#include "syshead.h"#include "buffer.h"#include "error.h"#include "common.h"#include "run_command.h"#include "shaper.h"#include "crypto.h"#include "ssl.h"#include "ssl_ncp.h"#include "options.h"#include "misc.h"#include "socket_util.h"#include "packet_id.h"#include "pkcs11.h"#include "win32.h"#include "push.h"#include "pool.h"#include "proto.h"#include "helper.h"#include "manage.h"#include "forward.h"#include "ssl_verify.h"#include "platform.h"#include "xkey_common.h"#include "dco.h"#include "options_util.h"#include "tun_afunix.h"#include "domain_helper.h"#include <ctype.h>#include "memdbg.h"
Go to the source code of this file.
Data Structures | |
| struct | in_src |
Macros | |
| #define | SHOW_PARM(name, value, format) msg(D_SHOW_PARMS, " " #name " = " format, (value)) |
| #define | SHOW_STR(var) SHOW_PARM(var, (o->var ? o->var : "[UNDEF]"), "'%s'") |
| #define | SHOW_STR_INLINE(var) SHOW_PARM(var, o->var##_inline ? "[INLINE]" : (o->var ? o->var : "[UNDEF]"), "'%s'") |
| #define | SHOW_INT(var) SHOW_PARM(var, o->var, "%d") |
| #define | SHOW_UINT(var) SHOW_PARM(var, o->var, "%u") |
| #define | SHOW_INT64(var) SHOW_PARM(var, o->var, "%" PRIi64) |
| #define | SHOW_UNSIGNED(var) SHOW_PARM(var, o->var, "0x%08x") |
| #define | SHOW_BOOL(var) SHOW_PARM(var, (o->var ? "ENABLED" : "DISABLED"), "%s"); |
| #define | MUST_BE_UNDEF(parm, parm_name) |
| #define | MUST_BE_FALSE(condition, parm_name) |
| #define | USAGE_VALID_SERVER_PROTOS |
| #define | CHKACC_FILE (1 << 0) |
| Check for a file/directory presence. | |
| #define | CHKACC_DIRPATH (1 << 1) |
| Check for directory presence where a file should reside. | |
| #define | CHKACC_FILEXSTWR (1 << 2) |
| If file exists, is it writable? | |
| #define | CHKACC_ACPTSTDIN (1 << 3) |
| If filename is stdin, it's allowed and "exists". | |
| #define | CHKACC_PRIVATE (1 << 4) |
| Warn if this (private) file is group/others accessible. | |
| #define | CHKACC_ACCEPT_URI (1 << 5) |
| Do not check URIs, unless they start with file: | |
| #define | TLS_CLIENT (o->tls_client) |
| #define | TLS_SERVER (o->tls_server) |
| #define | LZO_LIB_VER_STR "", "" |
| #define | IS_TYPE_FP 1 |
| #define | IS_TYPE_BUF 2 |
| #define | VERIFY_PERMISSION(mask) |
| #define | NM_QUOTE_HINT (1 << 0) |
| #define | RESET_OPTION_ROUTES(option_ptr, field) |
Functions | |
| void | init_options (struct options *o, const bool init_gc) |
| void | uninit_options (struct options *o) |
| static const char * | pull_filter_type_name (int type) |
| static void | setenv_connection_entry (struct env_set *es, const struct connection_entry *e, const int i) |
| static void | setenv_local_entry (struct env_set *es, const struct local_entry *e, const int i) |
| void | setenv_settings (struct env_set *es, const struct options *o) |
| static in_addr_t | get_ip_addr (const char *ip_string, msglvl_t msglevel, bool *error) |
| static char * | get_ipv6_addr_no_netbits (const char *addr, struct gc_arena *gc) |
| Returns newly allocated string containing address part without "/nn". | |
| static bool | ipv6_addr_safe_hexplusbits (const char *ipv6_prefix_spec) |
| static char * | string_substitute (const char *src, int from, int to, struct gc_arena *gc) |
| static struct verify_hash_list * | parse_hash_fingerprint (const char *str, int nbytes, msglvl_t msglevel, struct gc_arena *gc) |
| Parses a hexstring and checks if the string has the correct length. | |
| static struct verify_hash_list * | parse_hash_fingerprint_multiline (const char *str, int nbytes, msglvl_t msglevel, struct gc_arena *gc) |
| Parses a string consisting of multiple lines of hexstrings and checks if each string has the correct length. | |
| static void | show_dhcp_option_list (const char *name, const char *const *array, int len) |
| static void | show_dhcp_option_addrs (const char *name, const in_addr_t *array, int len) |
| static void | show_tuntap_options (const struct tuntap_options *o) |
| static void | dhcp_option_dns6_parse (const char *parm, struct in6_addr *dns6_list, int *len, msglvl_t msglevel) |
| static void | dhcp_option_address_parse (const char *name, const char *parm, in_addr_t *array, int *len, msglvl_t msglevel) |
| static const char * | print_vlan_accept (enum vlan_acceptable_frames mode) |
| static void | show_p2mp_parms (const struct options *o) |
| static void | option_iroute (struct options *o, const char *network_str, const char *netmask_str, msglvl_t msglevel) |
| static void | option_iroute_ipv6 (struct options *o, const char *prefix_str, msglvl_t msglevel) |
| static void | show_http_proxy_options (const struct http_proxy_options *o) |
| void | options_detach (struct options *o) |
| void | rol_check_alloc (struct options *options) |
| static void | rol6_check_alloc (struct options *options) |
| static void | cnol_check_alloc (struct options *options) |
| static void | show_connection_entry (const struct connection_entry *o) |
| static void | show_connection_entries (const struct options *o) |
| static void | show_pull_filter_list (const struct pull_filter_list *l) |
| void | show_settings (const struct options *o) |
| static struct http_proxy_options * | parse_http_proxy_override (const char *server, const char *port, const char *flags, struct gc_arena *gc) |
| static void | options_postprocess_http_proxy_override (struct options *o) |
| static struct local_list * | alloc_local_list_if_undef (struct connection_entry *ce, struct gc_arena *gc) |
| static struct local_entry * | alloc_local_entry (struct connection_entry *ce, const msglvl_t msglevel, struct gc_arena *gc) |
| static struct connection_list * | alloc_connection_list_if_undef (struct options *options) |
| static struct connection_entry * | alloc_connection_entry (struct options *options, const msglvl_t msglevel) |
| static struct remote_list * | alloc_remote_list_if_undef (struct options *options) |
| static struct remote_entry * | alloc_remote_entry (struct options *options, const msglvl_t msglevel) |
| static struct pull_filter_list * | alloc_pull_filter_list (struct options *o) |
| static struct pull_filter * | alloc_pull_filter (struct options *o) |
| static void | connection_entry_load_re (struct connection_entry *ce, const struct remote_entry *re) |
| static void | connection_entry_preload_key (const char **key_file, bool *key_inline, struct gc_arena *gc) |
| static void | check_ca_required (const struct options *options) |
| static void | options_postprocess_verify_ce (const struct options *options, const struct connection_entry *ce) |
| static void | options_postprocess_mutate_ce (struct options *o, struct connection_entry *ce) |
| static void | options_postprocess_mutate_le (struct connection_entry *ce, struct local_entry *le, int mode) |
| static void | remap_redirect_gateway_flags (struct options *opt) |
| static void | pre_connect_save (struct options *o) |
| void | pre_connect_restore (struct options *o, struct gc_arena *gc) |
| static void | options_postprocess_mutate_invariant (struct options *options) |
| static void | options_postprocess_verify (const struct options *o) |
| static void | options_postprocess_cipher (struct options *o) |
| static bool | need_compatibility_before (const struct options *o, unsigned int version) |
| The option –compat-mode is used to set up default settings to values used on the specified openvpn version and earlier. | |
| static void | options_set_backwards_compatible_options (struct options *o) |
| Changes default values so that OpenVPN can be compatible with the user specified version. | |
| static void | options_process_mutate_prf (struct options *o) |
| static void | tuntap_options_postprocess_dns (struct options *o) |
| Postprocess DNS related settings. | |
| static void | options_postprocess_mutate (struct options *o, struct env_set *es) |
| static bool | check_file_access (const int type, const char *file, const int mode, const char *opt) |
| static bool | check_file_access_chroot (const char *chroot, const int type, const char *file, const int mode, const char *opt) |
| static bool | check_file_access_chroot_inline (bool is_inline, const char *chroot, const int type, const char *file, const int mode, const char *opt) |
| A wrapper for check_file_access_chroot() that returns false immediately if the file is inline (and therefore there is no access to check) | |
| static bool | check_file_access_inline (bool is_inline, const int type, const char *file, const int mode, const char *opt) |
| A wrapper for check_file_access() that returns false immediately if the file is inline (and therefore there is no access to check) | |
| static bool | check_cmd_access (const char *command, const char *opt, const char *chroot) |
| static void | options_postprocess_filechecks (struct options *options) |
| void | options_postprocess (struct options *options, struct env_set *es) |
| bool | options_postprocess_pull (struct options *o, struct env_set *es) |
| char * | options_string (const struct options *o, const struct frame *frame, struct tuntap *tt, openvpn_net_ctx_t *ctx, bool remote, struct gc_arena *gc) |
| bool | options_cmp_equal (char *actual, const char *expected) |
| void | options_warning (char *actual, const char *expected) |
| static const char * | options_warning_extract_parm1 (const char *option_string, struct gc_arena *gc_ret) |
| static void | options_warning_safe_scan2 (const msglvl_t msglevel, const int delim, const bool report_inconsistent, const char *p1, const struct buffer *b2_src, const char *b1_name, const char *b2_name) |
| static void | options_warning_safe_scan1 (const msglvl_t msglevel, const int delim, const bool report_inconsistent, const struct buffer *b1_src, const struct buffer *b2_src, const char *b1_name, const char *b2_name) |
| static void | options_warning_safe_ml (const msglvl_t msglevel, char *actual, const char *expected, size_t actual_n) |
| bool | options_cmp_equal_safe (char *actual, const char *expected, size_t actual_n) |
| void | options_warning_safe (char *actual, const char *expected, size_t actual_n) |
| const char * | options_string_version (const char *s, struct gc_arena *gc) |
| char * | options_string_extract_option (const char *options_string, const char *opt_name, struct gc_arena *gc) |
| Given an OpenVPN options string, extract the value of an option. | |
| int | parse_topology (const char *str, const msglvl_t msglevel) |
| const char * | print_topology (const int topology) |
| int | auth_retry_get (void) |
| bool | auth_retry_set (const msglvl_t msglevel, const char *option) |
| const char * | auth_retry_print (void) |
| static void | usage (void) |
| void | usage_small (void) |
| void | show_windows_version (const unsigned int flags) |
| void | show_dco_version (const unsigned int flags) |
| void | show_library_versions (const unsigned int flags) |
| static void | usage_version (void) |
| void | notnull (const char *arg, const char *description) |
| bool | string_defined_equal (const char *s1, const char *s2) |
| static unsigned int | atou (const char *str) |
| static bool | space (char c) |
| int | parse_line (const char *line, char *p[], const int n, const char *file, const int line_num, msglvl_t msglevel, struct gc_arena *gc) |
| static void | bypass_doubledash (char **p) |
| static bool | in_src_get (const struct in_src *is, char *line, const int size) |
| static char * | read_inline_file (struct in_src *is, const char *close_tag, int *num_lines, struct gc_arena *gc) |
| static int | check_inline_file (struct in_src *is, char *p[], struct gc_arena *gc) |
| static int | check_inline_file_via_fp (FILE *fp, char *p[], struct gc_arena *gc) |
| static int | check_inline_file_via_buf (struct buffer *multiline, char *p[], struct gc_arena *gc) |
| static void | add_option (struct options *options, char *p[], bool is_inline, const char *file, int line, const int level, const msglvl_t msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es) |
| static void | remove_option (struct context *c, struct options *options, char *p[], bool is_inline, const char *file, int line, const msglvl_t msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es) |
Resets options found in the PUSH_UPDATE message that are preceded by the - flag. | |
| static void | update_option (struct context *c, struct options *options, char *p[], bool is_inline, const char *file, int line, const int level, const msglvl_t msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es, unsigned int *update_options_found) |
| Processes an option to update. | |
| static void | read_config_file (struct options *options, const char *file, int level, const char *top_file, const int top_line, const msglvl_t msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es) |
| static void | read_config_string (const char *prefix, struct options *options, const char *config, const msglvl_t msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es) |
| void | parse_argv (struct options *options, const int argc, char *argv[], const msglvl_t msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es) |
| bool | apply_push_options (struct context *c, struct options *options, struct buffer *buf, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es, bool is_update) |
| void | options_server_import (struct options *o, const char *filename, msglvl_t msglevel, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es) |
| void | options_string_import (struct options *options, const char *config, const msglvl_t msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es) |
| static bool | verify_permission (const char *name, const char *file, int line, const unsigned int type, const unsigned int allowed, unsigned int *found, const msglvl_t msglevel, struct options *options, bool is_inline) |
| static bool | no_more_than_n_args (const msglvl_t msglevel, char *p[], const int max, const unsigned int flags) |
| static msglvl_t | msglevel_forward_compatible (struct options *options, const msglvl_t msglevel) |
| static bool | check_route_option (struct options *options, char *p[], const msglvl_t msglevel, bool pull_mode) |
| static bool | check_route6_option (struct options *options, char *p[], const msglvl_t msglevel, bool pull_mode) |
| static bool | check_dns_option (struct options *options, char *p[], const msglvl_t msglevel, bool pull_mode) |
| static void | set_user_script (struct options *options, const char **script, const char *new_script, const char *type, bool in_chroot) |
| static void | show_compression_warning (struct compress_options *info) |
| bool | key_is_external (const struct options *options) |
| bool | has_udp_in_local_list (const struct options *options) |
Variables | |
| const char | title_string [] |
| static const char | usage_message [] |
| static int | global_auth_retry |
Macro Definition Documentation
◆ CHKACC_ACCEPT_URI
| #define CHKACC_ACCEPT_URI (1 << 5) |
◆ CHKACC_ACPTSTDIN
| #define CHKACC_ACPTSTDIN (1 << 3) |
◆ CHKACC_DIRPATH
| #define CHKACC_DIRPATH (1 << 1) |
◆ CHKACC_FILE
| #define CHKACC_FILE (1 << 0) |
◆ CHKACC_FILEXSTWR
| #define CHKACC_FILEXSTWR (1 << 2) |
◆ CHKACC_PRIVATE
| #define CHKACC_PRIVATE (1 << 4) |
◆ IS_TYPE_BUF
◆ IS_TYPE_FP
◆ LZO_LIB_VER_STR
| #define LZO_LIB_VER_STR "", "" |
◆ MUST_BE_FALSE
| #define MUST_BE_FALSE | ( | condition, | |
| parm_name | |||
| ) |
◆ MUST_BE_UNDEF
| #define MUST_BE_UNDEF | ( | parm, | |
| parm_name | |||
| ) |
◆ NM_QUOTE_HINT
◆ RESET_OPTION_ROUTES
| #define RESET_OPTION_ROUTES | ( | option_ptr, | |
| field | |||
| ) |
◆ SHOW_BOOL
| #define SHOW_BOOL | ( | var | ) | SHOW_PARM(var, (o->var ? "ENABLED" : "DISABLED"), "%s"); |
◆ SHOW_INT
◆ SHOW_INT64
| #define SHOW_INT64 | ( | var | ) | SHOW_PARM(var, o->var, "%" PRIi64) |
◆ SHOW_PARM
| #define SHOW_PARM | ( | name, | |
| value, | |||
| format | |||
| ) | msg(D_SHOW_PARMS, " " #name " = " format, (value)) |
◆ SHOW_STR
| #define SHOW_STR | ( | var | ) | SHOW_PARM(var, (o->var ? o->var : "[UNDEF]"), "'%s'") |
◆ SHOW_STR_INLINE
| #define SHOW_STR_INLINE | ( | var | ) | SHOW_PARM(var, o->var##_inline ? "[INLINE]" : (o->var ? o->var : "[UNDEF]"), "'%s'") |
◆ SHOW_UINT
◆ SHOW_UNSIGNED
| #define SHOW_UNSIGNED | ( | var | ) | SHOW_PARM(var, o->var, "0x%08x") |
◆ TLS_CLIENT
| #define TLS_CLIENT (o->tls_client) |
◆ TLS_SERVER
| #define TLS_SERVER (o->tls_server) |
◆ USAGE_VALID_SERVER_PROTOS
| #define USAGE_VALID_SERVER_PROTOS |
◆ VERIFY_PERMISSION
| #define VERIFY_PERMISSION | ( | mask | ) |
Function Documentation
◆ add_option()
|
static |
Definition at line 6194 of file options.c.
References add_client_nat_to_option_list(), add_route_ipv6_to_option_list(), add_route_to_option_list(), connection_entry::af, remote_entry::af, compress_options::alg, ALLOC_ARRAY_GC, alloc_buf_gc(), alloc_connection_entry(), alloc_local_entry(), alloc_pull_filter(), alloc_remote_entry(), options::allow_deprecated_insecure_static_crypto, options::allow_pull_fqdn, options::allow_recursive_routing, ascii2af(), ascii2ipset(), ascii2keydirection(), ascii2proto(), ASSERT, atoi_constrained(), atoi_warn(), atou(), http_proxy_options::auth_file, http_proxy_options::auth_file_up, http_proxy_options::auth_method_string, http_proxy_options::auth_retry, auth_retry_set(), options::auth_token_call_auth, options::auth_token_generate, options::auth_token_lifetime, options::auth_token_renewal, options::auth_token_secret_file, options::auth_token_secret_file_inline, options::auth_user_pass_file, options::auth_user_pass_file_inline, options::auth_user_pass_verify_script, options::auth_user_pass_verify_script_via_file, options::authname, options::backwards_compatible, connection_entry::bind_defined, options::bind_dev, connection_entry::bind_ipv6_only, connection_entry::bind_local, options::block_ipv6, options::block_outside_dns, BOOL_CAST, BSTR, buf_printf(), options::ca_file, options::ca_file_inline, options::ca_path, options::ccd_exclusive, options::cd_dir, options::ce, options::cert_file, options::cert_file_inline, options::cf_initial_max, options::cf_initial_per, options::cf_max, options::cf_per, static_challenge_info::challenge_text, check_dns_option(), check_route6_option(), check_route_option(), options::chroot_dir, options::cipher_list, options::cipher_list_tls13, options::ciphername, options::client, options::client_config_dir, options::client_connect_script, options::client_crresponse_script, options::client_disconnect_script, options::client_nat, cnol_check_alloc(), CO_EPOCH_DATA_KEY_FORMAT, CO_USE_CC_EXIT_NOTIFY, CO_USE_DYNAMIC_TLS_CRYPT, CO_USE_TLS_KEY_MATERIAL_EXPORT, options::comp, COMP_ALG_LZ4, COMP_ALG_LZO, COMP_ALG_STUB, COMP_ALG_UNDEF, COMP_ALGV2_LZ4, COMP_ALGV2_UNCOMPRESSED, COMP_F_ADVERTISE_STUBS_ONLY, COMP_F_ALLOW_ASYM, COMP_F_ALLOW_STUB_ONLY, COMP_F_MIGRATE, COMP_F_SWAP, comp_non_stub_enabled(), options::config, options::connect_retry_max, connection_entry::connect_retry_seconds, connection_entry::connect_retry_seconds_max, connection_entry::connect_timeout, connection_entry_load_re(), constrain_int(), http_custom_header::content, options::crl_file, options::crl_file_inline, options::cryptoapi_cert, http_proxy_options::custom_headers, D_PUSH, D_TLS_DEBUG_MED, options::daemon, options::dev, options::dev_node, options::dev_type, options::dh_file, options::dh_file_inline, tuntap_options::dhcp_lease_time, tuntap_options::dhcp_masq_custom_offset, tuntap_options::dhcp_masq_offset, dhcp_option_address_parse(), dhcp_option_dns6_parse(), tuntap_options::dhcp_options, DHCP_OPTIONS_DHCP_OPTIONAL, DHCP_OPTIONS_DHCP_REQUIRED, tuntap_options::dhcp_pre_release, dhcp_release_by_adapter_index(), tuntap_options::dhcp_renew, dhcp_renew_by_adapter_index(), options::disable, options::disable_dco, tuntap_options::disable_nbt, options::dns_options, DNS_UPDOWN_FORCED, DNS_UPDOWN_NO_FLAGS, DNS_UPDOWN_USER_SET, dns_updown_user_set(), options::down_pre, options::down_script, options::duplicate_cn, options::ecdh_curve, options::enable_c2c, options::enable_ncp_fallback, options::engine, errors_to_stderr(), es, options::exit_event_initial_state, options::exit_event_name, connection_entry::explicit_exit_notification, EXPORT_KEY_DATA_LABEL, options::extra_certs_file, options::extra_certs_file_inline, options::fast_io, compress_options::flags, static_challenge_info::flags, route_option_list::flags, route_ipv6_option_list::flags, options::force_key_material_export, options::forward_compatible, connection_entry::fragment, connection_entry::fragment_encap, dns_options::from_dhcp, options::gc, gc, gc_free(), gc_new(), gc_transfer(), options::genkey, GENKEY_AUTH_TOKEN, options::genkey_extra_data, options::genkey_filename, GENKEY_SECRET, GENKEY_TLS_CRYPTV2_CLIENT, GENKEY_TLS_CRYPTV2_SERVER, options::genkey_type, get_default_gateway(), get_default_gateway_ipv6(), get_ip_addr(), get_ipv6_addr(), get_ipv6_addr_no_netbits(), getaddr(), GETADDR_HOST_ORDER, GETADDR_RESOLVE, options::groupname, options::handshake_window, connection_entry::http_proxy_options, options::http_proxy_override, http_proxy_options::http_version, i, options::ifconfig_ipv6_local, options::ifconfig_ipv6_netbits, options::ifconfig_ipv6_pool_base, options::ifconfig_ipv6_pool_defined, options::ifconfig_ipv6_pool_netbits, options::ifconfig_ipv6_remote, options::ifconfig_local, options::ifconfig_noexec, options::ifconfig_nowarn, options::ifconfig_pool_defined, options::ifconfig_pool_end, options::ifconfig_pool_netmask, options::ifconfig_pool_persist_filename, options::ifconfig_pool_persist_refresh_freq, options::ifconfig_pool_start, ifconfig_pool_verify_range(), options::ifconfig_remote_netmask, options::ignore_unknown_option, options::imported_protocol_flags, options::inactivity_minimum_bytes, options::inactivity_timeout, init_http_proxy_options_once(), init_options(), http_proxy_options::inline_creds, ip_or_dns_addr_safe(), options::ip_remote_hint, tuntap_options::ip_win32_defined, tuntap_options::ip_win32_type, options::ipchange, ipconfig_register_dns(), ipset2ascii_all(), ipv6_addr_safe(), IPW32_SET_ADAPTIVE, IPW32_SET_ADAPTIVE_DELAY_WINDOW, IPW32_SET_DHCP_MASQ, is_special_addr(), options::keepalive_ping, options::keepalive_timeout, connection_entry::key_direction, options::key_direction, KEY_DIRECTION_BIDIRECTIONAL, options::key_pass_file, options::keying_material_exporter_label, options::keying_material_exporter_length, options::learn_address_script, buffer::len, connection_entry::link_mtu, connection_entry::link_mtu_defined, options::lladdr, local_entry::local, connection_entry::local_port, connection_entry::local_port_defined, options::log, M_DEBUG_LEVEL, M_ERR, M_FATAL, M_INFO, M_NOPREFIX, M_USAGE, M_WARN, mac_addr_safe(), options::machine_readable_output, options::management_addr, management_auth_token(), options::management_certificate, options::management_client_group, options::management_client_user, management_echo(), options::management_flags, options::management_log_history_cache, options::management_port, options::management_user_pass, options::mark, options::max_clients, MAX_CUSTOM_HTTP_HEADER, max_int(), MAX_PARMS, MAX_PEER_ID, options::max_routes_per_client, MAX_SEQ_BACKTRACK, MAX_TIME_BACKTRACK, MD_SHA1, MD_SHA256, MF_CLIENT_AUTH, MF_CONNECT_AS_CLIENT, MF_EXTERNAL_CERT, MF_EXTERNAL_KEY, MF_EXTERNAL_KEY_DIGEST, MF_EXTERNAL_KEY_NOPADDING, MF_EXTERNAL_KEY_PKCS1PAD, MF_EXTERNAL_KEY_PSSPAD, MF_FORGET_DISCONNECT, MF_HOLD, MF_QUERY_PASSWORDS, MF_QUERY_PROXY, MF_QUERY_REMOTE, MF_SIGNAL, MF_UNIX_SOCK, MF_UP_DOWN, MIN_SEQ_BACKTRACK, MIN_TIME_BACKTRACK, options::mlock, options::mode, MODE_POINT_TO_POINT, MODE_SERVER, msg, options::msg_channel, msglevel_forward_compatible(), connection_entry::mssfix, connection_entry::mssfix_default, connection_entry::mssfix_encap, connection_entry::mssfix_fixed, connection_entry::mtu_discover_type, options::mtu_test, options::mute, options::mute_replay_warnings, options::n_bcast_buf, N_SEARCH_LIST_LEN, http_custom_header::name, provider_list::names, tuntap_options::nbdd, tuntap_options::nbdd_len, options::ncp_ciphers, net_ctx_init(), tuntap_options::netbios_node_type, tuntap_options::netbios_scope, verify_hash_list::next, options::nice, NM_QUOTE_HINT, no_more_than_n_args(), NS_CERT_CHECK_CLIENT, NS_CERT_CHECK_SERVER, options::ns_cert_type, tuntap_options::ntp, tuntap_options::ntp_len, options::occ, connection_entry::occ_mtu, open_syslog(), OPENVPN_8021Q_MAX_VID, OPENVPN_8021Q_MIN_VID, openvpn_exit(), OPENVPN_EXIT_STATUS_GOOD, OPENVPN_KU_REQUIRED, OPT_P_COMP, OPT_P_CONFIG, OPT_P_CONNECTION, OPT_P_DHCPDNS, OPT_P_ECHO, OPT_P_EXPLICIT_NOTIFY, OPT_P_GENERAL, OPT_P_INHERIT, OPT_P_INLINE, OPT_P_INSTANCE, OPT_P_MESSAGES, OPT_P_MTU, OPT_P_NCP, OPT_P_NICE, OPT_P_PEER_ID, OPT_P_PERSIST, OPT_P_PERSIST_IP, OPT_P_PLUGIN, OPT_P_PULL_MODE, OPT_P_PUSH, OPT_P_PUSH_MTU, OPT_P_ROUTE, OPT_P_ROUTE_EXTRAS, OPT_P_ROUTE_TABLE, OPT_P_SCRIPT, OPT_P_SETENV, OPT_P_SHAPER, OPT_P_SOCKBUF, OPT_P_SOCKFLAGS, OPT_P_TIMER, OPT_P_TLS_PARMS, OPT_P_UP, option_iroute(), option_iroute_ipv6(), OPTION_PARM_SIZE, options::override_username, PACKAGE_VERSION, options::packet_id_file, PAR_ALL, PAR_NCT, parse_hash_fingerprint_multiline(), parse_http_proxy_override(), parse_topology(), options::peer_id, options::persist_config, options::persist_local_ip, options::persist_mode, options::persist_remote_ip, options::persist_tun, PING_EXIT, options::ping_rec_timeout, options::ping_rec_timeout_action, PING_RESTART, options::ping_send_timeout, options::ping_timer_remote, options::pkcs12_file, options::pkcs12_file_inline, platform_chdir(), options::plugin_list, plugin_option_list_add(), plugin_option_list_new(), local_entry::port, http_proxy_options::port, positive_atoi(), positive_atoll(), print_default_gateway(), options::priv_key_file, options::priv_key_file_inline, local_entry::proto, connection_entry::proto, remote_entry::proto, proto2ascii_all(), options::proto_force, options::providers, PUF_TYPE_ACCEPT, PUF_TYPE_IGNORE, PUF_TYPE_REJECT, options::pull, options::push_continuation, options::push_ifconfig_constraint_defined, options::push_ifconfig_constraint_netmask, options::push_ifconfig_constraint_network, options::push_ifconfig_defined, options::push_ifconfig_ipv6_blocked, options::push_ifconfig_ipv6_defined, options::push_ifconfig_ipv6_local, options::push_ifconfig_ipv6_netbits, options::push_ifconfig_ipv6_remote, options::push_ifconfig_local, options::push_ifconfig_local_alias, options::push_ifconfig_remote_netmask, push_options(), options::push_peer_info, push_remove_option(), push_reset(), options::rcvbuf, read_config_file(), read_config_string(), options::real_hash_size, redirect_stdout_stderr(), tuntap_options::register_dns, remap_redirect_gateway_flags(), options::remap_sigusr1, connection_entry::remote, remote_entry::remote, options::remote_cert_eku, options::remote_cert_ku, connection_entry::remote_float, connection_entry::remote_port, remote_entry::remote_port, options::remote_random, options::renegotiate_bytes, options::renegotiate_packets, options::renegotiate_seconds, options::renegotiate_seconds_min, options::replay_time, options::replay_window, RESOLV_RETRY_INFINITE, options::resolve_in_advance, options::resolve_retry_seconds, RG_AUTO_LOCAL, RG_BLOCK_LOCAL, RG_BYPASS_DHCP, RG_BYPASS_DNS, RG_DEF1, RG_ENABLE, RG_LOCAL, RG_REROUTE_GW, rol6_check_alloc(), rol_check_alloc(), options::route_default_gateway, options::route_default_metric, options::route_default_table_id, options::route_delay, options::route_delay_defined, options::route_delay_window, options::route_gateway_via_dhcp, options::route_ipv6_default_gateway, options::route_method, ROUTE_METHOD_ADAPTIVE, ROUTE_METHOD_EXE, ROUTE_METHOD_IPAPI, ROUTE_METHOD_SERVICE, options::route_noexec, options::route_nopull, options::route_predown_script, options::route_script, options::routes, options::routes_ipv6, SC_CONCAT, SC_ECHO, options::sc_info, script_security_set(), SDL_CONSTRAIN, http_proxy_options::server, options::server_bridge_defined, options::server_bridge_ip, options::server_bridge_netmask, options::server_bridge_pool_end, options::server_bridge_pool_start, options::server_bridge_proxy_dhcp, options::server_defined, options::server_flags, options::server_ipv6_defined, options::server_netbits_ipv6, options::server_netmask, options::server_network, options::server_network_ipv6, options::session_timeout, set_debug_level(), set_machine_readable_output(), set_pause_exit_win32(), set_suppress_timestamps(), set_user_script(), set_win_sys_path(), setenv_int(), setenv_str(), setenv_str_safe(), SF_HOST_RANDOMIZE, SF_NO_PUSH_ROUTE_GATEWAY, SF_NOPOOL, SF_TCP_NODELAY, SF_TCP_NODELAY_HELPER, SF_USE_IP_PKTINFO, SHA256_DIGEST_LENGTH, SHA_DIGEST_LENGTH, options::shaper, SHAPER_MAX, SHAPER_MIN, options::shared_secret_file, options::shared_secret_file_inline, show_adapters(), options::show_ciphers, show_compression_warning(), options::show_curves, options::show_digests, options::show_engines, options::show_net_up, show_routes(), show_tap_win_adapters(), options::show_tls_ciphers, show_valid_win32_tun_subnets(), options::single_session, sleep, options::sndbuf, options::sockflags, connection_entry::socks_proxy_authfile, connection_entry::socks_proxy_port, connection_entry::socks_proxy_server, SSEC_NONE, SSEC_PW_ENV, options::ssl_flags, ssl_set_auth_nocache(), ssl_set_auth_token(), ssl_set_auth_token_user(), SSLF_AUTH_USER_PASS_OPTIONAL, SSLF_CLIENT_CERT_NOT_REQUIRED, SSLF_CLIENT_CERT_OPTIONAL, SSLF_CRL_VERIFY_DIR, SSLF_OPT_VERIFY, SSLF_TLS_DEBUG_ENABLED, SSLF_TLS_VERSION_MAX_MASK, SSLF_TLS_VERSION_MAX_SHIFT, SSLF_TLS_VERSION_MIN_MASK, SSLF_TLS_VERSION_MIN_SHIFT, SSLF_USERNAME_AS_COMMON_NAME, options::stale_routes_ageing_time, options::stale_routes_check_interval, options::status_file, options::status_file_update_freq, options::status_file_version, streq, string_substitute(), options::suppress_timestamps, tap_allow_nonadmin_access(), tuntap_options::tap_sleep, options::tcp_queue_limit, options::test_crypto, connection_entry::tls_auth_file, options::tls_auth_file, connection_entry::tls_auth_file_inline, options::tls_auth_file_inline, options::tls_cert_profile, TLS_CHANNEL_BUF_SIZE, TLS_CHANNEL_MTU_MIN, options::tls_client, connection_entry::tls_crypt_file, options::tls_crypt_file, connection_entry::tls_crypt_file_inline, options::tls_crypt_file_inline, connection_entry::tls_crypt_v2_file, options::tls_crypt_v2_file, connection_entry::tls_crypt_v2_file_inline, options::tls_crypt_v2_file_inline, connection_entry::tls_crypt_v2_force_cookie, options::tls_crypt_v2_verify_script, options::tls_exit, options::tls_export_peer_cert_dir, options::tls_groups, connection_entry::tls_mtu, options::tls_server, options::tls_timeout, TLS_VER_1_2, TLS_VER_BAD, options::tls_verify, tls_version_parse(), options::tmp_dir, options::topology, options::transition_window, translate_mtu_discover_type_name(), connection_entry::tun_mtu, connection_entry::tun_mtu_defined, connection_entry::tun_mtu_extra, connection_entry::tun_mtu_extra_defined, connection_entry::tun_mtu_max, options::tuntap_options, uninit_options(), options::up_delay, options::up_restart, options::up_script, dns_options::updown, dns_options::updown_flags, usage(), usage_version(), options::use_peer_id, http_proxy_options::user_agent, USER_PASS_LEN, options::username, valid_integer(), validate_domain(), options::verbosity, options::verify_hash, options::verify_hash_algo, options::verify_hash_depth, VERIFY_PERMISSION, options::verify_x509_name, VERIFY_X509_SUBJECT_DN, VERIFY_X509_SUBJECT_RDN, VERIFY_X509_SUBJECT_RDN_PREFIX, options::verify_x509_type, options::virtual_hash_size, options::vlan_accept, VLAN_ALL, VLAN_ONLY_TAGGED, VLAN_ONLY_UNTAGGED_OR_PRIORITY, options::vlan_pvid, options::vlan_tagging, tuntap_options::wins, tuntap_options::wins_len, options::writepid, options::x509_track, and x509_track_add().
Referenced by apply_push_options(), parse_argv(), read_config_file(), read_config_string(), and update_option().
◆ alloc_connection_entry()
|
static |
Definition at line 2115 of file options.c.
References alloc_connection_list_if_undef(), ALLOC_OBJ_GC, connection_list::array, connection_list::capacity, CONNECTION_LIST_SIZE, options::gc, gc_realloc(), connection_list::len, and msg.
Referenced by add_option(), and options_postprocess_mutate().
◆ alloc_connection_list_if_undef()
|
static |
Definition at line 2105 of file options.c.
References ALLOC_OBJ_CLEAR_GC, options::connection_list, and options::gc.
Referenced by alloc_connection_entry().
◆ alloc_local_entry()
|
static |
Definition at line 2074 of file options.c.
References alloc_local_list_if_undef(), ALLOC_OBJ_CLEAR_GC, local_list::array, local_list::capacity, gc, gc_realloc(), local_list::len, msg, local_entry::proto, and PROTO_NONE.
Referenced by add_option(), and options_postprocess_mutate().
◆ alloc_local_list_if_undef()
|
static |
Definition at line 2064 of file options.c.
References ALLOC_OBJ_CLEAR_GC, gc, and connection_entry::local_list.
Referenced by alloc_local_entry().
◆ alloc_pull_filter()
|
static |
Definition at line 2187 of file options.c.
References ALLOC_OBJ_CLEAR_GC, alloc_pull_filter_list(), ASSERT, options::gc, pull_filter_list::head, pull_filter::next, and pull_filter_list::tail.
Referenced by add_option().
◆ alloc_pull_filter_list()
|
static |
Definition at line 2177 of file options.c.
References ALLOC_OBJ_CLEAR_GC, options::gc, and options::pull_filter_list.
Referenced by alloc_pull_filter().
◆ alloc_remote_entry()
|
static |
Definition at line 2151 of file options.c.
References ALLOC_OBJ_GC, alloc_remote_list_if_undef(), remote_list::array, remote_list::capacity, CONNECTION_LIST_SIZE, options::gc, gc_realloc(), remote_list::len, and msg.
Referenced by add_option().
◆ alloc_remote_list_if_undef()
|
static |
Definition at line 2141 of file options.c.
References ALLOC_OBJ_CLEAR_GC, options::gc, and options::remote_list.
Referenced by alloc_remote_entry().
◆ apply_push_options()
| bool apply_push_options | ( | struct context * | c, |
| struct options * | options, | ||
| struct buffer * | buf, | ||
| unsigned int | permission_mask, | ||
| unsigned int * | option_types_found, | ||
| struct env_set * | es, | ||
| bool | is_update | ||
| ) |
Definition at line 5463 of file options.c.
References add_option(), apply_pull_filter(), buf_parse(), check_push_update_option_flags(), CLEAR, D_PUSH_ERRORS, es, options::gc, i, buffer::len, M_OPTERR, MAX_PARMS, OPTION_PARM_SIZE, parse_line(), PUSH_OPT_OPTIONAL, PUSH_OPT_TO_REMOVE, remove_option(), SIZE, and update_option().
Referenced by process_incoming_push_reply(), and process_incoming_push_update().
◆ atou()
|
static |
Definition at line 4962 of file options.c.
Referenced by add_option().
◆ auth_retry_get()
| int auth_retry_get | ( | void | ) |
Definition at line 4791 of file options.c.
References global_auth_retry.
Referenced by do_init_crypto_tls_c1(), init_instance(), receive_auth_failed(), and socket_restart_pause().
◆ auth_retry_print()
| const char * auth_retry_print | ( | void | ) |
Definition at line 4820 of file options.c.
References AR_INTERACT, AR_NOINTERACT, AR_NONE, and global_auth_retry.
Referenced by man_dispatch_command().
◆ auth_retry_set()
| bool auth_retry_set | ( | const msglvl_t | msglevel, |
| const char * | option | ||
| ) |
Definition at line 4797 of file options.c.
References AR_INTERACT, AR_NOINTERACT, AR_NONE, global_auth_retry, msg, and streq.
Referenced by add_option(), and man_dispatch_command().
◆ bypass_doubledash()
|
static |
Definition at line 5153 of file options.c.
Referenced by read_config_file(), and read_config_string().
◆ check_ca_required()
|
static |
Definition at line 2245 of file options.c.
References options::ca_file, options::ca_path, buffer::len, M_USAGE, msg, options::pkcs12_file, and options::verify_hash_no_ca.
Referenced by options_postprocess_verify_ce().
◆ check_cmd_access()
|
static |
Definition at line 4128 of file options.c.
References argv::argv, argv_free(), argv_new(), argv_parse_cmd(), check_file_access_chroot(), CHKACC_FILE, M_NOPREFIX, M_OPTERR, and msg.
Referenced by set_user_script().
◆ check_dns_option()
|
static |
Definition at line 5877 of file options.c.
References dns_domain_list_append(), options::dns_options, DNS_SECURITY_NO, DNS_SECURITY_OPTIONAL, DNS_SECURITY_YES, dns_server_addr_parse(), dns_server_get(), dns_server_priority_parse(), DNS_TRANSPORT_HTTPS, DNS_TRANSPORT_PLAIN, DNS_TRANSPORT_TLS, dns_server::dnssec, dns_server::domains, dns_options::gc, i, msg, dns_server::priority, dns_options::search_domains, dns_options::servers, dns_server::sni, streq, dns_server::transport, and validate_domain().
Referenced by add_option(), and update_option().
◆ check_file_access()
|
static |
Definition at line 3954 of file options.c.
References CHKACC_ACCEPT_URI, CHKACC_ACPTSTDIN, CHKACC_DIRPATH, CHKACC_FILE, CHKACC_FILEXSTWR, CHKACC_PRIVATE, dirname(), M_ERRNO, M_NOPREFIX, M_OPTERR, M_WARN, msg, platform_access(), platform_stat(), streq, and string_alloc().
Referenced by check_file_access_chroot(), check_file_access_inline(), and options_postprocess_filechecks().
◆ check_file_access_chroot()
|
static |
Definition at line 4050 of file options.c.
References BSTR, check_file_access(), gc, gc_free(), gc_new(), buffer::len, and prepend_dir().
Referenced by check_cmd_access(), check_file_access_chroot_inline(), and options_postprocess_filechecks().
◆ check_file_access_chroot_inline()
|
static |
A wrapper for check_file_access_chroot() that returns false immediately if the file is inline (and therefore there is no access to check)
Definition at line 4084 of file options.c.
References check_file_access_chroot(), and buffer::len.
Referenced by options_postprocess_filechecks().
◆ check_file_access_inline()
|
static |
A wrapper for check_file_access() that returns false immediately if the file is inline (and therefore there is no access to check)
Definition at line 4100 of file options.c.
References check_file_access(), and buffer::len.
Referenced by options_postprocess_filechecks().
◆ check_inline_file()
Definition at line 5241 of file options.c.
References alloc_buf(), BSTR, buf_printf(), free_buf(), gc, buffer::len, read_inline_file(), and string_alloc().
Referenced by check_inline_file_via_buf(), and check_inline_file_via_fp().
◆ check_inline_file_via_buf()
|
static |
Definition at line 5274 of file options.c.
References check_inline_file(), gc, IS_TYPE_BUF, in_src::multiline, in_src::type, and in_src::u.
Referenced by read_config_string().
◆ check_inline_file_via_fp()
|
static |
Definition at line 5265 of file options.c.
References check_inline_file(), in_src::fp, gc, IS_TYPE_FP, in_src::type, and in_src::u.
Referenced by read_config_file().
◆ check_route6_option()
|
static |
Definition at line 5856 of file options.c.
References ipv6_addr_safe(), ipv6_addr_safe_hexplusbits(), msg, and rol6_check_alloc().
Referenced by add_option(), and update_option().
◆ check_route_option()
|
static |
Definition at line 5828 of file options.c.
References options::allow_pull_fqdn, ip_addr_dotted_quad_safe(), ip_or_dns_addr_safe(), is_special_addr(), msg, and rol_check_alloc().
Referenced by add_option(), and update_option().
◆ cnol_check_alloc()
|
static |
Definition at line 1592 of file options.c.
References options::client_nat, options::gc, and new_client_nat_list().
Referenced by add_option(), and pre_connect_restore().
◆ connection_entry_load_re()
|
static |
Definition at line 2208 of file options.c.
References connection_entry::af, remote_entry::af, connection_entry::proto, remote_entry::proto, connection_entry::remote, remote_entry::remote, connection_entry::remote_port, and remote_entry::remote_port.
Referenced by add_option(), and options_postprocess_mutate().
◆ connection_entry_preload_key()
|
static |
Definition at line 2229 of file options.c.
References buf_valid(), buffer_read_from_file(), buffer::data, gc, buffer::len, M_FATAL, and msg.
Referenced by options_postprocess_mutate_ce().
◆ dhcp_option_address_parse()
|
static |
Definition at line 1353 of file options.c.
References get_ip_addr(), ip_addr_dotted_quad_safe(), msg, and N_DHCP_ADDR.
Referenced by add_option().
◆ dhcp_option_dns6_parse()
|
static |
Definition at line 1339 of file options.c.
References get_ipv6_addr(), msg, and N_DHCP_ADDR.
Referenced by add_option().
◆ get_ip_addr()
|
static |
Definition at line 1111 of file options.c.
References getaddr(), GETADDR_FATAL, GETADDR_HOST_ORDER, and M_FATAL.
Referenced by add_option(), and dhcp_option_address_parse().
◆ get_ipv6_addr_no_netbits()
|
static |
Returns newly allocated string containing address part without "/nn".
If gc != NULL, the allocated memory is registered in the supplied gc.
Definition at line 1136 of file options.c.
References gc, gc_malloc(), and string_alloc().
Referenced by add_option().
◆ has_udp_in_local_list()
| bool has_udp_in_local_list | ( | const struct options * | options | ) |
Definition at line 9939 of file options.c.
References local_list::array, options::ce, i, local_list::len, connection_entry::local_list, local_entry::proto, and proto_is_dgram().
Referenced by multi_io_wait(), and multi_process_signal().
◆ in_src_get()
|
static |
Definition at line 5174 of file options.c.
References ASSERT, BOOL_CAST, buf_parse(), IS_TYPE_BUF, IS_TYPE_FP, buffer::len, and status.
Referenced by read_inline_file().
◆ init_options()
| void init_options | ( | struct options * | o, |
| const bool | init_gc | ||
| ) |
Definition at line 807 of file options.c.
References connection_entry::af, options::allow_recursive_routing, options::auth_token_generate, options::authname, connection_entry::bind_ipv6_only, connection_entry::bind_local, options::block_outside_dns, options::ce, options::cf_initial_max, options::cf_initial_per, CLEAR, options::connect_retry_max, connection_entry::connect_retry_seconds, connection_entry::connect_retry_seconds_max, connection_entry::connect_timeout, DEFAULT_SEQ_BACKTRACK, DEFAULT_TIME_BACKTRACK, tuntap_options::dhcp_lease_time, tuntap_options::dhcp_masq_offset, options::disable_dco, options::dns_options, options::ecdh_curve, dns_options::gc, options::gc, gc_init(), options::gc_owned, options::handshake_window, options::ifconfig_pool_persist_refresh_freq, tuntap_options::ip_win32_type, IPW32_SET_ADAPTIVE, IPW32_SET_DHCP_MASQ, options::key_direction, KEY_DIRECTION_BIDIRECTIONAL, connection_entry::link_mtu, LINK_MTU_DEFAULT, connection_entry::local_port, M_USAGE, options::management_echo_buffer_size, options::management_log_history_cache, options::management_state_buffer_size, options::max_clients, options::max_routes_per_client, options::mode, MODE_POINT_TO_POINT, msg, connection_entry::mssfix, connection_entry::mssfix_default, connection_entry::mssfix_encap, connection_entry::mtu_discover_type, options::n_bcast_buf, options::occ, connection_entry::occ_mtu, OPENVPN_PORT, options::persist_mode, connection_entry::proto, options::proto_force, PROTO_UDP, options::real_hash_size, connection_entry::remote_port, options::renegotiate_bytes, options::renegotiate_seconds, options::renegotiate_seconds_min, options::replay_time, options::replay_window, RESOLV_RETRY_INFINITE, options::resolve_in_advance, options::resolve_retry_seconds, options::route_default_table_id, options::route_delay_window, options::route_method, ROUTE_METHOD_ADAPTIVE, options::scheduled_exit_interval, options::stale_routes_check_interval, options::status_file_update_freq, options::status_file_version, options::tcp_queue_limit, options::tls_cert_profile, connection_entry::tls_mtu, TLS_MTU_DEFAULT, options::tls_timeout, options::tmp_dir, TOP_UNDEF, options::topology, options::transition_window, connection_entry::tun_mtu, TUN_MTU_DEFAULT, options::tuntap_options, dns_options::updown, options::verbosity, options::virtual_hash_size, options::vlan_accept, VLAN_ALL, options::vlan_pvid, win_get_tempdir(), options::windows_driver, WINDOWS_DRIVER_UNSPECIFIED, and X509_USERNAME_FIELD_DEFAULT.
Referenced by add_option(), openvpn_main(), options_postprocess_verify_ce(), and usage().
◆ ipv6_addr_safe_hexplusbits()
|
static |
Definition at line 1154 of file options.c.
References get_ipv6_addr(), and M_WARN.
Referenced by check_route6_option().
◆ key_is_external()
| bool key_is_external | ( | const struct options * | options | ) |
Definition at line 6179 of file options.c.
References options::cryptoapi_cert, options::management_flags, and MF_EXTERNAL_KEY.
Referenced by init_ssl().
◆ msglevel_forward_compatible()
|
inlinestatic |
Definition at line 5633 of file options.c.
References options::forward_compatible, and M_WARN.
Referenced by add_option(), and remove_option().
◆ need_compatibility_before()
|
static |
The option –compat-mode is used to set up default settings to values used on the specified openvpn version and earlier.
This function is used in various "default option" paths to test if the user requested compatibility with a version before the one specified as argument. This way some default settings can be automatically altered to guarantee compatibility with the version specified by the user via –compat-mode.
- Parameters
-
o Options state version need compatibility with openvpn versions before the one specified (20401 = before 2.4.1)
- Returns
- whether compatibility should be enabled
Definition at line 3383 of file options.c.
References options::backwards_compatible.
Referenced by options_set_backwards_compatible_options().
◆ no_more_than_n_args()
|
static |
Definition at line 5608 of file options.c.
References buffer::len, msg, NM_QUOTE_HINT, and string_array_len().
Referenced by add_option().
◆ notnull()
| void notnull | ( | const char * | arg, |
| const char * | description | ||
| ) |
Definition at line 4931 of file options.c.
Referenced by do_persist_tuntap(), and options_postprocess_verify_ce().
◆ option_iroute()
|
static |
Definition at line 1490 of file options.c.
References ALLOC_OBJ_GC, options::gc, getaddr(), GETADDR_HOST_ORDER, options::iroutes, msg, iroute::netbits, netmask_to_netbits2(), iroute::network, and iroute::next.
Referenced by add_option().
◆ option_iroute_ipv6()
|
static |
Definition at line 1517 of file options.c.
References ALLOC_OBJ_GC, options::gc, get_ipv6_addr(), options::iroutes_ipv6, msg, iroute_ipv6::netbits, iroute_ipv6::network, and iroute_ipv6::next.
Referenced by add_option().
◆ options_cmp_equal()
| bool options_cmp_equal | ( | char * | actual, |
| const char * | expected | ||
| ) |
Definition at line 4551 of file options.c.
References options_cmp_equal_safe().
Referenced by key_method_2_read().
◆ options_cmp_equal_safe()
| bool options_cmp_equal_safe | ( | char * | actual, |
| const char * | expected, | ||
| size_t | actual_n | ||
| ) |
Definition at line 4671 of file options.c.
References D_SHOW_OCC, gc, gc_free(), gc_new(), msg, and options_warning_safe_ml().
Referenced by options_cmp_equal(), and process_received_occ_msg().
◆ options_detach()
| void options_detach | ( | struct options * | o | ) |
Definition at line 1565 of file options.c.
References options::client_nat, clone_push_list(), options::gc, gc_detach(), and options::routes.
Referenced by do_test_crypto(), inherit_context_child(), and inherit_context_top().
◆ options_postprocess()
Definition at line 4279 of file options.c.
References es, options_postprocess_filechecks(), options_postprocess_mutate(), and options_postprocess_verify().
Referenced by openvpn_main().
◆ options_postprocess_cipher()
|
static |
Definition at line 3323 of file options.c.
References options::ciphername, options::enable_ncp_fallback, M_INFO, M_WARN, options::mode, MODE_SERVER, msg, options::ncp_ciphers, options::ncp_ciphers_conf, options::pull, and tls_item_in_cipher_list().
Referenced by options_postprocess_mutate().
◆ options_postprocess_filechecks()
|
static |
Definition at line 4168 of file options.c.
References connection_list::array, ASSERT, options::auth_user_pass_file, options::auth_user_pass_file_inline, options::ca_file, options::ca_file_inline, options::ca_path, options::cert_file, options::cert_file_inline, check_file_access(), check_file_access_chroot(), check_file_access_chroot_inline(), check_file_access_inline(), CHKACC_ACCEPT_URI, CHKACC_ACPTSTDIN, CHKACC_DIRPATH, CHKACC_FILE, CHKACC_FILEXSTWR, CHKACC_PRIVATE, options::chroot_dir, options::client_config_dir, options::connection_list, options::crl_file, options::crl_file_inline, options::dh_file, options::dh_file_inline, options::extra_certs_file, i, options::key_pass_file, connection_list::len, M_USAGE, options::management_flags, options::management_user_pass, MF_EXTERNAL_KEY, msg, options::packet_id_file, options::pkcs12_file, options::pkcs12_file_inline, options::priv_key_file, options::priv_key_file_inline, options::shared_secret_file, options::shared_secret_file_inline, options::ssl_flags, SSLF_CRL_VERIFY_DIR, options::status_file, connection_entry::tls_auth_file, connection_entry::tls_auth_file_inline, connection_entry::tls_crypt_file, connection_entry::tls_crypt_file_inline, connection_entry::tls_crypt_v2_file, connection_entry::tls_crypt_v2_file_inline, options::tls_export_peer_cert_dir, options::tmp_dir, options::verify_hash_no_ca, and options::writepid.
Referenced by options_postprocess().
◆ options_postprocess_http_proxy_override()
|
static |
Definition at line 2029 of file options.c.
References connection_list::array, CE_DISABLED, connection_entry::flags, connection_entry::http_proxy_options, options::http_proxy_override, i, connection_list::len, M_WARN, msg, connection_entry::proto, PROTO_TCP, PROTO_TCP_CLIENT, and PROTO_UDP.
Referenced by options_postprocess_mutate().
◆ options_postprocess_mutate()
Definition at line 3746 of file options.c.
References alloc_connection_entry(), alloc_local_entry(), local_list::array, connection_list::array, remote_list::array, ASSERT, options::auth_token_generate, options::auth_token_renewal, options::ca_file, options::ca_path, options::ce, check_compression_settings_valid(), options::comp, COMP_F_ALLOW_NOCOMP_ONLY, options::config, connection_entry_load_re(), options::connection_list, D_DCO, dco_check_option(), dco_check_startup_option(), dco_enabled(), options::dev_node, options::dh_file, options::disable_dco, options::dns_options, dns_options_preprocess_pull(), DRIVER_DCO, es, compress_options::flags, options::gc, helper_client_server(), helper_keepalive(), helper_setdefault_topology(), helper_tcp_nodelay(), options::http_proxy_override, i, local_list::len, connection_list::len, remote_list::len, connection_entry::local_list, connection_entry::local_port, M_INFO, M_USAGE, M_WARN, options::mode, msg, mutate_ncp_cipher_list(), options::ncp_ciphers, options_postprocess_cipher(), options_postprocess_http_proxy_override(), options_postprocess_mutate_ce(), options_postprocess_mutate_invariant(), options_postprocess_mutate_le(), options_postprocess_setdefault_ncpciphers(), options_process_mutate_prf(), options_set_backwards_compatible_options(), local_entry::port, pre_connect_save(), local_entry::proto, connection_entry::proto, PROTO_NONE, PROTO_TCP, PROTO_TCP_SERVER, options::pull, options::remap_sigusr1, remote_entry::remote, options::remote_list, options::renegotiate_seconds, streq, options::tls_server, tuntap_options_postprocess_dns(), options::verify_hash, options::verify_hash_depth, options::verify_hash_no_ca, options::windows_driver, WINDOWS_DRIVER_TAP_WINDOWS6, and WINDOWS_DRIVER_UNSPECIFIED.
Referenced by options_postprocess().
◆ options_postprocess_mutate_ce()
|
static |
Definition at line 2932 of file options.c.
References connection_entry::af, connection_entry::bind_defined, connection_entry::bind_local, options::ce, CE_DISABLED, connection_entry_preload_key(), options::dev, options::dev_type, dev_type_enum(), DEV_TYPE_TAP, connection_entry::explicit_exit_notification, connection_entry::flags, connection_entry::fragment, options::gc, connection_entry::http_proxy_options, connection_entry::key_direction, options::key_direction, connection_entry::link_mtu_defined, connection_entry::local_list, connection_entry::local_port, connection_entry::local_port_defined, M_INFO, M_WARN, options::mode, MODE_SERVER, msg, connection_entry::mssfix, MSSFIX_DEFAULT, connection_entry::mssfix_default, connection_entry::mssfix_encap, connection_entry::mssfix_fixed, http_proxy_options::nocache, connection_entry::proto, options::proto_force, proto_is_udp(), PROTO_TCP, PROTO_TCP_CLIENT, PROTO_TCP_SERVER, PROTO_UDP, options::pull, options::server_bridge_defined, options::server_bridge_proxy_dhcp, options::server_defined, connection_entry::socks_proxy_server, ssl_get_auth_nocache(), TAP_MTU_EXTRA_DEFAULT, connection_entry::tls_auth_file, options::tls_auth_file, connection_entry::tls_auth_file_inline, options::tls_auth_file_inline, connection_entry::tls_crypt_file, options::tls_crypt_file, connection_entry::tls_crypt_file_inline, options::tls_crypt_file_inline, connection_entry::tls_crypt_v2_file, options::tls_crypt_v2_file, connection_entry::tls_crypt_v2_file_inline, options::tls_crypt_v2_file_inline, connection_entry::tun_mtu, TUN_MTU_DEFAULT, connection_entry::tun_mtu_defined, connection_entry::tun_mtu_extra, and connection_entry::tun_mtu_extra_defined.
Referenced by options_postprocess_mutate().
◆ options_postprocess_mutate_invariant()
|
static |
Definition at line 3234 of file options.c.
References options::dev, options::dev_type, dev_type_enum(), DEV_TYPE_TAP, DEV_TYPE_TUN, DRIVER_DCO, options::ifconfig_noexec, tuntap_options::ip_win32_type, IPW32_SET_ADAPTIVE, IPW32_SET_DHCP_MASQ, IPW32_SET_MANUAL, IPW32_SET_NETSH, options::mode, MODE_POINT_TO_POINT, MODE_SERVER, remap_redirect_gateway_flags(), options::route_delay, options::route_delay_defined, tuntap_options::tap_sleep, options::tuntap_options, and options::windows_driver.
Referenced by options_postprocess_mutate().
◆ options_postprocess_mutate_le()
|
static |
Definition at line 3089 of file options.c.
References connection_entry::local_port, MODE_POINT_TO_POINT, local_entry::port, local_entry::proto, and connection_entry::proto.
Referenced by options_postprocess_mutate().
◆ options_postprocess_pull()
Definition at line 4293 of file options.c.
References D_PUSH_ERRORS, options::dns_options, dns_options_postprocess_pull(), dns_options_verify(), es, and tuntap_options_postprocess_dns().
Referenced by incoming_push_message(), and send_single_push_update().
◆ options_postprocess_verify()
|
static |
Definition at line 3297 of file options.c.
References connection_list::array, options::ce, options::connection_list, dco_enabled(), options::dns_options, dns_options_verify(), options::enable_c2c, i, connection_list::len, M_FATAL, M_WARN, msg, and options_postprocess_verify_ce().
Referenced by options_postprocess().
◆ options_postprocess_verify_ce()
|
static |
Definition at line 2283 of file options.c.
References options::allow_deprecated_insecure_static_crypto, local_list::array, connection_list::array, options::auth_token_generate, options::auth_token_renewal, options::auth_user_pass_file, options::auth_user_pass_verify_script, connection_entry::bind_defined, connection_entry::bind_local, options::ccd_exclusive, options::ce, options::cert_file, options::cf_max, options::cf_per, check_ca_required(), options::client_config_dir, options::connection_list, options::cryptoapi_cert, options::dev, options::dev_type, dev_type_enum(), DEV_TYPE_TAP, DEV_TYPE_TUN, DEV_TYPE_UNDEF, tuntap_options::dhcp_options, DHCP_OPTIONS_DHCP_REQUIRED, route_option_list::flags, connection_entry::fragment, options::handshake_window, connection_entry::http_proxy_options, i, options::ifconfig_ipv6_local, options::ifconfig_ipv6_pool_defined, options::ifconfig_local, options::ifconfig_pool_defined, options::ifconfig_pool_netmask, options::ifconfig_pool_persist_filename, options::ifconfig_remote_netmask, init_options(), tuntap_options::ip_win32_defined, tuntap_options::ip_win32_type, options::ipchange, IPW32_SET_ADAPTIVE, IPW32_SET_DHCP_MASQ, learn_address_script(), local_list::len, connection_list::len, connection_entry::link_mtu_defined, options::lladdr, local_entry::local, connection_entry::local_list, connection_entry::local_port_defined, M_FATAL, M_INFO, M_USAGE, M_WARN, MAN_CLIENT_AUTH_ENABLED, options::management_addr, options::management_client_group, options::management_client_user, options::management_flags, options::management_log_history_cache, options::management_user_pass, MF_EXTERNAL_CERT, MF_EXTERNAL_KEY, MF_EXTERNAL_KEY_NOPADDING, MF_UNIX_SOCK, options::mode, MODE_SERVER, msg, options::mtu_test, MUST_BE_FALSE, MUST_BE_UNDEF, notnull(), pkcs11_id_management, options::pkcs12_file, PLUGIN_OPTION_LIST, local_entry::port, print_tun_backend_driver(), options::priv_key_file, local_entry::proto, connection_entry::proto, proto_is_dgram(), proto_is_net(), proto_is_udp(), PROTO_TCP, PROTO_TCP_CLIENT, PROTO_TCP_SERVER, options::pull, options::pull_filter_list, push_peer_info(), connection_entry::remote, connection_entry::remote_port, options::renegotiate_seconds, RG_ENABLE, options::routes, http_proxy_options::server, options::server_flags, SF_TCP_NODELAY_HELPER, options::shared_secret_file, connection_entry::socks_proxy_server, options::ssl_flags, SSLF_AUTH_USER_PASS_OPTIONAL, SSLF_CLIENT_CERT_NOT_REQUIRED, SSLF_CLIENT_CERT_OPTIONAL, SSLF_OPT_VERIFY, SSLF_TLS_VERSION_MAX_MASK, SSLF_TLS_VERSION_MAX_SHIFT, SSLF_TLS_VERSION_MIN_MASK, SSLF_TLS_VERSION_MIN_SHIFT, SSLF_USERNAME_AS_COMMON_NAME, string_defined_equal(), options::test_crypto, connection_entry::tls_auth_file, options::tls_client, connection_entry::tls_crypt_file, connection_entry::tls_crypt_v2_file, options::tls_server, TLS_VER_1_3, tls_verify(), tls_version_max(), TOP_SUBNET, options::topology, connection_entry::tun_mtu_defined, options::tuntap_options, uninit_options(), USAGE_VALID_SERVER_PROTOS, options::vlan_tagging, options::windows_driver, and WINDOWS_DRIVER_TAP_WINDOWS6.
Referenced by options_postprocess_verify().
◆ options_process_mutate_prf()
|
static |
Definition at line 3461 of file options.c.
References check_tls_prf_working(), D_TLS_ERRORS, options::force_key_material_export, M_WARN, options::mode, MODE_SERVER, and msg.
Referenced by options_postprocess_mutate().
◆ options_server_import()
| void options_server_import | ( | struct options * | o, |
| const char * | filename, | ||
| msglvl_t | msglevel, | ||
| unsigned int | permission_mask, | ||
| unsigned int * | option_types_found, | ||
| struct env_set * | es | ||
| ) |
Definition at line 5527 of file options.c.
References D_PUSH, es, buffer::len, msg, and read_config_file().
Referenced by multi_client_connect_post().
◆ options_set_backwards_compatible_options()
|
static |
Changes default values so that OpenVPN can be compatible with the user specified version.
Definition at line 3393 of file options.c.
References append_cipher_to_ncp_list(), options::ciphername, options::comp, COMP_F_ADVERTISE_STUBS_ONLY, COMP_F_ALLOW_NOCOMP_ONLY, COMP_F_ALLOW_STUB_ONLY, comp_non_stub_enabled(), options::enable_ncp_fallback, compress_options::flags, options::ncp_ciphers, need_compatibility_before(), options::ssl_flags, SSLF_TLS_VERSION_MAX_MASK, SSLF_TLS_VERSION_MAX_SHIFT, SSLF_TLS_VERSION_MIN_MASK, SSLF_TLS_VERSION_MIN_SHIFT, tls_item_in_cipher_list(), TLS_VER_1_0, and TLS_VER_1_2.
Referenced by options_postprocess_mutate().
◆ options_string()
| char * options_string | ( | const struct options * | o, |
| const struct frame * | frame, | ||
| struct tuntap * | tt, | ||
| openvpn_net_ctx_t * | ctx, | ||
| bool | remote, | ||
| struct gc_arena * | gc | ||
| ) |
Definition at line 4350 of file options.c.
References alloc_buf(), ASSERT, options::authname, BSTR, buf_printf(), calc_options_string_link_mtu(), options::ce, key_type::cipher, cipher_defined(), cipher_kt_key_size(), cipher_kt_name(), options::ciphername, COMP_ALG_UNDEF, dev_type_string(), key_type::digest, gc, ifconfig_options_string(), init_key_type(), init_tun(), KEY_METHOD_2, keydirection2ascii(), buffer::len, md_kt_name(), MODE_POINT_TO_POINT, options::ncp_ciphers, OPTION_LINE_SIZE, proto_remote(), PULL_DEFINED, options::shared_secret_file, connection_entry::tls_auth_file, TLS_CLIENT, tls_item_in_cipher_list(), TLS_SERVER, and frame::tun_mtu.
Referenced by do_compute_occ_strings(), and options_string_extract_option().
◆ options_string_extract_option()
| char * options_string_extract_option | ( | const char * | options_string, |
| const char * | opt_name, | ||
| struct gc_arena * | gc | ||
| ) |
Given an OpenVPN options string, extract the value of an option.
- Parameters
-
options_string Zero-terminated, comma-separated options string opt_name The name of the option to extract gc The gc to allocate the return value
- Returns
- gc-allocated value of option with name opt_name if option was found, or NULL otherwise.
Definition at line 4708 of file options.c.
References gc, gc_malloc(), buffer::len, and options_string().
Referenced by key_method_2_read().
◆ options_string_import()
| void options_string_import | ( | struct options * | options, |
| const char * | config, | ||
| const msglvl_t | msglevel, | ||
| const unsigned int | permission_mask, | ||
| unsigned int * | option_types_found, | ||
| struct env_set * | es | ||
| ) |
Definition at line 5537 of file options.c.
References es, buffer::len, and read_config_string().
Referenced by multi_client_connect_mda(), multi_client_connect_post_plugin(), and open_plugins().
◆ options_string_version()
| const char * options_string_version | ( | const char * | s, |
| struct gc_arena * | gc | ||
| ) |
Definition at line 4700 of file options.c.
References alloc_buf_gc(), BPTR, BSTR, gc, and strncpynt().
Referenced by do_compute_occ_strings().
◆ options_warning()
| void options_warning | ( | char * | actual, |
| const char * | expected | ||
| ) |
Definition at line 4557 of file options.c.
References options_warning_safe().
Referenced by key_method_2_read().
◆ options_warning_extract_parm1()
|
static |
Definition at line 4563 of file options.c.
References buf_parse(), gc, gc_free(), gc_malloc(), gc_new(), buffer::len, OPTION_PARM_SIZE, string_alloc(), and string_alloc_buf().
Referenced by options_warning_safe_scan2().
◆ options_warning_safe()
| void options_warning_safe | ( | char * | actual, |
| const char * | expected, | ||
| size_t | actual_n | ||
| ) |
Definition at line 4694 of file options.c.
References D_SHOW_OCC, and options_warning_safe_ml().
Referenced by options_warning(), and process_received_occ_msg().
◆ options_warning_safe_ml()
|
static |
Definition at line 4649 of file options.c.
References alloc_buf_gc(), buf_printf(), gc, gc_free(), gc_new(), buffer::len, OPTION_PARM_SIZE, and options_warning_safe_scan1().
Referenced by options_cmp_equal_safe(), and options_warning_safe().
◆ options_warning_safe_scan1()
|
static |
Definition at line 4631 of file options.c.
References buf_parse(), gc, gc_free(), gc_malloc(), gc_new(), buffer::len, OPTION_PARM_SIZE, and options_warning_safe_scan2().
Referenced by options_warning_safe_ml().
◆ options_warning_safe_scan2()
|
static |
Definition at line 4577 of file options.c.
References buf_parse(), gc, gc_free(), gc_malloc(), gc_new(), buffer::len, msg, OPTION_PARM_SIZE, options_warning_extract_parm1(), safe_print(), streq, and strprefix().
Referenced by options_warning_safe_scan1().
◆ parse_argv()
| void parse_argv | ( | struct options * | options, |
| const int | argc, | ||
| char * | argv[], | ||
| const msglvl_t | msglevel, | ||
| const unsigned int | permission_mask, | ||
| unsigned int * | option_types_found, | ||
| struct env_set * | es | ||
| ) |
Definition at line 5401 of file options.c.
References add_option(), CLEAR, es, i, buffer::len, MAX_PARMS, msg, and usage().
Referenced by openvpn_main().
◆ parse_hash_fingerprint()
|
static |
Parses a hexstring and checks if the string has the correct length.
Return a verify_hash_list containing the parsed hash string.
- Parameters
-
str String to check/parse nbytes Number of bytes expected in the hexstr (e.g. 20 for SHA1) msglevel message level to use when printing warnings/errors gc The returned object will be allocated in this gc
Definition at line 1196 of file options.c.
References ALLOC_OBJ_CLEAR_GC, gc, verify_hash_list::hash, i, and msg.
Referenced by parse_hash_fingerprint_multiline().
◆ parse_hash_fingerprint_multiline()
|
static |
Parses a string consisting of multiple lines of hexstrings and checks if each string has the correct length.
Empty lines are ignored. Returns a linked list of (possibly) multiple verify_hash_list objects.
- Parameters
-
str String to check/parse nbytes Number of bytes expected in the hexstring (e.g. 20 for SHA1) msglevel message level to use when printing warnings/errors gc The returned list items will be allocated in this gc
Definition at line 1249 of file options.c.
References gc, gc_free(), gc_new(), verify_hash_list::hash, parse_hash_fingerprint(), string_alloc(), and strsep().
Referenced by add_option().
◆ parse_http_proxy_override()
|
static |
Definition at line 2001 of file options.c.
References ALLOC_OBJ_CLEAR_GC, http_proxy_options::auth_retry, gc, http_proxy_options::http_version, PAR_ALL, PAR_NCT, http_proxy_options::port, http_proxy_options::server, string_alloc(), and http_proxy_options::user_agent.
Referenced by add_option().
◆ parse_line()
| int parse_line | ( | const char * | line, |
| char * | p[], | ||
| const int | n, | ||
| const char * | file, | ||
| const int | line_num, | ||
| msglvl_t | msglevel, | ||
| struct gc_arena * | gc | ||
| ) |
Definition at line 4977 of file options.c.
References gc, gc_malloc(), i, M_INFO, M_MSG_VIRT_OUT, M_NOPREFIX, msg, OPTION_PARM_SIZE, PACKAGE, SIZE, and space().
Referenced by apply_push_options(), argv_parse_cmd(), make_arg_array(), man_process_command(), read_config_file(), read_config_string(), and remove_iroutes_from_push_route_list().
◆ parse_topology()
| int parse_topology | ( | const char * | str, |
| const msglvl_t | msglevel | ||
| ) |
Definition at line 4741 of file options.c.
References buffer::len, msg, streq, TOP_NET30, TOP_P2P, TOP_SUBNET, and TOP_UNDEF.
Referenced by add_option().
◆ pre_connect_restore()
Definition at line 3165 of file options.c.
References options_pre_connect::authname, options::authname, options_pre_connect::ciphername, options::ciphername, CLEAR, options_pre_connect::client_nat, options::client_nat, options_pre_connect::client_nat_defined, clone_dns_options(), cnol_check_alloc(), options_pre_connect::comp, options::comp, copy_client_nat_option_list(), copy_route_ipv6_option_list(), copy_route_option_list(), options_pre_connect::dns_options, options::dns_options, options_pre_connect::foreign_option_index, options::foreign_option_index, dns_options::gc, gc, gc_free(), gc_new(), options::imported_protocol_flags, options_pre_connect::ping_rec_timeout, options::ping_rec_timeout, options_pre_connect::ping_rec_timeout_action, options::ping_rec_timeout_action, options_pre_connect::ping_send_timeout, options::ping_send_timeout, options::pre_connect, options::push_continuation, options::push_option_types_found, rol6_check_alloc(), rol_check_alloc(), options_pre_connect::route_default_gateway, options::route_default_gateway, options_pre_connect::route_ipv6_default_gateway, options::route_ipv6_default_gateway, options_pre_connect::routes, options::routes, options_pre_connect::routes_defined, options_pre_connect::routes_ipv6, options::routes_ipv6, options_pre_connect::routes_ipv6_defined, options_pre_connect::tuntap_options, options::tuntap_options, and options_pre_connect::tuntap_options_defined.
Referenced by init_instance().
◆ pre_connect_save()
|
static |
Definition at line 3123 of file options.c.
References ALLOC_OBJ_CLEAR_GC, options_pre_connect::authname, options::authname, options_pre_connect::ciphername, options::ciphername, options_pre_connect::client_nat, options::client_nat, options_pre_connect::client_nat_defined, clone_client_nat_option_list(), clone_dns_options(), clone_route_ipv6_option_list(), clone_route_option_list(), options_pre_connect::comp, options::comp, options_pre_connect::dns_options, options::dns_options, options_pre_connect::foreign_option_index, options::foreign_option_index, options::gc, options_pre_connect::ping_rec_timeout, options::ping_rec_timeout, options_pre_connect::ping_rec_timeout_action, options::ping_rec_timeout_action, options_pre_connect::ping_send_timeout, options::ping_send_timeout, options::pre_connect, options_pre_connect::route_default_gateway, options::route_default_gateway, options_pre_connect::route_ipv6_default_gateway, options::route_ipv6_default_gateway, options_pre_connect::routes, options::routes, options_pre_connect::routes_defined, options_pre_connect::routes_ipv6, options::routes_ipv6, options_pre_connect::routes_ipv6_defined, options_pre_connect::tuntap_options, options::tuntap_options, and options_pre_connect::tuntap_options_defined.
Referenced by options_postprocess_mutate().
◆ print_topology()
| const char * print_topology | ( | const int | topology | ) |
Definition at line 4763 of file options.c.
References TOP_NET30, TOP_P2P, TOP_SUBNET, and TOP_UNDEF.
Referenced by do_ifconfig_ipv4(), and print_opt_topology().
◆ print_vlan_accept()
|
static |
Definition at line 1381 of file options.c.
References VLAN_ALL, VLAN_ONLY_TAGGED, and VLAN_ONLY_UNTAGGED_OR_PRIORITY.
Referenced by show_p2mp_parms().
◆ pull_filter_type_name()
|
static |
Definition at line 955 of file options.c.
References PUF_TYPE_ACCEPT, PUF_TYPE_IGNORE, and PUF_TYPE_REJECT.
Referenced by show_pull_filter_list().
◆ read_config_file()
|
static |
Definition at line 5298 of file options.c.
References add_option(), bypass_doubledash(), check_inline_file_via_fp(), CLEAR, es, in_src::fp, options::gc, MAX_PARMS, msg, OPTION_LINE_SIZE, parse_line(), platform_fopen(), secure_memzero(), SIZE, and streq.
Referenced by add_option(), and options_server_import().
◆ read_config_string()
|
static |
Definition at line 5372 of file options.c.
References add_option(), buf_parse(), buf_set_read(), bypass_doubledash(), check_inline_file_via_buf(), CLEAR, es, options::gc, buffer::len, MAX_PARMS, OPTION_LINE_SIZE, parse_line(), secure_memzero(), and SIZE.
Referenced by add_option(), and options_string_import().
◆ read_inline_file()
|
static |
Definition at line 5197 of file options.c.
References alloc_buf(), ASSERT, BSTR, buf_clear(), buf_copy(), buf_printf(), buf_safe(), buffer::capacity, free_buf(), gc, in_src_get(), buffer::len, M_FATAL, msg, OPTION_LINE_SIZE, secure_memzero(), and string_alloc().
Referenced by check_inline_file().
◆ remap_redirect_gateway_flags()
|
static |
Definition at line 3107 of file options.c.
References route_option_list::flags, M_INFO, msg, RG_DEF1, RG_REROUTE_GW, options::route_method, ROUTE_METHOD_SERVICE, and options::routes.
Referenced by add_option(), and options_postprocess_mutate_invariant().
◆ remove_option()
|
static |
Resets options found in the PUSH_UPDATE message that are preceded by the - flag.
This function is used in push-updates to reset specified options. The number of parameters p must always be 1. If the permission is verified, all related options are erased or reset to their default values. Upon successful permission verification (by VERIFY_PERMISSION()), option_types_found is filled with the flag corresponding to the option.
- Parameters
-
c The context structure. options A pointer to the options structure. p An array of strings containing the options and their parameters. is_inline A boolean indicating if the option is inline. file The file where the function is called. line The line number where the function is called. msglevel The message level. permission_mask The permission mask used by VERIFY_PERMISSION(). option_types_found A pointer to the variable where the flags corresponding to the options found are stored. es The environment set structure.
Definition at line 5666 of file options.c.
References options::block_ipv6, options::block_outside_dns, options::ce, CLEAR, delete_routes_v4(), delete_routes_v6(), tuntap_options::dhcp_options, tuntap_options::disable_nbt, tuntap_options::dns, tuntap_options::dns6, tuntap_options::dns6_len, tuntap_options::dns_len, options::dns_options, tuntap_options::domain, tuntap_options::domain_search_list, tuntap_options::domain_search_list_len, env_set_del(), es, route_option_list::flags, route_ipv6_option_list::flags, dns_options::gc, gc_free(), helper_setdefault_topology(), i, options::ifconfig_ipv6_local, options::ifconfig_ipv6_netbits, options::ifconfig_ipv6_remote, options::ifconfig_local, options::ifconfig_remote_netmask, options::ignore_unknown_option, buffer::len, env_set::list, M_WARN, msg, msglevel_forward_compatible(), tuntap_options::nbdd, tuntap_options::nbdd_len, tuntap_options::netbios_node_type, tuntap_options::netbios_scope, tuntap_options::ntp, tuntap_options::ntp_len, connection_entry::occ_mtu, OPT_P_CONNECTION, OPT_P_DHCPDNS, OPT_P_PULL_MODE, OPT_P_PUSH_MTU, OPT_P_ROUTE, OPT_P_ROUTE_EXTRAS, OPT_P_UP, PACKAGE_VERSION, options::push_continuation, RESET_OPTION_ROUTES, options::route_default_gateway, options::route_default_metric, options::route_gateway_via_dhcp, ROUTE_OPTION_FLAGS, options::routes, options::routes_ipv6, streq, TOP_UNDEF, options::topology, connection_entry::tun_mtu, TUN_MTU_DEFAULT, connection_entry::tun_mtu_defined, options::tuntap_options, VERIFY_PERMISSION, tuntap_options::wins, and tuntap_options::wins_len.
Referenced by apply_push_options().
◆ rol6_check_alloc()
|
static |
Definition at line 1583 of file options.c.
References options::gc, new_route_ipv6_option_list(), and options::routes_ipv6.
Referenced by add_option(), check_route6_option(), and pre_connect_restore().
◆ rol_check_alloc()
| void rol_check_alloc | ( | struct options * | options | ) |
Definition at line 1574 of file options.c.
References options::gc, new_route_option_list(), and options::routes.
Referenced by add_option(), check_route_option(), helper_add_route(), and pre_connect_restore().
◆ set_user_script()
|
static |
Definition at line 6140 of file options.c.
References check_cmd_access(), options::chroot_dir, M_USAGE, M_WARN, msg, and options::user_script_used.
Referenced by add_option().
◆ setenv_connection_entry()
|
static |
Definition at line 988 of file options.c.
References es, connection_entry::http_proxy_options, i, http_proxy_options::port, connection_entry::remote, connection_entry::remote_port, http_proxy_options::server, setenv_str_i(), connection_entry::socks_proxy_port, and connection_entry::socks_proxy_server.
Referenced by setenv_settings().
◆ setenv_local_entry()
|
static |
Definition at line 1006 of file options.c.
References es, i, local_entry::local, local_entry::port, local_entry::proto, proto2ascii(), and setenv_str_i().
Referenced by setenv_settings().
◆ setenv_settings()
Definition at line 1014 of file options.c.
References local_list::array, connection_list::array, options::ce, options::config, options::connection_list, options::daemon, es, i, local_list::len, connection_list::len, connection_entry::local_list, options::log, platform_getpid(), setenv_connection_entry(), setenv_int(), setenv_local_entry(), setenv_long_long(), setenv_str(), and options::verbosity.
Referenced by openvpn_main().
◆ show_compression_warning()
|
static |
Definition at line 6167 of file options.c.
References comp_non_stub_enabled(), M_WARN, and msg.
Referenced by add_option().
◆ show_connection_entries()
|
static |
Definition at line 1659 of file options.c.
References options::connection_list, D_SHOW_PARMS, i, connection_list::len, msg, and show_connection_entry().
Referenced by show_settings().
◆ show_connection_entry()
|
static |
Definition at line 1602 of file options.c.
References connection_entry::af, local_list::array, bind_local(), D_SHOW_PARMS, connection_entry::http_proxy_options, i, connection_entry::key_direction, keydirection2ascii(), local_list::len, local_entry::local, connection_entry::local_list, msg, local_entry::port, local_entry::proto, connection_entry::proto, proto2ascii(), SHOW_BOOL, show_http_proxy_options(), SHOW_INT, SHOW_PARM, SHOW_STR, and SHOW_STR_INLINE.
Referenced by show_connection_entries().
◆ show_dco_version()
| void show_dco_version | ( | const unsigned int | flags | ) |
Definition at line 4885 of file options.c.
References dco_version_string(), gc, gc_free(), gc_new(), and msg.
Referenced by openvpn_main(), and usage_version().
◆ show_dhcp_option_addrs()
|
static |
Definition at line 1301 of file options.c.
References D_SHOW_PARMS, gc, gc_free(), gc_new(), i, msg, and print_in_addr_t().
Referenced by show_tuntap_options().
◆ show_dhcp_option_list()
|
static |
Definition at line 1291 of file options.c.
References D_SHOW_PARMS, i, and msg.
Referenced by show_tuntap_options().
◆ show_http_proxy_options()
|
static |
Definition at line 1535 of file options.c.
References http_custom_header::content, http_proxy_options::custom_headers, D_SHOW_PARMS, i, MAX_CUSTOM_HTTP_HEADER, msg, http_custom_header::name, SHOW_BOOL, and SHOW_STR.
Referenced by show_connection_entry().
◆ show_library_versions()
| void show_library_versions | ( | const unsigned int | flags | ) |
Definition at line 4895 of file options.c.
References get_ssl_library_version(), LZO_LIB_VER_STR, and msg.
Referenced by openvpn_main(), and usage_version().
◆ show_p2mp_parms()
|
static |
Definition at line 1398 of file options.c.
References D_SHOW_PARMS, push_entry::enable, gc, gc_free(), gc_new(), push_list::head, options::ifconfig_ipv6_pool_base, options::ifconfig_pool_end, options::ifconfig_pool_netmask, options::ifconfig_pool_start, learn_address_script(), msg, push_entry::next, push_entry::option, print_in6_addr(), print_in_addr_t(), print_vlan_accept(), options::push_ifconfig_ipv6_local, options::push_ifconfig_ipv6_netbits, options::push_ifconfig_ipv6_remote, options::push_ifconfig_local, options::push_ifconfig_remote_netmask, options::push_list, options::server_bridge_ip, options::server_bridge_netmask, options::server_bridge_pool_end, options::server_bridge_pool_start, options::server_netmask, options::server_network, options::server_network_ipv6, SHOW_BOOL, SHOW_INT, SHOW_STR, SHOW_STR_INLINE, and options::vlan_accept.
Referenced by show_settings().
◆ show_pull_filter_list()
|
static |
Definition at line 1680 of file options.c.
References D_SHOW_PARMS, pull_filter_list::head, msg, and pull_filter_type_name().
Referenced by show_settings().
◆ show_settings()
| void show_settings | ( | const struct options * | o | ) |
Definition at line 1698 of file options.c.
References options::client_nat, D_SHOW_PARMS, daemon(), options::dns_options, format_hex_ex(), gc, gc_free(), gc_new(), verify_hash_list::hash, i, options::key_direction, keydirection2ascii(), machine_readable_output, options::management_flags, MAX_PARMS, MD_SHA1, MF_EXTERNAL_CERT, MF_EXTERNAL_KEY, msg, verify_hash_list::next, pkcs11_id_management, options::plugin_list, plugin_option_list_print(), print_client_nat_list(), print_route_options(), options::pull_filter_list, push_peer_info(), options::routes, SHA256_DIGEST_LENGTH, SHA_DIGEST_LENGTH, SHOW_BOOL, show_connection_entries(), show_dns_options(), SHOW_INT, SHOW_INT64, show_p2mp_parms(), SHOW_PARM, show_pull_filter_list(), SHOW_STR, SHOW_STR_INLINE, show_tuntap_options(), suppress_timestamps, test_crypto(), tls_verify(), options::tuntap_options, options::verify_hash, and options::verify_hash_algo.
Referenced by openvpn_main().
◆ show_tuntap_options()
|
static |
Definition at line 1313 of file options.c.
References dhcp_renew(), tuntap_options::dns, tuntap_options::dns_len, tuntap_options::domain_search_list, tuntap_options::domain_search_list_len, tuntap_options::nbdd, tuntap_options::nbdd_len, tuntap_options::ntp, tuntap_options::ntp_len, SHOW_BOOL, show_dhcp_option_addrs(), show_dhcp_option_list(), SHOW_INT, SHOW_STR, SHOW_UNSIGNED, tuntap_options::wins, and tuntap_options::wins_len.
Referenced by show_settings().
◆ show_windows_version()
| void show_windows_version | ( | const unsigned int | flags | ) |
Definition at line 4876 of file options.c.
References gc, gc_free(), gc_new(), msg, and win32_version_string().
Referenced by openvpn_main(), and usage_version().
◆ space()
|
inlinestatic |
Definition at line 4971 of file options.c.
Referenced by parse_line().
◆ string_defined_equal()
| bool string_defined_equal | ( | const char * | s1, |
| const char * | s2 | ||
| ) |
Definition at line 4940 of file options.c.
Referenced by options_postprocess_verify_ce().
◆ string_substitute()
|
static |
Definition at line 1168 of file options.c.
References gc, and gc_malloc().
Referenced by add_option().
◆ tuntap_options_postprocess_dns()
|
static |
Postprocess DNS related settings.
Set TUN/TAP DNS options with values from either –dns or –dhcp-option.
- Parameters
-
o pointer to the options struct
Definition at line 3489 of file options.c.
References dns_server_addr::a4, dns_server_addr::a6, dns_server::addr, dns_server::addr_count, ASSERT, tuntap_options::dhcp_options, DHCP_OPTIONS_DHCP_OPTIONAL, dhcp_options::dns, tuntap_options::dns, tuntap_options::dns6, tuntap_options::dns6_len, tuntap_options::dns_len, options::dns_options, DNS_SECURITY_NO, DNS_TRANSPORT_PLAIN, dns_server::dnssec, tuntap_options::domain, tuntap_options::domain_search_list, tuntap_options::domain_search_list_len, dns_server_addr::family, i, dns_server_addr::in, tuntap_options::ip_win32_type, IPW32_SET_ADAPTIVE, IPW32_SET_DHCP_MASQ, M_WARN, msg, N_DHCP_ADDR, N_SEARCH_LIST_LEN, dns_domain::name, dns_domain::next, dns_server::next, dns_server_addr::port, dns_options::search_domains, dns_options::servers, SIZE, dns_server::transport, and options::tuntap_options.
Referenced by options_postprocess_mutate(), and options_postprocess_pull().
◆ uninit_options()
| void uninit_options | ( | struct options * | o | ) |
Definition at line 935 of file options.c.
References CLEAR, options::connection_list, options::dns_options, dns_options::gc, options::gc, gc_free(), options::gc_owned, and options::remote_list.
Referenced by add_option(), openvpn_main(), and options_postprocess_verify_ce().
◆ update_option()
|
static |
Processes an option to update.
It first checks whether it has already received an option of the same type within the same update message. If the option has already been received, it calls add_option(). Otherwise, it deletes all existing values related to that option before calling add_option().
- Parameters
-
c The context structure. options A pointer to the options structure. p An array of strings containing the options and their parameters. is_inline A boolean indicating if the option is inline. file The file where the function is called. line The line number where the function is called. level The level of the option. msglevel The message level for logging. permission_mask The permission mask used by VERIFY_PERMISSION(). option_types_found A pointer to the variable where the flags corresponding to the options found are stored. es The environment set structure. update_options_found A pointer to the variable where the flags corresponding to the update options found are stored, used to check if an option of the same type has already been processed by update_option() within the same push-update message.
Definition at line 6009 of file options.c.
References add_option(), ASSERT, BOOL_CAST, context::c1, check_dns_option(), check_route6_option(), check_route_option(), CLEAR, delete_routes_v4(), delete_routes_v6(), tuntap_options::dhcp_options, tuntap_options::disable_nbt, tuntap_options::dns, tuntap_options::dns6, tuntap_options::dns6_len, tuntap_options::dns_len, options::dns_options, tuntap_options::domain, tuntap_options::domain_search_list, tuntap_options::domain_search_list_len, env_set_del(), es, route_option_list::flags, route_ipv6_option_list::flags, dns_options::from_dhcp, dns_options::gc, gc_free(), env_set::list, MAX_PARMS, msg, tuntap_options::nbdd, tuntap_options::nbdd_len, context::net_ctx, tuntap_options::netbios_node_type, tuntap_options::netbios_scope, tuntap_options::ntp, tuntap_options::ntp_len, OPT_P_DHCPDNS, OPT_P_PULL_MODE, OPT_P_ROUTE, OPT_P_U_DHCP, OPT_P_U_DNS, OPT_P_U_REDIR_GATEWAY, OPT_P_U_ROUTE, OPT_P_U_ROUTE6, context::options, RESET_OPTION_ROUTES, context_1::route_ipv6_list, context_1::route_list, ROUTE_OPTION_FLAGS, options::routes, options::routes_ipv6, streq, context_1::tuntap, options::tuntap_options, VERIFY_PERMISSION, tuntap_options::wins, and tuntap_options::wins_len.
Referenced by apply_push_options().
◆ usage()
|
static |
Definition at line 4842 of file options.c.
References options::authname, options::ce, connection_entry::connect_retry_seconds, connection_entry::connect_retry_seconds_max, options::handshake_window, init_options(), buffer::len, connection_entry::local_port, msg_fp(), openvpn_exit(), OPENVPN_EXIT_STATUS_USAGE, connection_entry::remote_port, options::renegotiate_seconds, options::replay_time, options::replay_window, TAP_MTU_EXTRA_DEFAULT, title_string, options::tls_timeout, options::transition_window, TUN_MTU_DEFAULT, TUN_MTU_MAX_MIN, usage_message, and options::verbosity.
Referenced by add_option(), main(), parse_argv(), and x509_verify_ns_cert_type().
◆ usage_small()
| void usage_small | ( | void | ) |
Definition at line 4868 of file options.c.
References M_NOPREFIX, M_WARN, msg, openvpn_exit(), and OPENVPN_EXIT_STATUS_USAGE.
Referenced by x_msg_va().
◆ usage_version()
|
static |
Definition at line 4909 of file options.c.
References CONFIGURE_DEFINES, M_INFO, M_NOPREFIX, msg, openvpn_exit(), OPENVPN_EXIT_STATUS_GOOD, show_dco_version(), show_library_versions(), show_windows_version(), and title_string.
Referenced by add_option().
◆ verify_permission()
|
static |
Definition at line 5555 of file options.c.
References options::connection_list, buffer::len, M_WARN, msg, OPT_P_CONNECTION, OPT_P_INLINE, and OPT_P_PULL_MODE.
Variable Documentation
◆ global_auth_retry
|
static |
Definition at line 4788 of file options.c.
Referenced by auth_retry_get(), auth_retry_print(), and auth_retry_set().
◆ title_string
| const char title_string[] |
Definition at line 71 of file options.c.
Referenced by do_test_crypto(), man_dispatch_command(), man_help(), multi_print_status(), openvpn_main(), usage(), and usage_version().
