OpenVPN
manage.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifndef MANAGE_H
25 #define MANAGE_H
26 
27 /* management_open flags */
28 #define MF_SERVER (1<<0)
29 #define MF_QUERY_PASSWORDS (1<<1)
30 #define MF_HOLD (1<<2)
31 #define MF_SIGNAL (1<<3)
32 #define MF_FORGET_DISCONNECT (1<<4)
33 #define MF_CONNECT_AS_CLIENT (1<<5)
34 #define MF_CLIENT_AUTH (1<<6)
35 /* #define MF_CLIENT_PF (1<<7) *REMOVED FEATURE* */
36 #define MF_UNIX_SOCK (1<<8)
37 #define MF_EXTERNAL_KEY (1<<9)
38 #define MF_EXTERNAL_KEY_NOPADDING (1<<10)
39 #define MF_EXTERNAL_KEY_PKCS1PAD (1<<11)
40 #define MF_UP_DOWN (1<<12)
41 #define MF_QUERY_REMOTE (1<<13)
42 #define MF_QUERY_PROXY (1<<14)
43 #define MF_EXTERNAL_CERT (1<<15)
44 #define MF_EXTERNAL_KEY_PSSPAD (1<<16)
45 #define MF_EXTERNAL_KEY_DIGEST (1<<17)
46 
47 
48 #ifdef ENABLE_MANAGEMENT
49 
50 #include "misc.h"
51 #include "event.h"
52 #include "socket.h"
53 #include "mroute.h"
54 
55 #define MANAGEMENT_VERSION 5
56 #define MANAGEMENT_N_PASSWORD_RETRIES 3
57 #define MANAGEMENT_LOG_HISTORY_INITIAL_SIZE 100
58 #define MANAGEMENT_ECHO_BUFFER_SIZE 100
59 #define MANAGEMENT_STATE_BUFFER_SIZE 100
60 
61 /*
62  * Management-interface-based deferred authentication
63  */
65  unsigned long cid;
66 
67 #define DAF_CONNECTION_ESTABLISHED (1<<0)
68 #define DAF_CONNECTION_CLOSED (1<<1)
69 #define DAF_INITIAL_AUTH (1<<2)
70  unsigned int flags;
71 
72  unsigned int mda_key_id_counter;
73 
75 };
76 
77 /*
78  * Manage build-up of command line
79  */
81 {
82  struct buffer buf;
83  struct buffer residual;
84 };
85 
86 struct command_line *command_line_new(const int buf_len);
87 
88 void command_line_free(struct command_line *cl);
89 
90 void command_line_add(struct command_line *cl, const unsigned char *buf, const int len);
91 
92 const char *command_line_get(struct command_line *cl);
93 
94 void command_line_reset(struct command_line *cl);
95 
96 void command_line_next(struct command_line *cl);
97 
98 /*
99  * Manage log file history
100  */
101 
103  unsigned int msg_flags;
104  int state;
105  int intval;
106 };
107 
108 struct log_entry
109 {
110  time_t timestamp;
111  const char *string;
112  in_addr_t local_ip;
113  struct in6_addr local_ip6;
117 };
118 
119 #define LOG_PRINT_LOG_PREFIX (1<<0)
120 #define LOG_PRINT_ECHO_PREFIX (1<<1)
121 #define LOG_PRINT_STATE_PREFIX (1<<2)
122 
123 #define LOG_PRINT_INT_DATE (1<<3)
124 #define LOG_PRINT_MSG_FLAGS (1<<4)
125 #define LOG_PRINT_STATE (1<<5)
126 #define LOG_PRINT_LOCAL_IP (1<<6)
127 
128 #define LOG_PRINT_CRLF (1<<7)
129 #define LOG_FATAL_NOTIFY (1<<8)
130 
131 #define LOG_PRINT_INTVAL (1<<9)
132 
133 #define LOG_PRINT_REMOTE_IP (1<<10)
134 
135 #define LOG_ECHO_TO_LOG (1<<11)
136 
137 const char *log_entry_print(const struct log_entry *e, unsigned int flags, struct gc_arena *gc);
138 
140 {
141  int base;
142  int size;
143  int capacity;
144  struct log_entry *array;
145 };
146 
147 struct log_history *log_history_init(const int capacity);
148 
149 void log_history_close(struct log_history *h);
150 
151 void log_history_add(struct log_history *h, const struct log_entry *le);
152 
153 void log_history_resize(struct log_history *h, const int capacity);
154 
155 const struct log_entry *log_history_ref(const struct log_history *h, const int index);
156 
157 static inline int
159 {
160  return h->size;
161 }
162 
163 static inline int
165 {
166  return h->capacity;
167 }
168 
169 /*
170  * Callbacks for 'status' and 'kill' commands.
171  * Also for management-based deferred authentication and packet filter.
172  */
174 {
175  void *arg;
176 
177 #define MCF_SERVER (1<<0) /* is OpenVPN being run as a server? */
178  unsigned int flags;
179 
180  void (*status) (void *arg, const int version, struct status_output *so);
181  void (*show_net) (void *arg, const int msglevel);
182  int (*kill_by_cn) (void *arg, const char *common_name);
183  int (*kill_by_addr) (void *arg, const in_addr_t addr, const int port);
184  void (*delete_event) (void *arg, event_t event);
185  int (*n_clients) (void *arg);
186  bool (*send_cc_message) (void *arg, const char *message, const char *parameter);
187  bool (*kill_by_cid)(void *arg, const unsigned long cid, const char *kill_msg);
188  bool (*client_auth) (void *arg,
189  const unsigned long cid,
190  const unsigned int mda_key_id,
191  const bool auth,
192  const char *reason,
193  const char *client_reason,
194  struct buffer_list *cc_config); /* ownership transferred */
195  bool (*client_pending_auth) (void *arg,
196  const unsigned long cid,
197  const unsigned int kid,
198  const char *extra,
199  unsigned int timeout);
200  char *(*get_peer_info) (void *arg, const unsigned long cid);
201  bool (*proxy_cmd)(void *arg, const char **p);
202  bool (*remote_cmd) (void *arg, const char **p);
203 #ifdef TARGET_ANDROID
204  int (*network_change)(void *arg, bool samenetwork);
205 #endif
206  unsigned int (*remote_entry_count)(void *arg);
207  bool (*remote_entry_get)(void *arg, unsigned int index, char **remote);
208 };
209 
210 /*
211  * Management object, split into three components:
212  *
213  * struct man_persist : Data elements which are persistent across
214  * man_connection open and close.
215  *
216  * struct man_settings : management parameters.
217  *
218  * struct man_connection : created on socket binding and listen,
219  * deleted on socket unbind, may
220  * handle multiple sequential client
221  * connections.
222  */
223 
224 struct man_persist {
225  bool defined;
226 
227  struct log_history *log;
229 
232 
233  struct log_history *echo; /* saved --echo strings */
235 
237 
238  const char *special_state_msg;
239 
242 };
243 
244 struct man_settings {
245  bool defined;
246  unsigned int flags; /* MF_x flags */
247  struct addrinfo *local;
248 #if UNIX_SOCK_SUPPORT
249  struct sockaddr_un local_unix;
250 #endif
252  struct user_pass up;
258 
259 /* flags for handling the management interface "signal" command */
260 #define MANSIG_IGNORE_USR1_HUP (1<<0)
261 #define MANSIG_MAP_USR1_TO_HUP (1<<1)
262 #define MANSIG_MAP_USR1_TO_TERM (1<<2)
263  unsigned int mansig;
264 };
265 
266 /* up_query modes */
267 #define UP_QUERY_DISABLED 0
268 #define UP_QUERY_USER_PASS 1
269 #define UP_QUERY_PASS 2
270 #define UP_QUERY_NEED_OK 3
271 #define UP_QUERY_NEED_STR 4
272 
273 /* states */
274 #define MS_INITIAL 0 /* all sockets are closed */
275 #define MS_LISTEN 1 /* no client is connected */
276 #define MS_CC_WAIT_READ 2 /* client is connected, waiting for read on socket */
277 #define MS_CC_WAIT_WRITE 3 /* client is connected, waiting for ability to write to socket */
278 
280  int state;
281 
285 
286 #ifdef _WIN32
288 #endif
289 
290  bool halt;
293 
294  struct command_line *in;
295  struct buffer_list *out;
296 
297 #define IEC_UNDEF 0
298 #define IEC_CLIENT_AUTH 1
299 /* #define IEC_CLIENT_PF 2 *REMOVED FEATURE* */
300 #define IEC_RSA_SIGN 3
301 #define IEC_CERTIFICATE 4
302 #define IEC_PK_SIGN 5
305  unsigned long in_extra_cid;
306  unsigned int in_extra_kid;
307 #define EKS_UNDEF 0
308 #define EKS_SOLICIT 1
309 #define EKS_INPUT 2
310 #define EKS_READY 3
315  struct event_set *es;
317 
323 
324  const char *up_query_type;
327 
328 #ifdef TARGET_ANDROID
329  int fdtosend;
330  int lastfdreceived;
331 #endif
333 };
334 
336 {
340 };
341 
342 extern struct management *management;
343 
344 struct user_pass;
345 
346 struct management *management_init(void);
347 
348 bool management_open(struct management *man,
349  const char *addr,
350  const char *port,
351  const char *pass_file,
352  const char *client_user,
353  const char *client_group,
354  const int log_history_cache,
355  const int echo_buffer_size,
356  const int state_buffer_size,
357  const int remap_sigusr1,
358  const unsigned int flags);
359 
360 void management_close(struct management *man);
361 
362 void management_post_tunnel_open(struct management *man, const in_addr_t tun_local_ip);
363 
364 void management_pre_tunnel_close(struct management *man);
365 
366 void management_socket_set(struct management *man,
367  struct event_set *es,
368  void *arg,
369  unsigned int *persistent);
370 
371 void management_io(struct management *man);
372 
373 void management_set_callback(struct management *man,
374  const struct management_callback *cb);
375 
376 void management_clear_callback(struct management *man);
377 
378 bool management_query_user_pass(struct management *man,
379  struct user_pass *up,
380  const char *type,
381  const unsigned int flags,
382  const char *static_challenge);
383 
384 #ifdef TARGET_ANDROID
385 bool management_android_control(struct management *man, const char *command, const char *msg);
386 
387 #define ANDROID_KEEP_OLD_TUN 1
388 #define ANDROID_OPEN_BEFORE_CLOSE 2
389 int managment_android_persisttun_action(struct management *man);
390 
391 #endif
392 
393 bool management_should_daemonize(struct management *man);
394 
395 bool management_would_hold(struct management *man);
396 
397 bool management_hold(struct management *man, int holdtime);
398 
399 void management_event_loop_n_seconds(struct management *man, int sec);
400 
401 void management_up_down(struct management *man, const char *updown, const struct env_set *es);
402 
403 void management_notify(struct management *man, const char *severity, const char *type, const char *text);
404 
405 void management_notify_generic(struct management *man, const char *str);
406 
408  const unsigned int auth_id,
409  struct man_def_auth_context *mdac,
410  const struct env_set *es);
411 
413  struct man_def_auth_context *mdac,
414  const struct env_set *es);
415 
417  struct man_def_auth_context *mdac,
418  const struct env_set *es);
419 
421  struct man_def_auth_context *mdac,
422  const struct mroute_addr *addr,
423  const bool primary);
424 
425 void management_notify_client_cr_response(unsigned mda_key_id,
426  const struct man_def_auth_context *mdac,
427  const struct env_set *es,
428  const char *response);
429 
430 char *management_query_pk_sig(struct management *man, const char *b64_data,
431  const char *algorithm);
432 
433 char *management_query_cert(struct management *man, const char *cert_name);
434 
435 static inline bool
437 {
439 }
440 
441 static inline bool
443 {
445 }
446 
447 static inline bool
449 {
450  return BOOL_CAST(man->settings.flags & MF_QUERY_REMOTE);
451 }
452 
453 static inline bool
455 {
456  return BOOL_CAST(man->settings.flags & MF_QUERY_PROXY);
457 }
458 
459 
460 static inline bool
462 {
463  return man && BOOL_CAST(man->settings.flags & MF_CLIENT_AUTH);
464 }
465 
466 /*
467  * OpenVPN tells the management layer what state it's in
468  */
469 
470 /* client/server states */
471 #define OPENVPN_STATE_INITIAL 0 /* Initial, undefined state */
472 #define OPENVPN_STATE_CONNECTING 1 /* Management interface has been initialized */
473 #define OPENVPN_STATE_ASSIGN_IP 2 /* Assigning IP address to virtual network interface */
474 #define OPENVPN_STATE_ADD_ROUTES 3 /* Adding routes to system */
475 #define OPENVPN_STATE_CONNECTED 4 /* Initialization sequence completed */
476 #define OPENVPN_STATE_RECONNECTING 5 /* Restart */
477 #define OPENVPN_STATE_EXITING 6 /* Exit */
478 
479 /* client-only states */
480 #define OPENVPN_STATE_WAIT 7 /* Waiting for initial response from server */
481 #define OPENVPN_STATE_AUTH 8 /* Authenticating with server */
482 #define OPENVPN_STATE_GET_CONFIG 9 /* Downloading configuration from server */
483 #define OPENVPN_STATE_RESOLVE 10 /* DNS lookup */
484 #define OPENVPN_STATE_TCP_CONNECT 11 /* Connecting to TCP server */
485 #define OPENVPN_STATE_AUTH_PENDING 12 /* Waiting in auth-pending mode
486  * technically variant of GET_CONFIG */
487 
488 #define OPENVPN_STATE_CLIENT_BASE 7 /* Base index of client-only states */
489 
490 void management_set_state(struct management *man,
491  const int state,
492  const char *detail,
493  const in_addr_t *tun_local_ip,
494  const struct in6_addr *tun_local_ip6,
495  const struct openvpn_sockaddr *local_addr,
496  const struct openvpn_sockaddr *remote_addr);
497 
498 /*
499  * The management object keeps track of OpenVPN --echo
500  * parameters.
501  */
502 void management_echo(struct management *man, const char *string, const bool pull);
503 
504 /*
505  * OpenVPN calls here to indicate a password failure
506  */
507 
508 void management_auth_failure(struct management *man, const char *type, const char *reason);
509 
510 /*
511  * Echo an authentication token to management interface
512  */
513 void management_auth_token(struct management *man, const char *token);
514 
515 /*
516  * These functions drive the bytecount in/out counters.
517  */
518 
519 void
521  struct management *man,
522  struct timeval *timeval);
523 
524 static inline void
526  const int size_in,
527  const int size_out)
528 {
529  if (!(man->persist.callback.flags & MCF_SERVER))
530  {
531  man->persist.bytes_in += size_in;
532  man->persist.bytes_out += size_out;
533  }
534 }
535 
536 void
537 man_bytecount_output_server(const counter_type *bytes_in_total,
538  const counter_type *bytes_out_total,
539  struct man_def_auth_context *mdac);
540 
541 static inline void
543  const counter_type *bytes_in_total,
544  const counter_type *bytes_out_total,
545  struct man_def_auth_context *mdac)
546 {
550  {
551  man_bytecount_output_server(bytes_in_total, bytes_out_total, mdac);
552  }
553 }
554 
555 void
556 man_persist_client_stats(struct management *man, struct context *c);
557 
558 #endif /* ifdef ENABLE_MANAGEMENT */
559 
564 void management_sleep(const int n);
565 
566 #endif /* ifndef MANAGE_H */
management_callback::client_auth
bool(* client_auth)(void *arg, const unsigned long cid, const unsigned int mda_key_id, const bool auth, const char *reason, const char *client_reason, struct buffer_list *cc_config)
Definition: manage.h:188
log_history
Definition: manage.h:139
man_connection::echo_realtime
bool echo_realtime
Definition: manage.h:320
management::settings
struct man_settings settings
Definition: manage.h:338
log_history::base
int base
Definition: manage.h:141
man_persist
Definition: manage.h:224
man_connection::up_query_mode
int up_query_mode
Definition: manage.h:325
log_entry_union::state
int state
Definition: manage.h:104
log_entry::remote_sock
struct openvpn_sockaddr remote_sock
Definition: manage.h:115
man_settings::mansig
unsigned int mansig
Definition: manage.h:263
status_output::msglevel
int msglevel
Definition: status.h:56
management_notify_client_needing_auth
void management_notify_client_needing_auth(struct management *management, const unsigned int auth_id, struct man_def_auth_context *mdac, const struct env_set *es)
Definition: manage.c:2927
man_connection::out
struct buffer_list * out
Definition: manage.h:295
command_line_add
void command_line_add(struct command_line *cl, const unsigned char *buf, const int len)
Definition: manage.c:3895
context
Contains all state information for one tunnel.
Definition: openvpn.h:476
es
struct env_set * es
Definition: test_pkcs11.c:133
man_connection::sd_top
socket_descriptor_t sd_top
Definition: manage.h:282
management_up_down
void management_up_down(struct management *man, const char *updown, const struct env_set *es)
Definition: manage.c:2878
management_notify
void management_notify(struct management *man, const char *severity, const char *type, const char *text)
Definition: manage.c:2888
management_callback::flags
unsigned int flags
Definition: manage.h:178
man_connection::in_extra_cmd
int in_extra_cmd
Definition: manage.h:303
management_echo
void management_echo(struct management *man, const char *string, const bool pull)
Definition: manage.c:3015
man_connection::log_realtime
bool log_realtime
Definition: manage.h:319
man_persist::special_state_msg
const char * special_state_msg
Definition: manage.h:238
man_persist::state
struct log_history * state
Definition: manage.h:234
log_entry::u
union log_entry_union u
Definition: manage.h:116
man_connection::ne32
struct net_event_win32 ne32
Definition: manage.h:287
management_callback::remote_cmd
bool(* remote_cmd)(void *arg, const char **p)
Definition: manage.h:202
management_set_state
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local_addr, const struct openvpn_sockaddr *remote_addr)
Definition: manage.c:2737
management_callback::kill_by_cn
int(* kill_by_cn)(void *arg, const char *common_name)
Definition: manage.h:182
man_connection::remote
struct openvpn_sockaddr remote
Definition: manage.h:284
man_connection::sd_cli
socket_descriptor_t sd_cli
Definition: manage.h:283
MF_QUERY_REMOTE
#define MF_QUERY_REMOTE
Definition: manage.h:41
DAF_CONNECTION_CLOSED
#define DAF_CONNECTION_CLOSED
Definition: manage.h:68
man_settings::state_buffer_size
int state_buffer_size
Definition: manage.h:255
openvpn_sockaddr
Definition: socket.h:65
management_check_bytecount
void management_check_bytecount(struct context *c, struct management *man, struct timeval *timeval)
Definition: manage.c:4138
command_line::buf
struct buffer buf
Definition: manage.h:82
log_entry_print
const char * log_entry_print(const struct log_entry *e, unsigned int flags, struct gc_arena *gc)
Definition: manage.c:3939
man_connection::in
struct command_line * in
Definition: manage.h:294
MCF_SERVER
#define MCF_SERVER
Definition: manage.h:177
man_connection::in_extra_kid
unsigned int in_extra_kid
Definition: manage.h:306
man_settings::client_uid
int client_uid
Definition: manage.h:256
man_connection::password_verified
bool password_verified
Definition: manage.h:291
net_event_win32
Definition: win32.h:105
man_persist::defined
bool defined
Definition: manage.h:225
MF_CLIENT_AUTH
#define MF_CLIENT_AUTH
Definition: manage.h:34
man_persist::bytes_out
counter_type bytes_out
Definition: manage.h:241
log_entry::timestamp
time_t timestamp
Definition: manage.h:110
MF_QUERY_PROXY
#define MF_QUERY_PROXY
Definition: manage.h:42
management_notify_client_cr_response
void management_notify_client_cr_response(unsigned mda_key_id, const struct man_def_auth_context *mdac, const struct env_set *es, const char *response)
Definition: manage.c:2951
log_entry::local_ip6
struct in6_addr local_ip6
Definition: manage.h:113
man_connection
Definition: manage.h:279
man_def_auth_context
Definition: manage.h:64
man_persist::log
struct log_history * log
Definition: manage.h:227
command_line_reset
void command_line_reset(struct command_line *cl)
Definition: manage.c:3875
management_notify_generic
void management_notify_generic(struct management *man, const char *str)
Definition: manage.c:2894
MS_CC_WAIT_READ
#define MS_CC_WAIT_READ
Definition: manage.h:276
log_history::capacity
int capacity
Definition: manage.h:143
management_sleep
void management_sleep(const int n)
A sleep function that services the management layer for n seconds rather than doing nothing.
Definition: manage.c:4114
management_open
bool management_open(struct management *man, const char *addr, const char *port, const char *pass_file, const char *client_user, const char *client_group, const int log_history_cache, const int echo_buffer_size, const int state_buffer_size, const int remap_sigusr1, const unsigned int flags)
Definition: manage.c:2655
log_entry::local_ip
in_addr_t local_ip
Definition: manage.h:112
counter_type
uint64_t counter_type
Definition: common.h:30
man_connection::client_version
int client_version
Definition: manage.h:332
command_line_free
void command_line_free(struct command_line *cl)
Definition: manage.c:3882
man_settings
Definition: manage.h:244
man_def_auth_context::flags
unsigned int flags
Definition: manage.h:70
management_callback::kill_by_cid
bool(* kill_by_cid)(void *arg, const unsigned long cid, const char *kill_msg)
Definition: manage.h:187
man_settings::client_gid
int client_gid
Definition: manage.h:257
man_connection::ext_cert_input
struct buffer_list * ext_cert_input
Definition: manage.h:314
log_entry_union
Definition: manage.h:102
command_line_get
const char * command_line_get(struct command_line *cl)
Definition: manage.c:3911
man_persist::standalone_disabled
bool standalone_disabled
Definition: manage.h:230
management_should_daemonize
bool management_should_daemonize(struct management *man)
Definition: manage.c:3803
MF_QUERY_PASSWORDS
#define MF_QUERY_PASSWORDS
Definition: manage.h:29
misc.h
log_history_add
void log_history_add(struct log_history *h, const struct log_entry *le)
Definition: manage.c:4059
man_settings::management_over_tunnel
bool management_over_tunnel
Definition: manage.h:251
man_connection::in_extra
struct buffer_list * in_extra
Definition: manage.h:304
man_bytecount_output_server
void man_bytecount_output_server(const counter_type *bytes_in_total, const counter_type *bytes_out_total, struct man_def_auth_context *mdac)
Definition: manage.c:524
man_connection::env_filter_level
int env_filter_level
Definition: manage.h:316
management_connected
static bool management_connected(const struct management *man)
Definition: manage.h:436
man_connection::state
int state
Definition: manage.h:280
management_callback::remote_entry_count
unsigned int(* remote_entry_count)(void *arg)
Definition: manage.h:206
log_history::size
int size
Definition: manage.h:142
status_output
Definition: status.h:48
management_callback::show_net
void(* show_net)(void *arg, const int msglevel)
Definition: manage.h:181
management_callback::arg
void * arg
Definition: manage.h:175
management_enable_def_auth
static bool management_enable_def_auth(const struct management *man)
Definition: manage.h:461
man_persist_client_stats
void man_persist_client_stats(struct management *man, struct context *c)
Definition: manage.c:4164
buffer
Wrapper structure for dynamically allocated memory.
Definition: buffer.h:60
virtual_output
Definition: status.h:32
man_settings::local
struct addrinfo * local
Definition: manage.h:247
log_history_ref
const struct log_entry * log_history_ref(const struct log_history *h, const int index)
Definition: manage.c:4101
man_connection::bytecount_update_seconds
int bytecount_update_seconds
Definition: manage.h:321
log_history_capacity
static int log_history_capacity(const struct log_history *h)
Definition: manage.h:164
event.h
management_query_user_pass_enabled
static bool management_query_user_pass_enabled(const struct management *man)
Definition: manage.h:442
log_history_close
void log_history_close(struct log_history *h)
Definition: manage.c:4052
management_callback::client_pending_auth
bool(* client_pending_auth)(void *arg, const unsigned long cid, const unsigned int kid, const char *extra, unsigned int timeout)
Definition: manage.h:195
log_history::array
struct log_entry * array
Definition: manage.h:144
management_callback::status
void(* status)(void *arg, const int version, struct status_output *so)
Definition: manage.h:180
log_entry_union::intval
int intval
Definition: manage.h:105
man_persist::bytes_in
counter_type bytes_in
Definition: manage.h:240
mroute_addr
Definition: mroute.h:75
log_history_init
struct log_history * log_history_init(const int capacity)
Definition: manage.c:4031
command_line_next
void command_line_next(struct command_line *cl)
Definition: manage.c:3927
man_connection::ext_key_state
int ext_key_state
Definition: manage.h:311
DAF_CONNECTION_ESTABLISHED
#define DAF_CONNECTION_ESTABLISHED
Definition: manage.h:67
man_settings::up
struct user_pass up
Definition: manage.h:252
man_connection::ext_key_input
struct buffer_list * ext_key_input
Definition: manage.h:312
management_bytes_server
static void management_bytes_server(struct management *man, const counter_type *bytes_in_total, const counter_type *bytes_out_total, struct man_def_auth_context *mdac)
Definition: manage.h:541
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
management_callback::remote_entry_get
bool(* remote_entry_get)(void *arg, unsigned int index, char **remote)
Definition: manage.h:207
management_close
void management_close(struct management *man)
Definition: manage.c:2710
management_event_loop_n_seconds
void management_event_loop_n_seconds(struct management *man, int sec)
Definition: manage.c:3430
management_query_pk_sig
char * management_query_pk_sig(struct management *man, const char *b64_data, const char *algorithm)
Definition: manage.c:3747
log_entry
Definition: manage.h:108
env_set
Definition: env_set.h:42
mroute.h
management_hold
bool management_hold(struct management *man, int holdtime)
Definition: manage.c:3813
management_init
struct management * management_init(void)
Definition: manage.c:2639
man_settings::log_history_cache
int log_history_cache
Definition: manage.h:253
socket_descriptor_t
SOCKET socket_descriptor_t
Definition: syshead.h:429
man_def_auth_context::cid
unsigned long cid
Definition: manage.h:65
man_connection::es
struct event_set * es
Definition: manage.h:315
management_auth_failure
void management_auth_failure(struct management *man, const char *type, const char *reason)
Definition: manage.c:3080
management_callback::send_cc_message
bool(* send_cc_message)(void *arg, const char *message, const char *parameter)
Definition: manage.h:186
event_set
Definition: event.h:124
management_set_callback
void management_set_callback(struct management *man, const struct management_callback *cb)
Definition: manage.c:2720
management_bytes_client
static void management_bytes_client(struct management *man, const int size_in, const int size_out)
Definition: manage.h:524
management_query_proxy_enabled
static bool management_query_proxy_enabled(const struct management *man)
Definition: manage.h:454
man_persist::callback
struct management_callback callback
Definition: manage.h:231
buf_len
static int buf_len(const struct buffer *buf)
Definition: buffer.h:253
management
struct management * management
Definition: manage.c:63
man_def_auth_context::mda_key_id_counter
unsigned int mda_key_id_counter
Definition: manage.h:72
man_settings::echo_buffer_size
int echo_buffer_size
Definition: manage.h:254
management_callback::proxy_cmd
bool(* proxy_cmd)(void *arg, const char **p)
Definition: manage.h:201
management_query_cert
char * management_query_cert(struct management *man, const char *cert_name)
Definition: manage.c:3774
man_connection::ext_cert_state
int ext_cert_state
Definition: manage.h:313
man_connection::halt
bool halt
Definition: manage.h:290
man_connection::up_query
struct user_pass up_query
Definition: manage.h:326
management
Definition: manage.h:335
command_line_new
struct command_line * command_line_new(const int buf_len)
Definition: manage.c:3865
MS_CC_WAIT_WRITE
#define MS_CC_WAIT_WRITE
Definition: manage.h:277
man_settings::defined
bool defined
Definition: manage.h:245
rw_handle
Definition: win32.h:77
socket.h
man_persist::hold_release
bool hold_release
Definition: manage.h:236
now
time_t now
Definition: otime.c:34
man_connection::password_tries
int password_tries
Definition: manage.h:292
log_entry::local_sock
struct openvpn_sockaddr local_sock
Definition: manage.h:114
management_clear_callback
void management_clear_callback(struct management *man)
Definition: manage.c:2728
management_learn_addr
void management_learn_addr(struct management *management, struct man_def_auth_context *mdac, const struct mroute_addr *addr, const bool primary)
Definition: manage.c:2998
man_persist::echo
struct log_history * echo
Definition: manage.h:233
management_post_tunnel_open
void management_post_tunnel_open(struct management *man, const in_addr_t tun_local_ip)
Definition: manage.c:3046
management_notify_client_close
void management_notify_client_close(struct management *management, struct man_def_auth_context *mdac, const struct env_set *es)
Definition: manage.c:2985
management_io
void management_io(struct management *man)
Definition: manage.c:3155
event_timeout
Definition: interval.h:136
management_callback::kill_by_addr
int(* kill_by_addr)(void *arg, const in_addr_t addr, const int port)
Definition: manage.h:183
man_persist::vout
struct virtual_output vout
Definition: manage.h:228
management_connection_established
void management_connection_established(struct management *management, struct man_def_auth_context *mdac, const struct env_set *es)
Definition: manage.c:2974
man_connection::in_extra_cid
unsigned long in_extra_cid
Definition: manage.h:305
man_connection::state_realtime
bool state_realtime
Definition: manage.h:318
man_connection::up_query_type
const char * up_query_type
Definition: manage.h:324
log_entry::string
const char * string
Definition: manage.h:111
man_def_auth_context::bytecount_last_update
time_t bytecount_last_update
Definition: manage.h:74
log_history_size
static int log_history_size(const struct log_history *h)
Definition: manage.h:158
user_pass
Definition: misc.h:56
management_callback::delete_event
void(* delete_event)(void *arg, event_t event)
Definition: manage.h:184
command_line::residual
struct buffer residual
Definition: manage.h:83
management_query_user_pass
bool management_query_user_pass(struct management *man, struct user_pass *up, const char *type, const unsigned int flags, const char *static_challenge)
Definition: manage.c:3482
management_callback
Definition: manage.h:173
buffer_list
Definition: buffer.h:1126
log_history_resize
void log_history_resize(struct log_history *h, const int capacity)
Definition: manage.c:4080
man_connection::bytecount_update_interval
struct event_timeout bytecount_update_interval
Definition: manage.h:322
msg
#define msg(flags,...)
Definition: error.h:150
management_pre_tunnel_close
void management_pre_tunnel_close(struct management *man)
Definition: manage.c:3071
management_socket_set
void management_socket_set(struct management *man, struct event_set *es, void *arg, unsigned int *persistent)
Definition: manage.c:3115
management_query_remote_enabled
static bool management_query_remote_enabled(const struct management *man)
Definition: manage.h:448
BOOL_CAST
#define BOOL_CAST(x)
Definition: basic.h:27
man_settings::flags
unsigned int flags
Definition: manage.h:246
management_callback::n_clients
int(* n_clients)(void *arg)
Definition: manage.h:185
log_entry_union::msg_flags
unsigned int msg_flags
Definition: manage.h:103
management_would_hold
bool management_would_hold(struct management *man)
Definition: manage.c:3793
management::persist
struct man_persist persist
Definition: manage.h:337
management::connection
struct man_connection connection
Definition: manage.h:339
management_auth_token
void management_auth_token(struct management *man, const char *token)
Definition: manage.c:3093
command_line
Definition: manage.h:80