OpenVPN
plugin.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 /*
25  * plug-in support, using dynamically loaded libraries
26  */
27 
28 #ifndef OPENVPN_PLUGIN_H
29 #define OPENVPN_PLUGIN_H
30 
31 #ifdef ENABLE_CRYPTO_OPENSSL
32 #include "ssl_verify_openssl.h"
33 #endif
34 #ifdef ENABLE_CRYPTO_MBEDTLS
35 #include "ssl_verify_mbedtls.h"
36 #endif
37 #include "openvpn-plugin.h"
38 
39 #ifdef ENABLE_PLUGIN
40 
41 #include "misc.h"
42 
43 #define MAX_PLUGINS 16
44 
45 struct plugin_option {
46  const char *so_pathname;
47  const char **argv;
48 };
49 
50 struct plugin_option_list {
51  int n;
52  struct plugin_option plugins[MAX_PLUGINS];
53 };
54 
55 struct plugin {
56  bool initialized;
57  const char *so_pathname;
58  unsigned int plugin_type_mask;
59  int requested_initialization_point;
60 
61 #ifndef _WIN32
62  void *handle;
63 #else
64  HMODULE module;
65 #endif
66 
67  openvpn_plugin_open_v1 open1;
68  openvpn_plugin_open_v2 open2;
69  openvpn_plugin_open_v3 open3;
70  openvpn_plugin_func_v1 func1;
71  openvpn_plugin_func_v2 func2;
72  openvpn_plugin_func_v3 func3;
73  openvpn_plugin_close_v1 close;
74  openvpn_plugin_abort_v1 abort;
75  openvpn_plugin_client_constructor_v1 client_constructor;
76  openvpn_plugin_client_destructor_v1 client_destructor;
77  openvpn_plugin_min_version_required_v1 min_version_required;
78  openvpn_plugin_select_initialization_point_v1 initialization_point;
79 
80  openvpn_plugin_handle_t plugin_handle;
81 };
82 
83 struct plugin_per_client
84 {
85  void *per_client_context[MAX_PLUGINS];
86 };
87 
88 struct plugin_common
89 {
90  int n;
91  struct plugin plugins[MAX_PLUGINS];
92 };
93 
94 struct plugin_list
95 {
96  struct plugin_per_client per_client;
97  struct plugin_common *common;
98  bool common_owned;
99 };
100 
101 struct plugin_return
102 {
103  int n;
104  struct openvpn_plugin_string_list *list[MAX_PLUGINS];
105 };
106 
107 struct plugin_option_list *plugin_option_list_new(struct gc_arena *gc);
108 
109 bool plugin_option_list_add(struct plugin_option_list *list, char **p,
110  struct gc_arena *gc);
111 
112 #ifndef ENABLE_SMALL
113 void plugin_option_list_print(const struct plugin_option_list *list, int msglevel);
114 
115 #endif
116 
117 struct plugin_list *plugin_list_init(const struct plugin_option_list *list);
118 
119 void plugin_list_open(struct plugin_list *pl,
120  const struct plugin_option_list *list,
121  struct plugin_return *pr,
122  const struct env_set *es,
123  const int init_point);
124 
125 struct plugin_list *plugin_list_inherit(const struct plugin_list *src);
126 
127 int plugin_call_ssl(const struct plugin_list *pl,
128  const int type,
129  const struct argv *av,
130  struct plugin_return *pr,
131  struct env_set *es,
132  int current_cert_depth,
133  openvpn_x509_cert_t *current_cert
134  );
135 
136 void plugin_list_close(struct plugin_list *pl);
137 
138 bool plugin_defined(const struct plugin_list *pl, const int type);
139 
140 void plugin_return_get_column(const struct plugin_return *src,
141  struct plugin_return *dest,
142  const char *colname);
143 
144 void plugin_return_free(struct plugin_return *pr);
145 
146 #ifdef ENABLE_DEBUG
147 void plugin_return_print(const int msglevel, const char *prefix, const struct plugin_return *pr);
148 
149 #endif
150 
151 static inline int
152 plugin_n(const struct plugin_list *pl)
153 {
154  if (pl && pl->common)
155  {
156  return pl->common->n;
157  }
158  else
159  {
160  return 0;
161  }
162 }
163 
164 static inline bool
165 plugin_return_defined(const struct plugin_return *pr)
166 {
167  return pr->n >= 0;
168 }
169 
170 static inline void
171 plugin_return_init(struct plugin_return *pr)
172 {
173  pr->n = 0;
174 }
175 
176 #else /* ifdef ENABLE_PLUGIN */
177 struct plugin_list { int dummy; };
178 struct plugin_return { int dummy; };
179 
180 static inline bool
181 plugin_defined(const struct plugin_list *pl, const int type)
182 {
183  return false;
184 }
185 
186 static inline int
187 plugin_call_ssl(const struct plugin_list *pl,
188  const int type,
189  const struct argv *av,
190  struct plugin_return *pr,
191  struct env_set *es,
192  int current_cert_depth,
193  openvpn_x509_cert_t *current_cert
194  )
195 {
196  return 0;
197 }
198 
199 #endif /* ENABLE_PLUGIN */
200 
201 static inline int
202 plugin_call(const struct plugin_list *pl,
203  const int type,
204  const struct argv *av,
205  struct plugin_return *pr,
206  struct env_set *es)
207 {
208  return plugin_call_ssl(pl, type, av, pr, es, -1, NULL);
209 }
210 
211 void plugin_abort(void);
212 
213 #endif /* OPENVPN_PLUGIN_H */
plugin_return::list
struct openvpn_plugin_string_list * list[MAX_PLUGINS]
Definition: plugin.h:104
plugin::open1
openvpn_plugin_open_v1 open1
Definition: plugin.h:67
openvpn_plugin_client_destructor_v1
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC() openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *per_client_context)
Definition: sample-client-connect.c:603
plugin_option_list_print
void plugin_option_list_print(const struct plugin_option_list *list, int msglevel)
Definition: plugin.c:189
plugin::plugin_type_mask
unsigned int plugin_type_mask
Definition: plugin.h:58
plugin_list_inherit
struct plugin_list * plugin_list_inherit(const struct plugin_list *src)
Definition: plugin.c:683
openvpn_plugin_select_initialization_point_v1
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_select_initialization_point_v1(void)
plugin_return
Definition: plugin.h:101
plugin::abort
openvpn_plugin_abort_v1 abort
Definition: plugin.h:74
argv
Definition: argv.h:35
plugin_return_get_column
void plugin_return_get_column(const struct plugin_return *src, struct plugin_return *dest, const char *colname)
Definition: plugin.c:988
plugin::plugin_handle
openvpn_plugin_handle_t plugin_handle
Definition: plugin.h:80
es
struct env_set * es
Definition: test_pkcs11.c:133
plugin_return_init
static void plugin_return_init(struct plugin_return *pr)
Definition: plugin.h:171
plugin_option_list
Definition: plugin.h:50
plugin::open2
openvpn_plugin_open_v2 open2
Definition: plugin.h:68
plugin::initialization_point
openvpn_plugin_select_initialization_point_v1 initialization_point
Definition: plugin.h:78
ssl_verify_openssl.h
plugin_list_close
void plugin_list_close(struct plugin_list *pl)
Definition: plugin.c:885
ssl_verify_mbedtls.h
plugin_return_free
void plugin_return_free(struct plugin_return *pr)
Definition: plugin.c:1003
openvpn_plugin_min_version_required_v1
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_min_version_required_v1(void)
Definition: multi-auth.c:173
plugin_option_list_new
struct plugin_option_list * plugin_option_list_new(struct gc_arena *gc)
Definition: plugin.c:160
plugin_per_client
Definition: plugin.h:83
plugin_common
Definition: plugin.h:88
plugin::func2
openvpn_plugin_func_v2 func2
Definition: plugin.h:71
openvpn_plugin_close_v1
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC() openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
This cleans up the last part of the plug-in, allows it to shut down cleanly and release the plug-in g...
Definition: sample-client-connect.c:610
plugin_call
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
Definition: plugin.h:202
plugin_per_client::per_client_context
void * per_client_context[MAX_PLUGINS]
Definition: plugin.h:85
openvpn_plugin_client_constructor_v1
OPENVPN_PLUGIN_DEF void *OPENVPN_PLUGIN_FUNC() openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
Definition: sample-client-connect.c:596
plugin_common::plugins
struct plugin plugins[MAX_PLUGINS]
Definition: plugin.h:91
plugin::close
openvpn_plugin_close_v1 close
Definition: plugin.h:73
plugin_list::common
struct plugin_common * common
Definition: plugin.h:97
plugin::client_destructor
openvpn_plugin_client_destructor_v1 client_destructor
Definition: plugin.h:76
plugin_option
Definition: plugin.h:45
plugin_list_init
struct plugin_list * plugin_list_init(const struct plugin_option_list *list)
Definition: plugin.c:764
plugin_call_ssl
int plugin_call_ssl(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es, int current_cert_depth, openvpn_x509_cert_t *current_cert)
Definition: plugin.c:785
openvpn_plugin_abort_v1
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC() openvpn_plugin_abort_v1(openvpn_plugin_handle_t handle)
Definition: auth-pam.c:631
misc.h
openvpn_plugin_open_v1
OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC() openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[])
Definition: log.c:73
plugin_return::n
int n
Definition: plugin.h:103
plugin
Definition: keyingmaterialexporter.c:50
plugin_abort
void plugin_abort(void)
Definition: plugin.c:904
plugin_list::common_owned
bool common_owned
Definition: plugin.h:98
plugin::module
HMODULE module
Definition: plugin.h:64
openvpn_plugin_open_v3
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_open_v3(const int version, struct openvpn_plugin_args_open_in const *arguments, struct openvpn_plugin_args_open_return *retptr)
This function is called when OpenVPN loads the plug-in.
Definition: sample-client-connect.c:122
plugin::func1
openvpn_plugin_func_v1 func1
Definition: plugin.h:70
plugin_return_defined
static bool plugin_return_defined(const struct plugin_return *pr)
Definition: plugin.h:165
plugin_option::so_pathname
const char * so_pathname
Definition: plugin.h:46
plugin::so_pathname
const char * so_pathname
Definition: plugin.h:57
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
plugin_defined
bool plugin_defined(const struct plugin_list *pl, const int type)
Definition: plugin.c:920
openvpn_plugin_func_v1
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
This function is called by OpenVPN each time the OpenVPN reaches a point where plug-in calls should h...
Definition: log.c:176
plugin::initialized
bool initialized
Definition: plugin.h:56
env_set
Definition: env_set.h:42
openvpn_x509_cert_t
X509 openvpn_x509_cert_t
Definition: openvpn-plugin.h:40
plugin_option_list::n
int n
Definition: plugin.h:51
plugin_list
Definition: plugin.h:94
openvpn_plugin_open_v2
OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC() openvpn_plugin_open_v2(unsigned int *type_mask, const char *argv[], const char *envp[], struct openvpn_plugin_string_list **return_list)
plugin_option_list::plugins
struct plugin_option plugins[MAX_PLUGINS]
Definition: plugin.h:52
MAX_PLUGINS
#define MAX_PLUGINS
Definition: plugin.h:43
plugin::requested_initialization_point
int requested_initialization_point
Definition: plugin.h:59
plugin_list::per_client
struct plugin_per_client per_client
Definition: plugin.h:96
plugin_list_open
void plugin_list_open(struct plugin_list *pl, const struct plugin_option_list *list, struct plugin_return *pr, const struct env_set *es, const int init_point)
Definition: plugin.c:774
plugin::open3
openvpn_plugin_open_v3 open3
Definition: plugin.h:69
plugin::client_constructor
openvpn_plugin_client_constructor_v1 client_constructor
Definition: plugin.h:75
plugin_n
static int plugin_n(const struct plugin_list *pl)
Definition: plugin.h:152
openvpn_plugin_string_list
Definition: openvpn-plugin.h:190
plugin::func3
openvpn_plugin_func_v3 func3
Definition: plugin.h:72
openvpn_plugin_func_v2
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_func_v2(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[], void *per_client_context, struct openvpn_plugin_string_list **return_list)
Definition: sample-client-connect.c:527
plugin_option_list_add
bool plugin_option_list_add(struct plugin_option_list *list, char **p, struct gc_arena *gc)
Definition: plugin.c:168
openvpn-plugin.h
openvpn_plugin_handle_t
void * openvpn_plugin_handle_t
Definition: openvpn-plugin.h:143
plugin_common::n
int n
Definition: plugin.h:90
plugin::min_version_required
openvpn_plugin_min_version_required_v1 min_version_required
Definition: plugin.h:77
openvpn_plugin_func_v3
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *arguments, struct openvpn_plugin_args_func_return *retptr)
Definition: multi-auth.c:367
plugin_option::argv
const char ** argv
Definition: plugin.h:47
Generated by   doxygen 1.8.17