OpenVPN
simple.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 /*
25  * This file implements a simple OpenVPN plugin module which
26  * will examine the username/password provided by a client,
27  * and make an accept/deny determination. Will run
28  * on Windows or *nix.
29  *
30  * See the README file for build instructions.
31  */
32 
33 #include <stdio.h>
34 #include <string.h>
35 #include <stdlib.h>
36 
37 #include "openvpn-plugin.h"
38 
39 /*
40  * Our context, where we keep our state.
41  */
42 struct plugin_context {
43  const char *username;
44  const char *password;
45 };
46 
47 /*
48  * Given an environmental variable name, search
49  * the envp array for its value, returning it
50  * if found or NULL otherwise.
51  */
52 static const char *
53 get_env(const char *name, const char *envp[])
54 {
55  if (envp)
56  {
57  int i;
58  const int namelen = strlen(name);
59  for (i = 0; envp[i]; ++i)
60  {
61  if (!strncmp(envp[i], name, namelen))
62  {
63  const char *cp = envp[i] + namelen;
64  if (*cp == '=')
65  {
66  return cp + 1;
67  }
68  }
69  }
70  }
71  return NULL;
72 }
73 
75 openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[])
76 {
77  struct plugin_context *context;
78 
79  /*
80  * Allocate our context
81  */
82  context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
83 
84  /*
85  * Set the username/password we will require.
86  */
87  context->username = "foo";
88  context->password = "bar";
89 
90  /*
91  * We are only interested in intercepting the
92  * --auth-user-pass-verify callback.
93  */
95 
96  return (openvpn_plugin_handle_t) context;
97 }
98 
100 openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
101 {
102  struct plugin_context *context = (struct plugin_context *) handle;
103 
104  /* get username/password from envp string array */
105  const char *username = get_env("username", envp);
106  const char *password = get_env("password", envp);
107 
108  /* check entered username/password against what we require */
109  if (username && !strcmp(username, context->username)
110  && password && !strcmp(password, context->password))
111  {
113  }
114  else
115  {
117  }
118 }
119 
120 OPENVPN_EXPORT void
122 {
123  struct plugin_context *context = (struct plugin_context *) handle;
124  free(context);
125 }
const char * password
Definition: log.c:42
Contains all state information for one tunnel.
Definition: openvpn.h:500
OPENVPN_EXPORT openvpn_plugin_handle_t openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[])
Definition: simple.c:134
#define OPENVPN_EXPORT
#define OPENVPN_PLUGIN_FUNC_SUCCESS
OPENVPN_EXPORT int openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
This function is called by OpenVPN each time the OpenVPN reaches a point where plug-in calls should h...
Definition: simple.c:100
const char * username
Definition: log.c:41
#define OPENVPN_PLUGIN_FUNC_ERROR
void * openvpn_plugin_handle_t
OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
Definition: simple.c:334
#define OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
#define free
Definition: cmocka.c:1850
static const char * get_env(const char *name, const char *envp[])
Definition: simple.c:53
Definition: argv.h:35
#define OPENVPN_PLUGIN_MASK(x)