OpenVPN
Macros | Functions
run_command.h File Reference
#include "basic.h"
#include "env_set.h"
Include dependency graph for run_command.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define SSEC_NONE   0 /* strictly no calling of external programs */
 
#define SSEC_BUILT_IN   1 /* only call built-in programs such as ifconfig, route, netsh, etc.*/
 
#define SSEC_SCRIPTS   2 /* allow calling of built-in programs and user-defined scripts */
 
#define SSEC_PW_ENV   3 /* allow calling of built-in programs and user-defined scripts that may receive a password as an environmental variable */
 
#define S_SCRIPT   (1<<0)
 
#define S_FATAL   (1<<1)
 

Functions

int script_security (void)
 
void script_security_set (int level)
 
int openvpn_popen (const struct argv *a, const struct env_set *es)
 
bool openvpn_execve_allowed (const unsigned int flags)
 
bool openvpn_execve_check (const struct argv *a, const struct env_set *es, const unsigned int flags, const char *error_message)
 
static bool openvpn_run_script (const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
 

Macro Definition Documentation

◆ S_FATAL

#define S_FATAL   (1<<1)

◆ S_SCRIPT

#define S_SCRIPT   (1<<0)

Definition at line 41 of file run_command.h.

Referenced by openvpn_execve_allowed(), and openvpn_run_script().

◆ SSEC_BUILT_IN

#define SSEC_BUILT_IN   1 /* only call built-in programs such as ifconfig, route, netsh, etc.*/

Definition at line 32 of file run_command.h.

Referenced by openvpn_execve_allowed(), and openvpn_popen().

◆ SSEC_NONE

#define SSEC_NONE   0 /* strictly no calling of external programs */

Definition at line 31 of file run_command.h.

◆ SSEC_PW_ENV

#define SSEC_PW_ENV   3 /* allow calling of built-in programs and user-defined scripts that may receive a password as an environmental variable */

Definition at line 34 of file run_command.h.

Referenced by do_option_warnings(), and env_allowed().

◆ SSEC_SCRIPTS

#define SSEC_SCRIPTS   2 /* allow calling of built-in programs and user-defined scripts */

Function Documentation

◆ openvpn_execve_allowed()

bool openvpn_execve_allowed ( const unsigned int  flags)

◆ openvpn_execve_check()

bool openvpn_execve_check ( const struct argv a,
const struct env_set es,
const unsigned int  flags,
const char *  error_message 
)

◆ openvpn_popen()

int openvpn_popen ( const struct argv a,
const struct env_set es 
)

◆ openvpn_run_script()

static bool openvpn_run_script ( const struct argv a,
const struct env_set es,
const unsigned int  flags,
const char *  hook 
)
inlinestatic

◆ script_security()

int script_security ( void  )

◆ script_security_set()

void script_security_set ( int  level)

Definition at line 51 of file run_command.c.

References script_security_level.

Referenced by add_option().