_config_file(), read_config_string(), options::real_hash_size, redirect_stdout_stderr(), tuntap_options::register_dns, remap_redirect_gateway_flags(), options::remap_sigusr1, connection_entry::remote, remote_entry::remote, options::remote_cert_eku, options::remote_cert_ku, connection_entry::remote_float, connection_entry::remote_port, remote_entry::remote_port, options::remote_random, options::renegotiate_bytes, options::renegotiate_packets, options::renegotiate_seconds, options::renegotiate_seconds_min, options::replay, options::replay_time, options::replay_window, RESOLV_RETRY_INFINITE, options::resolve_in_advance, options::resolve_retry_seconds, RG_AUTO_LOCAL, RG_BLOCK_LOCAL, RG_BYPASS_DHCP, RG_BYPASS_DNS, RG_DEF1, RG_ENABLE, RG_LOCAL, RG_REROUTE_GW, rol6_check_alloc(), rol_check_alloc(), options::route_default_gateway, options::route_default_metric, options::route_delay, options::route_delay_defined, options::route_delay_window, options::route_gateway_via_dhcp, options::route_ipv6_default_gateway, options::route_method, ROUTE_METHOD_ADAPTIVE, ROUTE_METHOD_EXE, ROUTE_METHOD_IPAPI, ROUTE_METHOD_SERVICE, options::route_noexec, options::route_nopull, options::route_predown_script, options::route_script, options::routes, options::routes_ipv6, save_inetd_socket_descriptor(), SC_ECHO, options::sc_info, script_security_set(), SDL_CONSTRAIN, http_proxy_options::server, options::server_bridge_defined, options::server_bridge_ip, options::server_bridge_netmask, options::server_bridge_pool_end, options::server_bridge_pool_start, options::server_bridge_proxy_dhcp, options::server_defined, options::server_flags, options::server_ipv6_defined, options::server_netbits_ipv6, options::server_netmask, options::server_network, options::server_network_ipv6, set_debug_level(), set_machine_readable_output(), set_pause_exit_win32(), set_suppress_timestamps(), set_user_script(), set_win_sys_path(), setenv_str(), setenv_str_safe(), SF_HOST_RANDOMIZE, SF_NO_PUSH_ROUTE_GATEWAY, SF_NOPOOL, SF_TCP_NODELAY, SF_TCP_NODELAY_HELPER, SF_USE_IP_PKTINFO, SHA256_DIGEST_LENGTH, SHA_DIGEST_LENGTH, options::shared_secret_file, options::shared_secret_file_inline, show_adapters(), options::show_ciphers, options::show_curves, options::show_digests, options::show_engines, options::show_net_up, show_routes(), show_tap_win_adapters(), options::show_tls_ciphers, show_valid_win32_tun_subnets(), SIGHUP, SIGTERM, options::single_session, pull_filter::size, sleep, options::sndbuf, options::sockflags, connection_entry::socks_proxy_authfile, connection_entry::socks_proxy_port, connection_entry::socks_proxy_server, options::ssl_flags, ssl_set_auth_nocache(), ssl_set_auth_token(), SSLF_AUTH_USER_PASS_OPTIONAL, SSLF_CLIENT_CERT_NOT_REQUIRED, SSLF_CLIENT_CERT_OPTIONAL, SSLF_CRL_VERIFY_DIR, SSLF_OPT_VERIFY, SSLF_TLS_VERSION_MAX_MASK, SSLF_TLS_VERSION_MAX_SHIFT, SSLF_TLS_VERSION_MIN_MASK, SSLF_TLS_VERSION_MIN_SHIFT, SSLF_USERNAME_AS_COMMON_NAME, options::stale_routes_ageing_time, options::stale_routes_check_interval, options::status_file, options::status_file_update_freq, options::status_file_version, streq, string_substitute(), options::suppress_timestamps, tap_allow_nonadmin_access(), tuntap_options::tap_sleep, options::tcp_queue_limit, options::test_crypto, connection_entry::tls_auth_file, options::tls_auth_file, connection_entry::tls_auth_file_inline, options::tls_auth_file_inline, options::tls_cert_profile, options::tls_client, connection_entry::tls_crypt_file, options::tls_crypt_file, connection_entry::tls_crypt_inline, options::tls_crypt_inline, connection_entry::tls_crypt_v2_file, options::tls_crypt_v2_file, options::tls_crypt_v2_genkey_file, options::tls_crypt_v2_genkey_type, connection_entry::tls_crypt_v2_inline, options::tls_crypt_v2_inline, options::tls_crypt_v2_metadata, options::tls_crypt_v2_verify_script, options::tls_exit, options::tls_export_cert, options::tls_server, options::tls_timeout, TLS_VER_BAD, options::tls_verify, tls_version_parse(), options::tmp_dir, TOP_P2P, options::topology, options::transition_window, translate_mtu_discover_type_name(), connection_entry::tun_mtu, connection_entry::tun_mtu_defined, connection_entry::tun_mtu_extra, connection_entry::tun_mtu_extra_defined, options::tuntap_options, pull_filter::type, uninit_options(), options::up_delay, options::up_restart, options::up_script, usage(), usage_version(), options::use_peer_id, http_proxy_options::user_agent, options::username, options::verbosity, options::verify_hash, options::verify_hash_algo, VERIFY_PERMISSION, options::verify_x509_name, VERIFY_X509_SUBJECT_DN, VERIFY_X509_SUBJECT_RDN, VERIFY_X509_SUBJECT_RDN_PREFIX, options::verify_x509_type, options::virtual_hash_size, tuntap_options::wins, tuntap_options::wins_len, options::writepid, options::x509_track, and x509_track_add().

Referenced by apply_push_options(), check_inline_file_via_buf(), parse_argv(), read_config_file(), and read_config_string().

◆ alloc_connection_entry()

static struct connection_entry* alloc_connection_entry ( struct options options,
const int  msglevel 
)
static

◆ alloc_connection_list_if_undef()

static struct connection_list* alloc_connection_list_if_undef ( struct options options)
static

Definition at line 1873 of file options.c.

References ALLOC_OBJ_CLEAR_GC, options::connection_list, and options::gc.

Referenced by alloc_connection_entry().

◆ alloc_pull_filter()

static struct pull_filter* alloc_pull_filter ( struct options o,
const int  msglevel 
)
static

◆ alloc_pull_filter_list()

static struct pull_filter_list* alloc_pull_filter_list ( struct options o)
static

Definition at line 1925 of file options.c.

References ALLOC_OBJ_CLEAR_GC, options::gc, and options::pull_filter_list.

Referenced by alloc_pull_filter().

◆ alloc_remote_entry()

static struct remote_entry* alloc_remote_entry ( struct options options,
const int  msglevel 
)
static

◆ alloc_remote_list_if_undef()

static struct remote_list* alloc_remote_list_if_undef ( struct options options)
static

Definition at line 1899 of file options.c.

References ALLOC_OBJ_CLEAR_GC, options::gc, and options::remote_list.

Referenced by alloc_remote_entry().

◆ apply_pull_filter()

static bool apply_pull_filter ( const struct options o,
char *  line 
)
static

Filter an option line by all pull filters.

If a match is found, the line is modified depending on the filter type, and returns true. If the filter type is reject, SIGUSR1 is triggered and the return value is false. In that case the caller must end the push processing.

Definition at line 4718 of file options.c.

References D_LOW, D_PUSH, http-client::f, pull_filter_list::head, M_WARN, msg, pull_filter::next, pull_filter::pattern, PUF_TYPE_ACCEPT, PUF_TYPE_IGNORE, PUF_TYPE_REJECT, options::pull_filter_list, SIGUSR1, pull_filter::size, throw_signal_soft(), and pull_filter::type.

Referenced by apply_push_options().

◆ apply_push_options()

bool apply_push_options ( struct options options,
struct buffer buf,
unsigned int  permission_mask,
unsigned int *  option_types_found,
struct env_set es 
)

◆ atou()

static unsigned int atou ( const char *  str)
static

Definition at line 4216 of file options.c.

Referenced by add_option().

◆ auth_retry_get()

int auth_retry_get ( void  )

◆ auth_retry_print()

const char* auth_retry_print ( void  )

Definition at line 4069 of file options.c.

References AR_INTERACT, AR_NOINTERACT, AR_NONE, and global_auth_retry.

Referenced by man_dispatch_command().

◆ auth_retry_set()

bool auth_retry_set ( const int  msglevel,
const char *  option 
)

Definition at line 4046 of file options.c.

References AR_INTERACT, AR_NOINTERACT, AR_NONE, global_auth_retry, msg, and streq.

Referenced by add_option(), and man_dispatch_command().

◆ bypass_doubledash()

static void bypass_doubledash ( char **  p)
static

Definition at line 4405 of file options.c.

Referenced by read_config_file(), and read_config_string().

◆ calc_options_string_link_mtu()

static size_t calc_options_string_link_mtu ( const struct options o,
const struct frame frame 
)
static

Calculate the link-mtu to advertise to our peer.

The actual value is not relevant, because we will possibly perform data channel cipher negotiation after this, but older clients will log warnings if we do not supply them the value they expect. This assumes that the traditional cipher/auth directives in the config match the config of the peer.

Definition at line 3482 of file options.c.

References options::authname, options::ce, key_type::cipher, cipher_kt_mode_ofb_cfb(), options::ciphername, crypto_adjust_frame_parameters(), crypto_max_overhead(), D_MTU_DEBUG, EXPANDED_SIZE, frame_finalize(), frame_remove_from_extra_frame(), init_key_type(), options::keysize, connection_entry::link_mtu, connection_entry::link_mtu_defined, options::mode, MODE_SERVER, msg, options::pull, options::replay, connection_entry::tun_mtu, and connection_entry::tun_mtu_defined.

Referenced by options_string().

◆ check_cmd_access()

static bool check_cmd_access ( const char *  command,
const char *  opt,
const char *  chroot 
)
static

◆ check_file_access()

static bool check_file_access ( const int  type,
const char *  file,
const int  mode,
const char *  opt 
)
static

◆ check_file_access_chroot()

static bool check_file_access_chroot ( const char *  chroot,
const int  type,
const char *  file,
const int  mode,
const char *  opt 
)
static

◆ check_inline_file()

static bool check_inline_file ( struct in_src is,
char *  p[],
struct gc_arena gc 
)
static

◆ check_inline_file_via_buf()

static bool check_inline_file_via_buf ( struct buffer multiline,
char *  p[],
struct gc_arena gc 
)
static

◆ check_inline_file_via_fp()

static bool check_inline_file_via_fp ( FILE *  fp,
char *  p[],
struct gc_arena gc 
)
static

Definition at line 4514 of file options.c.

References check_inline_file(), in_src::fp, IS_TYPE_FP, in_src::type, and in_src::u.

Referenced by read_config_file().

◆ cnol_check_alloc()

static void cnol_check_alloc ( struct options options)
static

Definition at line 1415 of file options.c.

References options::client_nat, options::gc, and new_client_nat_list().

Referenced by add_option(), and pre_pull_restore().

◆ connection_entry_load_re()

static void connection_entry_load_re ( struct connection_entry ce,
const struct remote_entry re 
)
static

◆ dhcp_option_address_parse()

static void dhcp_option_address_parse ( const char *  name,
const char *  parm,
in_addr_t array,
int *  len,
int  msglevel 
)
static

Definition at line 1195 of file options.c.

References get_ip_addr(), in_addr_t, ip_addr_dotted_quad_safe(), msg, and N_DHCP_ADDR.

Referenced by add_option().

◆ dhcp_option_dns6_parse()

static void dhcp_option_dns6_parse ( const char *  parm,
struct in6_addr *  dns6_list,
int *  len,
int  msglevel 
)
static

Definition at line 1181 of file options.c.

References get_ipv6_addr(), msg, and N_DHCP_ADDR.

Referenced by add_option().

◆ foreign_option()

static void foreign_option ( struct options o,
char *  argv[],
int  len,
struct env_set es 
)
static

◆ get_ip_addr()

static in_addr_t get_ip_addr ( const char *  ip_string,
int  msglevel,
bool error 
)
static

Definition at line 1022 of file options.c.

References flags, getaddr(), GETADDR_FATAL, GETADDR_HOST_ORDER, in_addr_t, and M_FATAL.

Referenced by add_option(), and dhcp_option_address_parse().

◆ get_ipv6_addr_no_netbits()

static char* get_ipv6_addr_no_netbits ( const char *  addr,
struct gc_arena gc 
)
static

Returns newly allocated string containing address part without "/nn".

If gc != NULL, the allocated memory is registered in the supplied gc.

Definition at line 1047 of file options.c.

References gc_malloc(), and string_alloc().

Referenced by add_option().

◆ in_src_get()

static bool in_src_get ( const struct in_src is,
char *  line,
const int  size 
)
static

◆ init_options()

void init_options ( struct options o,
const bool  init_gc 
)

Definition at line 794 of file options.c.

References connection_entry::af, options::allow_recursive_routing, options::auth_token_generate, options::authname, connection_entry::bind_ipv6_only, connection_entry::bind_local, options::block_outside_dns, options::ce, options::ciphername, CLEAR, options::connect_retry_max, connection_entry::connect_retry_seconds, connection_entry::connect_retry_seconds_max, connection_entry::connect_timeout, DEFAULT_SEQ_BACKTRACK, DEFAULT_TIME_BACKTRACK, tuntap_options::dhcp_lease_time, tuntap_options::dhcp_masq_offset, options::ecdh_curve, options::gc, gc_init(), options::gc_owned, options::handshake_window, options::ifconfig_pool_persist_refresh_freq, tuntap_options::ip_win32_type, IPW32_SET_ADAPTIVE, IPW32_SET_DHCP_MASQ, options::key_direction, KEY_DIRECTION_BIDIRECTIONAL, options::key_method, connection_entry::link_mtu, LINK_MTU_DEFAULT, connection_entry::local_port, options::management_echo_buffer_size, options::management_log_history_cache, options::management_state_buffer_size, options::max_clients, options::max_routes_per_client, options::mode, MODE_POINT_TO_POINT, connection_entry::mssfix, MSSFIX_DEFAULT, connection_entry::mtu_discover_type, options::n_bcast_buf, options::ncp_ciphers, options::ncp_enabled, options::occ, OPENVPN_PORT, options::persist_mode, options::prng_hash, options::prng_nonce_secret_len, connection_entry::proto, options::proto_force, PROTO_UDP, options::real_hash_size, connection_entry::remote_port, options::renegotiate_bytes, options::renegotiate_seconds, options::renegotiate_seconds_min, options::replay, options::replay_time, options::replay_window, RESOLV_RETRY_INFINITE, options::resolve_in_advance, options::resolve_retry_seconds, options::route_delay_window, options::route_method, ROUTE_METHOD_ADAPTIVE, options::scheduled_exit_interval, options::stale_routes_check_interval, options::status_file_update_freq, options::status_file_version, options::tcp_queue_limit, options::tls_cert_profile, options::tls_timeout, options::tmp_dir, TOP_NET30, options::topology, options::transition_window, connection_entry::tun_mtu, TUN_MTU_DEFAULT, options::tuntap_options, options::verbosity, options::virtual_hash_size, win_get_tempdir(), and X509_USERNAME_FIELD_DEFAULT.

Referenced by add_option(), openvpn_main(), options_postprocess_verify_ce(), and usage().

◆ ipv6_addr_safe_hexplusbits()

static bool ipv6_addr_safe_hexplusbits ( const char *  ipv6_prefix_spec)
static

Definition at line 1065 of file options.c.

References get_ipv6_addr(), and M_WARN.

Referenced by add_option().

◆ msglevel_forward_compatible()

static int msglevel_forward_compatible ( struct options options,
const int  msglevel 
)
inlinestatic

Definition at line 4902 of file options.c.

References options::forward_compatible, and M_WARN.

Referenced by add_option().

◆ no_more_than_n_args()

static bool no_more_than_n_args ( const int  msglevel,
char *  p[],
const int  max,
const unsigned int  flags 
)
static

Definition at line 4874 of file options.c.

References msg, NM_QUOTE_HINT, and string_array_len().

Referenced by add_option().

◆ notnull()

void notnull ( const char *  arg,
const char *  description 
)

Definition at line 4178 of file options.c.

References M_USAGE, and msg.

Referenced by do_genkey(), do_persist_tuntap(), options_postprocess_mutate(), and options_postprocess_verify_ce().

◆ option_iroute()

static void option_iroute ( struct options o,
const char *  network_str,
const char *  netmask_str,
int  msglevel 
)
static

◆ option_iroute_ipv6()

static void option_iroute_ipv6 ( struct options o,
const char *  prefix_str,
int  msglevel 
)
static

◆ options_cmp_equal()

bool options_cmp_equal ( char *  actual,
const char *  expected 
)

Definition at line 3736 of file options.c.

References options_cmp_equal_safe().

Referenced by key_method_2_read().

◆ options_cmp_equal_safe()

bool options_cmp_equal_safe ( char *  actual,
const char *  expected,
size_t  actual_n 
)

◆ options_detach()

void options_detach ( struct options o)

◆ options_postprocess()

void options_postprocess ( struct options options)

◆ options_postprocess_filechecks()

static void options_postprocess_filechecks ( struct options options)
static

◆ options_postprocess_http_proxy_override()

static void options_postprocess_http_proxy_override ( struct options o)
static

◆ options_postprocess_mutate()

static void options_postprocess_mutate ( struct options o)
static

◆ options_postprocess_mutate_ce()

static void options_postprocess_mutate_ce ( struct options o,
struct connection_entry ce 
)
static

◆ options_postprocess_mutate_invariant()

static void options_postprocess_mutate_invariant ( struct options options)
static

◆ options_postprocess_verify()

static void options_postprocess_verify ( const struct options o)
static

◆ options_postprocess_verify_ce()

static void options_postprocess_verify_ce ( const struct options options,
const struct connection_entry ce 
)
static

Definition at line 1977 of file options.c.

References options::allow_recursive_routing, connection_list::array, options::auth_token_generate, options::auth_user_pass_file, options::auth_user_pass_verify_script, connection_entry::bind_defined, connection_entry::bind_local, options::ca_file, options::ca_path, options::ccd_exclusive, options::ce, options::cert_file, options::cf_max, options::cf_per, options::cipher_list, options::cipher_list_tls13, options::client_config_dir, options::client_connect_script, options::client_disconnect_script, options::connection_list, options::crl_file, options::daemon, options::dev, options::dev_type, dev_type_enum(), DEV_TYPE_TAP, DEV_TYPE_TUN, DEV_TYPE_UNDEF, options::dh_file, tuntap_options::dhcp_options, options::duplicate_cn, options::enable_c2c, connection_entry::explicit_exit_notification, route_option_list::flags, connection_entry::fragment, options::genkey, options::handshake_window, connection_entry::http_proxy_options, options::ifconfig_ipv6_local, options::ifconfig_ipv6_pool_defined, options::ifconfig_local, options::ifconfig_pool_defined, options::ifconfig_pool_netmask, options::ifconfig_pool_persist_filename, options::ifconfig_remote_netmask, options::inetd, INETD_NOWAIT, init_options(), tuntap_options::ip_win32_defined, tuntap_options::ip_win32_type, options::ipchange, IPW32_SET_ADAPTIVE, IPW32_SET_DHCP_MASQ, options::key_method, options::keysize, options::learn_address_script, connection_list::len, LINK_MTU_DEFAULT, connection_entry::link_mtu_defined, options::lladdr, connection_entry::local, connection_entry::local_port, connection_entry::local_port_defined, M_USAGE, M_WARN, MAN_CLIENT_AUTH_ENABLED, options::management_addr, options::management_client_group, options::management_client_user, options::management_flags, options::management_log_history_cache, options::management_user_pass, options::management_write_peer_info_file, MF_EXTERNAL_CERT, MF_EXTERNAL_KEY, MF_UNIX_SOCK, options::mode, MODE_SERVER, msg, options::mtu_test, MUST_BE_UNDEF, options::ncp_ciphers, options::ncp_enabled, notnull(), options::ns_cert_type, options::pkcs12_file, PLUGIN_OPTION_LIST, options::priv_key_file, connection_entry::proto, proto_is_dgram(), proto_is_net(), proto_is_udp(), PROTO_TCP, PROTO_TCP_CLIENT, PROTO_TCP_SERVER, options::pull, options::pull_filter_list, push_peer_info(), options::real_hash_size, connection_entry::remote, options::remote_cert_eku, options::remote_cert_ku, connection_entry::remote_port, options::renegotiate_bytes, options::renegotiate_packets, options::renegotiate_seconds, options::replay, options::replay_time, options::replay_window, RG_ENABLE, options::route_delay_defined, options::routes, http_proxy_options::server, options::server_flags, SF_TCP_NODELAY_HELPER, options::shared_secret_file, options::single_session, connection_entry::socks_proxy_server, options::ssl_flags, SSLF_AUTH_USER_PASS_OPTIONAL, SSLF_CLIENT_CERT_NOT_REQUIRED, SSLF_CLIENT_CERT_OPTIONAL, SSLF_OPT_VERIFY, SSLF_TLS_VERSION_MAX_MASK, SSLF_TLS_VERSION_MAX_SHIFT, SSLF_TLS_VERSION_MIN_MASK, SSLF_TLS_VERSION_MIN_SHIFT, SSLF_USERNAME_AS_COMMON_NAME, options::stale_routes_check_interval, string_defined_equal(), options::test_crypto, connection_entry::tls_auth_file, options::tls_auth_file, options::tls_cert_profile, tls_check_ncp_cipher_list(), options::tls_client, connection_entry::tls_crypt_file, options::tls_crypt_file, connection_entry::tls_crypt_v2_file, options::tls_crypt_v2_file, options::tls_crypt_v2_genkey_type, options::tls_exit, options::tls_export_cert, options::tls_server, options::tls_timeout, tls_verify(), tls_version_max(), TOP_SUBNET, options::topology, options::transition_window, connection_entry::tun_mtu_defined, options::tuntap_options, uninit_options(), options::up_delay, options::verify_x509_name, and options::virtual_hash_size.

Referenced by options_postprocess_verify().

◆ options_server_import()

void options_server_import ( struct options o,
const char *  filename,
int  msglevel,
unsigned int  permission_mask,
unsigned int *  option_types_found,
struct env_set es 
)

Definition at line 4781 of file options.c.

References D_PUSH, msg, and read_config_file().

Referenced by multi_client_connect_post(), and multi_connection_established().

◆ options_string()

char* options_string ( const struct options o,
const struct frame frame,
struct tuntap tt,
bool  remote,
struct gc_arena gc 
)

◆ options_string_extract_option()

char* options_string_extract_option ( const char *  options_string,
const char *  opt_name,
struct gc_arena gc 
)

Given an OpenVPN options string, extract the value of an option.

Parameters
options_stringZero-terminated, comma-separated options string
opt_nameThe name of the option to extract
gcThe gc to allocate the return value
Returns
gc-allocated value of option with name opt_name if option was found, or NULL otherwise.

Definition at line 3916 of file options.c.

References gc_malloc(), and options_string().

Referenced by key_method_2_read().

◆ options_string_import()

void options_string_import ( struct options options,
const char *  config,
const int  msglevel,
const unsigned int  permission_mask,
unsigned int *  option_types_found,
struct env_set es 
)

Definition at line 4801 of file options.c.

References read_config_string().

Referenced by multi_client_connect_post_plugin(), and open_plugins().

◆ options_string_version()

const char* options_string_version ( const char *  s,
struct gc_arena gc 
)

Definition at line 3906 of file options.c.

References alloc_buf_gc(), BPTR, BSTR, and strncpynt().

Referenced by do_compute_occ_strings().

◆ options_warning()

void options_warning ( char *  actual,
const char *  expected 
)

Definition at line 3742 of file options.c.

References options_warning_safe().

Referenced by key_method_2_read().

◆ options_warning_extract_parm1()

static const char* options_warning_extract_parm1 ( const char *  option_string,
struct gc_arena gc_ret 
)
static

◆ options_warning_safe()

void options_warning_safe ( char *  actual,
const char *  expected,
size_t  actual_n 
)

Definition at line 3900 of file options.c.

References M_WARN, and options_warning_safe_ml().

Referenced by key_method_1_read(), options_warning(), and process_received_occ_msg().

◆ options_warning_safe_ml()

static void options_warning_safe_ml ( const int  msglevel,
char *  actual,
const char *  expected,
size_t  actual_n 
)
static

◆ options_warning_safe_scan1()

static void options_warning_safe_scan1 ( const int  msglevel,
const int  delim,
const bool  report_inconsistent,
const struct buffer b1_src,
const struct buffer b2_src,
const char *  b1_name,
const char *  b2_name 
)
static

◆ options_warning_safe_scan2()

static void options_warning_safe_scan2 ( const int  msglevel,
const int  delim,
const bool  report_inconsistent,
const char *  p1,
const struct buffer b2_src,
const char *  b1_name,
const char *  b2_name 
)
static

◆ parse_argv()

void parse_argv ( struct options options,
const int  argc,
char *  argv[],
const int  msglevel,
const unsigned int  permission_mask,
unsigned int *  option_types_found,
struct env_set es 
)

Definition at line 4646 of file options.c.

References add_option(), CLEAR, MAX_PARMS, msg, and usage().

Referenced by openvpn_main().

◆ parse_hash_fingerprint()

static uint8_t* parse_hash_fingerprint ( const char *  str,
int  nbytes,
int  msglevel,
struct gc_arena gc 
)
static

Definition at line 1094 of file options.c.

References gc_malloc(), and msg.

Referenced by add_option().

◆ parse_http_proxy_override()

static struct http_proxy_options* parse_http_proxy_override ( const char *  server,
const char *  port,
const char *  flags,
const int  msglevel,
struct gc_arena gc 
)
static

◆ parse_line()

int parse_line ( const char *  line,
char *  p[],
const int  n,
const char *  file,
const int  line_num,
int  msglevel,
struct gc_arena gc 
)

◆ parse_topology()

int parse_topology ( const char *  str,
const int  msglevel 
)

Definition at line 3988 of file options.c.

References msg, streq, TOP_NET30, TOP_P2P, TOP_SUBNET, and TOP_UNDEF.

Referenced by add_option().

◆ positive_atoi()

static int positive_atoi ( const char *  str)
static

Definition at line 4208 of file options.c.

Referenced by add_option().

◆ pre_pull_restore()

void pre_pull_restore ( struct options o,
struct gc_arena gc 
)

◆ pre_pull_save()

void pre_pull_save ( struct options o)

◆ print_topology()

const char* print_topology ( const int  topology)

Definition at line 4010 of file options.c.

References TOP_NET30, TOP_P2P, TOP_SUBNET, and TOP_UNDEF.

Referenced by print_opt_topology().

◆ pull_filter_type_name()

static const char* pull_filter_type_name ( int  type)
static

Definition at line 943 of file options.c.

References PUF_TYPE_ACCEPT, PUF_TYPE_IGNORE, and PUF_TYPE_REJECT.

Referenced by show_pull_filter_list().

◆ read_config_file()

static void read_config_file ( struct options options,
const char *  file,
int  level,
const char *  top_file,
const int  top_line,
const int  msglevel,
const unsigned int  permission_mask,
unsigned int *  option_types_found,
struct env_set es 
)
static

◆ read_config_string()

static void read_config_string ( const char *  prefix,
struct options options,
const char *  config,
const int  msglevel,
const unsigned int  permission_mask,
unsigned int *  option_types_found,
struct env_set es 
)
static

◆ read_inline_file()

static char* read_inline_file ( struct in_src is,
const char *  close_tag,
struct gc_arena gc 
)
static

◆ remap_redirect_gateway_flags()

static void remap_redirect_gateway_flags ( struct options opt)
static

◆ rol6_check_alloc()

static void rol6_check_alloc ( struct options options)
static

Definition at line 1406 of file options.c.

References options::gc, new_route_ipv6_option_list(), and options::routes_ipv6.

Referenced by add_option(), and pre_pull_restore().

◆ rol_check_alloc()

void rol_check_alloc ( struct options options)

Definition at line 1397 of file options.c.

References options::gc, new_route_option_list(), and options::routes.

Referenced by add_option(), helper_add_route(), and pre_pull_restore().

◆ set_user_script()

static void set_user_script ( struct options options,
const char **  script,
const char *  new_script,
const char *  type,
bool  in_chroot 
)
static

◆ setenv_connection_entry()

static void setenv_connection_entry ( struct env_set es,
const struct connection_entry e,
const int  i 
)
static

◆ setenv_settings()

void setenv_settings ( struct env_set es,
const struct options o 
)

◆ show_connection_entries()

static void show_connection_entries ( const struct options o)
static

◆ show_connection_entry()

static void show_connection_entry ( const struct connection_entry o)
static

◆ show_dhcp_option_addrs()

static void show_dhcp_option_addrs ( const char *  name,
const in_addr_t array,
int  len 
)
static

Definition at line 1140 of file options.c.

References D_SHOW_PARMS, gc_free(), gc_new(), msg, and print_in_addr_t().

Referenced by show_tuntap_options().

◆ show_http_proxy_options()

static void show_http_proxy_options ( const struct http_proxy_options o)
static

◆ show_library_versions()

void show_library_versions ( const unsigned int  flags)

Definition at line 4142 of file options.c.

References get_ssl_library_version(), LZO_LIB_VER_STR, and msg.

Referenced by openvpn_main(), and usage_version().

◆ show_p2mp_parms()

static void show_p2mp_parms ( const struct options o)
static

◆ show_pull_filter_list()

static void show_pull_filter_list ( const struct pull_filter_list l)
static

◆ show_settings()

void show_settings ( const struct options o)

◆ show_tuntap_options()

static void show_tuntap_options ( const struct tuntap_options o)
static

◆ show_windows_version()

void show_windows_version ( const unsigned int  flags)

Definition at line 4133 of file options.c.

References gc_free(), gc_new(), msg, and win32_version_string().

Referenced by openvpn_main(), and usage_version().

◆ space()

static bool space ( unsigned char  c)
inlinestatic

Definition at line 4225 of file options.c.

Referenced by parse_line().

◆ string_defined_equal()

bool string_defined_equal ( const char *  s1,
const char *  s2 
)

Definition at line 4187 of file options.c.

References msg.

Referenced by options_postprocess_verify_ce().

◆ string_substitute()

static char* string_substitute ( const char *  src,
int  from,
int  to,
struct gc_arena gc 
)
static

Definition at line 1074 of file options.c.

References dest, and gc_malloc().

Referenced by add_option().

◆ uninit_options()

void uninit_options ( struct options o)

Definition at line 916 of file options.c.

References options::gc, gc_free(), and options::gc_owned.

Referenced by add_option(), openvpn_main(), and options_postprocess_verify_ce().

◆ usage()

static void usage ( void  )
static

◆ usage_small()

void usage_small ( void  )

Definition at line 4125 of file options.c.

References M_NOPREFIX, M_WARN, msg, openvpn_exit(), and OPENVPN_EXIT_STATUS_USAGE.

Referenced by x_msg_va().

◆ usage_version()

static void usage_version ( void  )
static

◆ verify_permission()

static bool verify_permission ( const char *  name,
const char *  file,
int  line,
const unsigned int  type,
const unsigned int  allowed,
unsigned int *  found,
const int  msglevel,
struct options options 
)
static

Variable Documentation

◆ global_auth_retry

int global_auth_retry
static

Definition at line 4037 of file options.c.

Referenced by auth_retry_get(), auth_retry_print(), and auth_retry_set().

◆ title_string

const char title_string[]

◆ usage_message

const char usage_message[]
static

Definition at line 113 of file options.c.

Referenced by usage().