doxygen/openvpn_8c_source.html

/*

 *  OpenVPN -- An application to securely tunnel IP networks

 *             over a single TCP/UDP port, with support for SSL/TLS-based

 *             session authentication and key exchange,

 *             packet encryption, packet authentication, and

 *             packet compression.

 *

 *  Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License version 2

 *  as published by the Free Software Foundation.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License along

 *  with this program; if not, write to the Free Software Foundation, Inc.,

 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

 */


#ifdef HAVE_CONFIG_H

#include "config.h"

#endif


#include "syshead.h"


#include "init.h"

#include "forward.h"

#include "multi.h"

#include "win32.h"

#include "platform.h"


#include "memdbg.h"


#define P2P_CHECK_SIG() EVENT_LOOP_CHECK_SIGNAL(c, process_signal_p2p, c);


static bool

process_signal_p2p(struct context *c)

{

    remap_signal(c);

    return process_signal(c);

}


/**************************************************************************/

static void

tunnel_point_to_point(struct context *c)

{

    context_clear_2(c);


    /* set point-to-point mode */

    c->mode = CM_P2P;


    /* initialize tunnel instance */

    init_instance_handle_signals(c, c->es, CC_HARD_USR1_TO_HUP);

    if (IS_SIG(c))

    {

        return;

    }


    /* main event loop */

    while (true)

    {

        perf_push(PERF_EVENT_LOOP);


        /* process timers, TLS, etc. */

        pre_select(c);

        P2P_CHECK_SIG();


        /* set up and do the I/O wait */

        io_wait(c, p2p_iow_flags(c));

        P2P_CHECK_SIG();


        /* timeout? */

        if (c->c2.event_set_status == ES_TIMEOUT)

        {

            perf_pop();

            continue;

        }


        /* process the I/O which triggered select */

        process_io(c);

        P2P_CHECK_SIG();


        perf_pop();

    }


    persist_client_stats(c);


    uninit_management_callback();


    /* tear down tunnel instance (unless --persist-tun) */

    close_instance(c);

}


#undef PROCESS_SIGNAL_P2P


void

init_early(struct context *c)

{

    net_ctx_init(c, &c->net_ctx);


    /* init verbosity and mute levels */

    init_verb_mute(c, IVM_LEVEL_1);


    /* Initialise OpenSSL provider, this needs to be initialised this

     * early since option post-processing and also openssl info

     * printing depends on it */

    for (int j = 1; j < MAX_PARMS && c->options.providers.names[j]; j++)

    {

        c->options.providers.providers[j] =

            crypto_load_provider(c->options.providers.names[j]);

    }

}


static void

uninit_early(struct context *c)

{

    for (int j = 1; j < MAX_PARMS && c->options.providers.providers[j]; j++)

    {

        crypto_unload_provider(c->options.providers.names[j],

                               c->options.providers.providers[j]);

    }

    net_ctx_free(&c->net_ctx);

}


/**************************************************************************/

static

int

openvpn_main(int argc, char *argv[])

{

    struct context c;


#if PEDANTIC

    fprintf(stderr, "Sorry, I was built with --enable-pedantic and I am incapable of doing any real work!\n");

    return 1;

#endif


#ifdef _WIN32

    SetConsoleOutputCP(CP_UTF8);

#endif


    CLEAR(c);


    /* signify first time for components which can

     * only be initialized once per program instantiation. */

    c.first_time = true;


    /* initialize program-wide statics */

    if (init_static())

    {

        /*

         * This loop is initially executed on startup and then

         * once per SIGHUP.

         */

        do

        {

            /* enter pre-initialization mode with regard to signal handling */

            pre_init_signal_catch();


            /* zero context struct but leave first_time member alone */

            context_clear_all_except_first_time(&c);


            /* static signal info object */

            c.sig = &siginfo_static;


            /* initialize garbage collector scoped to context object */

            gc_init(&c.gc);


            /* initialize environmental variable store */

            c.es = env_set_create(NULL);

#ifdef _WIN32

            set_win_sys_path_via_env(c.es);

#endif


#ifdef ENABLE_MANAGEMENT

            /* initialize management subsystem */

            init_management();

#endif


            /* initialize options to default state */

            init_options(&c.options, true);


            /* parse command line options, and read configuration file */

            parse_argv(&c.options, argc, argv, M_USAGE, OPT_P_DEFAULT, NULL, c.es);


#ifdef ENABLE_PLUGIN

            /* plugins may contribute options configuration */

            init_verb_mute(&c, IVM_LEVEL_1);

            init_plugins(&c);

            open_plugins(&c, true, OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE);

#endif


            /* Early initialisation that need to happen before option

             * post processing and other early startup but after parsing */

            init_early(&c);


            /* set dev options */

            init_options_dev(&c.options);


            /* openssl print info? */

            if (print_openssl_info(&c.options))

            {

                break;

            }


            /* --genkey mode? */

            if (do_genkey(&c.options))

            {

                break;

            }


            /* tun/tap persist command? */

            if (do_persist_tuntap(&c.options, &c.net_ctx))

            {

                break;

            }


            /* sanity check on options */

            options_postprocess(&c.options, c.es);


            /* show all option settings */

            show_settings(&c.options);


            /* print version number */

            msg(M_INFO, "%s", title_string);

#ifdef _WIN32

            show_windows_version(M_INFO);

#endif

            show_library_versions(M_INFO);


            show_dco_version(M_INFO);


            /* misc stuff */

            pre_setup(&c.options);


            /* test crypto? */

            if (do_test_crypto(&c.options))

            {

                break;

            }


            /* Query passwords before becoming a daemon if we don't use the

             * management interface to get them. */

#ifdef ENABLE_MANAGEMENT

            if (!(c.options.management_flags & MF_QUERY_PASSWORDS))

#endif

            init_query_passwords(&c);


            /* become a daemon if --daemon */

            if (c.first_time)

            {

                c.did_we_daemonize = possibly_become_daemon(&c.options);

                write_pid_file(c.options.writepid, c.options.chroot_dir);

            }


#ifdef ENABLE_MANAGEMENT

            /* open management subsystem */

            if (!open_management(&c))

            {

                break;

            }

            /* query for passwords through management interface, if needed */

            if (c.options.management_flags & MF_QUERY_PASSWORDS)

            {

                init_query_passwords(&c);

            }

#endif


            /* set certain options as environmental variables */

            setenv_settings(c.es, &c.options);


            /* finish context init */

            context_init_1(&c);


            do

            {

                /* run tunnel depending on mode */

                switch (c.options.mode)

                {

                    case MODE_POINT_TO_POINT:

                        tunnel_point_to_point(&c);

                        break;


                    case MODE_SERVER:

                        tunnel_server(&c);

                        break;


                    default:

                        ASSERT(0);

                }


                /* indicates first iteration -- has program-wide scope */

                c.first_time = false;


                /* any signals received? */

                if (IS_SIG(&c))

                {

                    print_signal(c.sig, NULL, M_INFO);

                }


                /* pass restart status to management subsystem */

                signal_restart_status(c.sig);

            }

            while (signal_reset(c.sig, SIGUSR1) == SIGUSR1);


            env_set_destroy(c.es);

            uninit_options(&c.options);

            gc_reset(&c.gc);

            uninit_early(&c);

        }

        while (signal_reset(c.sig, SIGHUP) == SIGHUP);

    }


    context_gc_free(&c);


#ifdef ENABLE_MANAGEMENT

    /* close management interface */

    close_management();

#endif


    /* uninitialize program-wide statics */

    uninit_static();


    openvpn_exit(OPENVPN_EXIT_STATUS_GOOD); /* exit point */

    return 0;                               /* NOTREACHED */

}


#ifdef _WIN32

int

wmain(int argc, wchar_t *wargv[])

{

    char **argv;

    int ret;

    int i;


    if ((argv = calloc(argc+1, sizeof(char *))) == NULL)

    {

        return 1;

    }


    for (i = 0; i < argc; i++)

    {

        int n = WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, NULL, 0, NULL, NULL);

        argv[i] = malloc(n);

        WideCharToMultiByte(CP_UTF8, 0, wargv[i], -1, argv[i], n, NULL, NULL);

    }


    ret = openvpn_main(argc, argv);


    for (i = 0; i < argc; i++)

    {

        free(argv[i]);

    }

    free(argv);


    return ret;

}

#else  /* ifdef _WIN32 */

int

main(int argc, char *argv[])

{

    return openvpn_main(argc, argv);

}

#endif /* ifdef _WIN32 */