OpenVPN
openvpn-plugin.h
Go to the documentation of this file.
1/* include/openvpn-plugin.h. Generated from openvpn-plugin.h.in by configure. */
2/*
3 * OpenVPN -- An application to securely tunnel IP networks
4 * over a single TCP/UDP port, with support for SSL/TLS-based
5 * session authentication and key exchange,
6 * packet encryption, packet authentication, and
7 * packet compression.
8 *
9 * Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net>
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2
13 * as published by the Free Software Foundation.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
24
25#ifndef OPENVPN_PLUGIN_H_
26#define OPENVPN_PLUGIN_H_
27
28#define OPENVPN_PLUGIN_VERSION 3
29
30#ifdef ENABLE_CRYPTO_MBEDTLS
31#include <mbedtls/x509_crt.h>
32#ifndef __OPENVPN_X509_CERT_T_DECLARED
33#define __OPENVPN_X509_CERT_T_DECLARED
34typedef mbedtls_x509_crt openvpn_x509_cert_t;
35#endif
36#else /* ifdef ENABLE_CRYPTO_MBEDTLS */
37#include <openssl/x509.h>
38#ifndef __OPENVPN_X509_CERT_T_DECLARED
39#define __OPENVPN_X509_CERT_T_DECLARED
41#endif
42#endif
43
44#include <stdarg.h>
45#include <stddef.h>
46
47#ifdef __cplusplus
48extern "C" {
49#endif
50
51/* Provide some basic version information to plug-ins at OpenVPN compile time
52 * This is will not be the complete version
53 */
54#define OPENVPN_VERSION_MAJOR 2
55#define OPENVPN_VERSION_MINOR 6
56#define OPENVPN_VERSION_PATCH "_git"
57
58/*
59 * Plug-in types. These types correspond to the set of script callbacks
60 * supported by OpenVPN.
61 *
62 * This is the general call sequence to expect when running in server mode:
63 *
64 * Initial Server Startup:
65 *
66 * FUNC: openvpn_plugin_open_v1
67 * FUNC: openvpn_plugin_client_constructor_v1 (this is the top-level "generic"
68 * client template)
69 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_UP
70 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_ROUTE_UP
71 *
72 * New Client Connection:
73 *
74 * FUNC: openvpn_plugin_client_constructor_v1
75 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_VERIFY (called once for every cert
76 * in the server chain)
77 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
78 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_FINAL
79 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_IPCHANGE
80 *
81 * [If OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY returned OPENVPN_PLUGIN_FUNC_DEFERRED,
82 * we don't proceed until authentication is verified via auth_control_file]
83 *
84 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_CLIENT_CONNECT_V2
85 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_LEARN_ADDRESS
86 *
87 * [Client session ensues]
88 *
89 * For each "TLS soft reset", according to reneg-sec option (or similar):
90 *
91 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_VERIFY (called once for every cert
92 * in the server chain)
93 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
94 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_FINAL
95 *
96 * [If OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY returned OPENVPN_PLUGIN_FUNC_DEFERRED,
97 * we expect that authentication is verified via auth_control_file within
98 * the number of seconds defined by the "hand-window" option. Data channel traffic
99 * will continue to flow uninterrupted during this period.]
100 *
101 * [Client session continues]
102 *
103 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_CLIENT_DISCONNECT
104 * FUNC: openvpn_plugin_client_destructor_v1
105 *
106 * [ some time may pass ]
107 *
108 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_LEARN_ADDRESS (this coincides with a
109 * lazy free of initial
110 * learned addr object)
111 * Server Shutdown:
112 *
113 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_DOWN
114 * FUNC: openvpn_plugin_client_destructor_v1 (top-level "generic" client)
115 * FUNC: openvpn_plugin_close_v1
116 */
117#define OPENVPN_PLUGIN_UP 0
118#define OPENVPN_PLUGIN_DOWN 1
119#define OPENVPN_PLUGIN_ROUTE_UP 2
120#define OPENVPN_PLUGIN_IPCHANGE 3
121#define OPENVPN_PLUGIN_TLS_VERIFY 4
122#define OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY 5
123#define OPENVPN_PLUGIN_CLIENT_CONNECT 6
124#define OPENVPN_PLUGIN_CLIENT_DISCONNECT 7
125#define OPENVPN_PLUGIN_LEARN_ADDRESS 8
126#define OPENVPN_PLUGIN_CLIENT_CONNECT_V2 9
127#define OPENVPN_PLUGIN_TLS_FINAL 10
128/*#define OPENVPN_PLUGIN_ENABLE_PF 11 *REMOVED FEATURE* */
129#define OPENVPN_PLUGIN_ROUTE_PREDOWN 12
130#define OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER 13
131#define OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2 14
132#define OPENVPN_PLUGIN_N 15
133
134/*
135 * Build a mask out of a set of plug-in types.
136 */
137#define OPENVPN_PLUGIN_MASK(x) (1<<(x))
138
139/*
140 * A pointer to a plugin-defined object which contains
141 * the object state.
142 */
144
145/*
146 * Return value for openvpn_plugin_func_v1 function
147 */
148#define OPENVPN_PLUGIN_FUNC_SUCCESS 0
149#define OPENVPN_PLUGIN_FUNC_ERROR 1
150#define OPENVPN_PLUGIN_FUNC_DEFERRED 2
151
152/*
153 * For Windows (needs to be modified for MSVC)
154 */
155#if defined(_WIN32) && !defined(OPENVPN_PLUGIN_H)
156#define OPENVPN_EXPORT __declspec(dllexport)
157#else
158#define OPENVPN_EXPORT
159#endif
160
161/*
162 * If OPENVPN_PLUGIN_H is defined, we know that we are being
163 * included in an OpenVPN compile, rather than a plugin compile.
164 */
165#ifdef OPENVPN_PLUGIN_H
166
167/*
168 * We are compiling OpenVPN.
169 */
170#define OPENVPN_PLUGIN_DEF typedef
171#define OPENVPN_PLUGIN_FUNC(name) (*name)
172
173#else /* ifdef OPENVPN_PLUGIN_H */
174
175/*
176 * We are compiling plugin.
177 */
178#define OPENVPN_PLUGIN_DEF OPENVPN_EXPORT
179#define OPENVPN_PLUGIN_FUNC(name) name
180
181#endif
182
183/*
184 * Used by openvpn_plugin_func to return structured
185 * data. The plugin should allocate all structure
186 * instances, name strings, and value strings with
187 * malloc, since OpenVPN will assume that it
188 * can free the list by calling free() over the same.
189 */
196
197
198/* openvpn_plugin_{open,func}_v3() related structs */
199
226#define OPENVPN_PLUGINv3_STRUCTVER 5
227
231typedef enum
232{
233 PLOG_ERR = (1 << 0),/* Error condition message */
234 PLOG_WARN = (1 << 1),/* General warning message */
235 PLOG_NOTE = (1 << 2),/* Informational message */
236 PLOG_DEBUG = (1 << 3),/* Debug message, displayed if verb >= 7 */
237
238 PLOG_ERRNO = (1 << 8),/* Add error description to message */
239 PLOG_NOMUTE = (1 << 9), /* Mute setting does not apply for message */
240
242
243
244#ifdef __GNUC__
245#if __USE_MINGW_ANSI_STDIO
246#define _ovpn_chk_fmt(a, b) __attribute__ ((format(gnu_printf, (a), (b))))
247#else
248#define _ovpn_chk_fmt(a, b) __attribute__ ((format(__printf__, (a), (b))))
249#endif
250#else /* ifdef __GNUC__ */
251#define _ovpn_chk_fmt(a, b)
252#endif
253
255 const char *plugin_name,
256 const char *format, ...) _ovpn_chk_fmt (3, 4);
257
259 const char *plugin_name,
260 const char *format,
261 va_list arglist) _ovpn_chk_fmt (3, 0);
262/* #undef _ovpn_chk_fmt */
263
271typedef void (*plugin_secure_memzero_t)(void *data, size_t len);
272
285typedef int (*plugin_base64_encode_t)(const void *data, int size, char **str);
286
298typedef int (*plugin_base64_decode_t)(const char *str, void *data, int size);
299
300
325
337
360{
361 const int type_mask;
362 const char **const argv;
363 const char **const envp;
366 const char *ovpn_version;
367 const unsigned int ovpn_version_major;
368 const unsigned int ovpn_version_minor;
369 const char *const ovpn_version_patch;
370};
371
372
400
439
440
456
457/*
458 * Multiple plugin modules can be cascaded, and modules can be
459 * used in tandem with scripts. The order of operation is that
460 * the module func() functions are called in the order that
461 * the modules were specified in the config file. If a script
462 * was specified as well, it will be called last. If the
463 * return code of the module/script controls an authentication
464 * function (such as tls-verify or auth-user-pass-verify), then
465 * every module and script must return success (0) in order for
466 * the connection to be authenticated.
467 *
468 * Notes:
469 *
470 * Plugins which use a privilege-separation model (by forking in
471 * their initialization function before the main OpenVPN process
472 * downgrades root privileges and/or executes a chroot) must
473 * daemonize after a fork if the "daemon" environmental variable is
474 * set. In addition, if the "daemon_log_redirect" variable is set,
475 * the plugin should preserve stdout/stderr across the daemon()
476 * syscall. See the daemonize() function in plugin/auth-pam/auth-pam.c
477 * for an example.
478 */
479
480/*
481 * Prototypes for functions which OpenVPN plug-ins must define.
482 */
483
484/*
485 * FUNCTION: openvpn_plugin_open_v2
486 *
487 * REQUIRED: YES
488 *
489 * Called on initial plug-in load. OpenVPN will preserve plug-in state
490 * across SIGUSR1 restarts but not across SIGHUP restarts. A SIGHUP reset
491 * will cause the plugin to be closed and reopened.
492 *
493 * ARGUMENTS
494 *
495 * *type_mask : Set by OpenVPN to the logical OR of all script
496 * types which this version of OpenVPN supports. The plug-in
497 * should set this value to the logical OR of all script types
498 * which the plug-in wants to intercept. For example, if the
499 * script wants to intercept the client-connect and
500 * client-disconnect script types:
501 *
502 * *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT)
503 * | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
504 *
505 * argv : a NULL-terminated array of options provided to the OpenVPN
506 * "plug-in" directive. argv[0] is the dynamic library pathname.
507 *
508 * envp : a NULL-terminated array of OpenVPN-set environmental
509 * variables in "name=value" format. Note that for security reasons,
510 * these variables are not actually written to the "official"
511 * environmental variable store of the process.
512 *
513 * return_list : used to return data back to OpenVPN.
514 *
515 * RETURN VALUE
516 *
517 * An openvpn_plugin_handle_t value on success, NULL on failure
518 */
520 (unsigned int *type_mask,
521 const char *argv[],
522 const char *envp[],
523 struct openvpn_plugin_string_list **return_list);
524
525/*
526 * FUNCTION: openvpn_plugin_func_v2
527 *
528 * Called to perform the work of a given script type.
529 *
530 * REQUIRED: YES
531 *
532 * ARGUMENTS
533 *
534 * handle : the openvpn_plugin_handle_t value which was returned by
535 * openvpn_plugin_open.
536 *
537 * type : one of the PLUGIN_x types
538 *
539 * argv : a NULL-terminated array of "command line" options which
540 * would normally be passed to the script. argv[0] is the dynamic
541 * library pathname.
542 *
543 * envp : a NULL-terminated array of OpenVPN-set environmental
544 * variables in "name=value" format. Note that for security reasons,
545 * these variables are not actually written to the "official"
546 * environmental variable store of the process.
547 *
548 * per_client_context : the per-client context pointer which was returned by
549 * openvpn_plugin_client_constructor_v1, if defined.
550 *
551 * return_list : used to return data back to OpenVPN.
552 *
553 * RETURN VALUE
554 *
555 * OPENVPN_PLUGIN_FUNC_SUCCESS on success, OPENVPN_PLUGIN_FUNC_ERROR on failure
556 *
557 * In addition, OPENVPN_PLUGIN_FUNC_DEFERRED may be returned by
558 * OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY, OPENVPN_PLUGIN_CLIENT_CONNECT and
559 * OPENVPN_PLUGIN_CLIENT_CONNECT_V2. This enables asynchronous
560 * authentication or client connect where the plugin (or one of its agents)
561 * may indicate authentication success/failure or client configuration some
562 * number of seconds after the return of the function handler.
563 * For OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY and OPENVPN_PLUGIN_CLIENT_CONNECT
564 * this is done by writing a single char to the file named by
565 * auth_control_file/client_connect_deferred_file
566 * in the environmental variable list (envp).
567 *
568 * Additionally the auth_pending_file can be written, which causes the openvpn
569 * server to send a pending auth request to the client. See doc/management.txt
570 * for more details on this authentication mechanism. The format of the
571 * auth_pending_file is
572 * line 1: timeout in seconds
573 * line 2: Pending auth method the client needs to support (e.g. openurl)
574 * line 3: EXTRA (e.g. WEBAUTH::http://www.example.com)
575 *
576 * In addition the OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER and
577 * OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2 are called when OpenVPN tries to
578 * get the deferred result. For a V2 call implementing this function is
579 * required as information is not passed by files. For the normal version
580 * the call is optional.
581 *
582 * first char of auth_control_file:
583 * '0' -- indicates auth failure
584 * '1' -- indicates auth success
585 *
586 * OpenVPN will delete the auth_control_file after it goes out of scope.
587 *
588 * See sample/sample-plugins/defer/multi-auth.c for an example on using
589 * asynchronous authentication.
590 */
593 const int type,
594 const char *argv[],
595 const char *envp[],
596 void *per_client_context,
597 struct openvpn_plugin_string_list **return_list);
598
599
600/*
601 * FUNCTION: openvpn_plugin_open_v3
602 *
603 * REQUIRED: YES
604 *
605 * Called on initial plug-in load. OpenVPN will preserve plug-in state
606 * across SIGUSR1 restarts but not across SIGHUP restarts. A SIGHUP reset
607 * will cause the plugin to be closed and reopened.
608 *
609 * ARGUMENTS
610 *
611 * version : fixed value, defines the API version of the OpenVPN plug-in API. The plug-in
612 * should validate that this value is matching the OPENVPN_PLUGINv3_STRUCTVER
613 * value.
614 *
615 * arguments : Structure with all arguments available to the plug-in.
616 *
617 * retptr : used to return data back to OpenVPN.
618 *
619 * RETURN VALUE
620 *
621 * OPENVPN_PLUGIN_FUNC_SUCCESS on success, OPENVPN_PLUGIN_FUNC_ERROR on failure
622 */
624 (const int version,
625 struct openvpn_plugin_args_open_in const *arguments,
626 struct openvpn_plugin_args_open_return *retptr);
627
628/*
629 * FUNCTION: openvpn_plugin_func_v3
630 *
631 * Called to perform the work of a given script type.
632 *
633 * REQUIRED: YES
634 *
635 * ARGUMENTS
636 *
637 * version : fixed value, defines the API version of the OpenVPN plug-in API. The plug-in
638 * should validate that this value is matching the OPENVPN_PLUGINv3_STRUCTVER
639 * value.
640 *
641 * arguments : Structure with all arguments available to the plug-in.
642 *
643 * retptr : used to return data back to OpenVPN.
644 *
645 * RETURN VALUE
646 *
647 * OPENVPN_PLUGIN_FUNC_SUCCESS on success, OPENVPN_PLUGIN_FUNC_ERROR on failure
648 *
649 * In addition, OPENVPN_PLUGIN_FUNC_DEFERRED may be returned by
650 * OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY. This enables asynchronous
651 * authentication where the plugin (or one of its agents) may indicate
652 * authentication success/failure some number of seconds after the return
653 * of the OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY handler by writing a single
654 * char to the file named by auth_control_file in the environmental variable
655 * list (envp).
656 *
657 * first char of auth_control_file:
658 * '0' -- indicates auth failure
659 * '1' -- indicates auth success
660 *
661 * OpenVPN will delete the auth_control_file after it goes out of scope.
662 *
663 * See sample/sample-plugins/defer/simple.c for an example on using
664 * asynchronous authentication.
665 */
667 (const int version,
668 struct openvpn_plugin_args_func_in const *arguments,
669 struct openvpn_plugin_args_func_return *retptr);
670
671/*
672 * FUNCTION: openvpn_plugin_close_v1
673 *
674 * REQUIRED: YES
675 *
676 * ARGUMENTS
677 *
678 * handle : the openvpn_plugin_handle_t value which was returned by
679 * openvpn_plugin_open.
680 *
681 * Called immediately prior to plug-in unload.
682 */
685
686/*
687 * FUNCTION: openvpn_plugin_abort_v1
688 *
689 * REQUIRED: NO
690 *
691 * ARGUMENTS
692 *
693 * handle : the openvpn_plugin_handle_t value which was returned by
694 * openvpn_plugin_open.
695 *
696 * Called when OpenVPN is in the process of aborting due to a fatal error.
697 * Will only be called on an open context returned by a prior successful
698 * openvpn_plugin_open callback.
699 */
702
703/*
704 * FUNCTION: openvpn_plugin_client_constructor_v1
705 *
706 * Called to allocate a per-client memory region, which
707 * is then passed to the openvpn_plugin_func_v2 function.
708 * This function is called every time the OpenVPN server
709 * constructs a client instance object, which normally
710 * occurs when a session-initiating packet is received
711 * by a new client, even before the client has authenticated.
712 *
713 * This function should allocate the private memory needed
714 * by the plugin to track individual OpenVPN clients, and
715 * return a void * to this memory region.
716 *
717 * REQUIRED: NO
718 *
719 * ARGUMENTS
720 *
721 * handle : the openvpn_plugin_handle_t value which was returned by
722 * openvpn_plugin_open.
723 *
724 * RETURN VALUE
725 *
726 * void * pointer to plugin's private per-client memory region, or NULL
727 * if no memory region is required.
728 */
731
732/*
733 * FUNCTION: openvpn_plugin_client_destructor_v1
734 *
735 * This function is called on client instance object destruction.
736 *
737 * REQUIRED: NO
738 *
739 * ARGUMENTS
740 *
741 * handle : the openvpn_plugin_handle_t value which was returned by
742 * openvpn_plugin_open.
743 *
744 * per_client_context : the per-client context pointer which was returned by
745 * openvpn_plugin_client_constructor_v1, if defined.
746 */
748 (openvpn_plugin_handle_t handle, void *per_client_context);
749
750/*
751 * FUNCTION: openvpn_plugin_select_initialization_point_v1
752 *
753 * Several different points exist in OpenVPN's initialization sequence where
754 * the openvpn_plugin_open function can be called. While the default is
755 * OPENVPN_PLUGIN_INIT_PRE_DAEMON, this function can be used to select a
756 * different initialization point. For example, if your plugin needs to
757 * return configuration parameters to OpenVPN, use
758 * OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE.
759 *
760 * REQUIRED: NO
761 *
762 * RETURN VALUE:
763 *
764 * An OPENVPN_PLUGIN_INIT_x value.
765 */
766#define OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE 1
767#define OPENVPN_PLUGIN_INIT_PRE_DAEMON 2 /* default */
768#define OPENVPN_PLUGIN_INIT_POST_DAEMON 3
769#define OPENVPN_PLUGIN_INIT_POST_UID_CHANGE 4
770
772 (void);
773
774/*
775 * FUNCTION: openvpn_plugin_min_version_required_v1
776 *
777 * This function is called by OpenVPN to query the minimum
778 * plugin interface version number required by the plugin.
779 *
780 * REQUIRED: NO
781 *
782 * RETURN VALUE
783 *
784 * The minimum OpenVPN plugin interface version number necessary to support
785 * this plugin.
786 */
788 (void);
789
790/*
791 * Deprecated functions which are still supported for backward compatibility.
792 */
793
795 (unsigned int *type_mask,
796 const char *argv[],
797 const char *envp[]);
798
800 (openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]);
801
802#ifdef __cplusplus
803}
804#endif
805
806#endif /* OPENVPN_PLUGIN_H_ */
openvpn_plugin_log_flags_t
Definitions needed for the plug-in callback functions.
@ PLOG_NOTE
@ PLOG_NOMUTE
@ PLOG_ERRNO
@ PLOG_ERR
@ PLOG_WARN
@ PLOG_DEBUG
#define OPENVPN_PLUGIN_FUNC(name)
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *arguments, struct openvpn_plugin_args_func_return *retptr)
Definition multi-auth.c:382
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_func_v2(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[], void *per_client_context, struct openvpn_plugin_string_list **return_list)
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC() openvpn_plugin_abort_v1(openvpn_plugin_handle_t handle)
Definition auth-pam.c:631
#define OPENVPN_PLUGIN_DEF
void * openvpn_plugin_handle_t
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_select_initialization_point_v1(void)
ovpnSSLAPI
Used by the openvpn_plugin_open_v3() function to indicate to the plug-in what kind of SSL implementat...
@ SSLAPI_OPENSSL
@ SSLAPI_MBEDTLS
@ SSLAPI_NONE
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_open_v3(const int version, struct openvpn_plugin_args_open_in const *arguments, struct openvpn_plugin_args_open_return *retptr)
This function is called when OpenVPN loads the plug-in.
#define _ovpn_chk_fmt(a, b)
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_min_version_required_v1(void)
Definition multi-auth.c:173
OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC() openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[])
Definition log.c:73
int(* plugin_base64_encode_t)(const void *data, int size, char **str)
Export of openvpn_base64_encode() to be used inside plug-ins.
X509 openvpn_x509_cert_t
void(* plugin_log_t)(openvpn_plugin_log_flags_t flags, const char *plugin_name, const char *format,...) _ovpn_chk_fmt(3
OPENVPN_PLUGIN_DEF void *OPENVPN_PLUGIN_FUNC() openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC() openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
This cleans up the last part of the plug-in, allows it to shut down cleanly and release the plug-in g...
OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC() openvpn_plugin_open_v2(unsigned int *type_mask, const char *argv[], const char *envp[], struct openvpn_plugin_string_list **return_list)
void(*) typedef void(*) typedef void(* plugin_secure_memzero_t)(void *data, size_t len)
Export of secure_memzero() to be used inside plug-ins.
void(*) typedef void(* plugin_vlog_t)(openvpn_plugin_log_flags_t flags, const char *plugin_name, const char *format, va_list arglist) _ovpn_chk_fmt(3
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC() openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *per_client_context)
int(* plugin_base64_decode_t)(const char *str, void *data, int size)
Export of openvpn_base64_decode() to be used inside plug-ins.
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC() openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
This function is called by OpenVPN each time the OpenVPN reaches a point where plug-in calls should h...
Definition log.c:176
Definition argv.h:35
Arguments used to transport variables to and from the plug-in.
openvpn_x509_cert_t * current_cert
openvpn_plugin_handle_t handle
Arguments used to transport variables to and from the plug-in.
struct openvpn_plugin_string_list ** return_list
Arguments used to transport variables to the plug-in.
const char *const ovpn_version_patch
const unsigned int ovpn_version_major
const unsigned int ovpn_version_minor
struct openvpn_plugin_callbacks * callbacks
Arguments used to transport variables from the plug-in back to the OpenVPN process.
openvpn_plugin_handle_t handle
struct openvpn_plugin_string_list ** return_list
Used by the openvpn_plugin_open_v3() function to pass callback function pointers to the plug-in.
plugin_base64_encode_t plugin_base64_encode
plugin_base64_decode_t plugin_base64_decode
plugin_secure_memzero_t plugin_secure_memzero
struct openvpn_plugin_string_list * next