doxygen/run__command_8h_source.html

 /*
  *  OpenVPN -- An application to securely tunnel IP networks
  *             over a single TCP/UDP port, with support for SSL/TLS-based
  *             session authentication and key exchange,
  *             packet encryption, packet authentication, and
  *             packet compression.
  *
  *  Copyright (C) 2002-2021 OpenVPN Technologies, Inc. <sales@openvpn.net>
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License version 2
  *  as published by the Free Software Foundation.
  *
  *  This program is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  *  GNU General Public License for more details.
  *
  *  You should have received a copy of the GNU General Public License along
  *  with this program; if not, write to the Free Software Foundation, Inc.,
  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  */

 #ifndef RUN_COMMAND_H
 #define RUN_COMMAND_H

 #include "basic.h"
 #include "env_set.h"

 /* Script security */
 #define SSEC_NONE      0 /* strictly no calling of external programs */
 #define SSEC_BUILT_IN  1 /* only call built-in programs such as ifconfig, route, netsh, etc.*/
 #define SSEC_SCRIPTS   2 /* allow calling of built-in programs and user-defined scripts */
 #define SSEC_PW_ENV    3 /* allow calling of built-in programs and user-defined scripts that may receive a password as an environmental variable */

 #define OPENVPN_EXECVE_ERROR       -1 /* generic error while forking to run an external program */
 #define OPENVPN_EXECVE_NOT_ALLOWED -2 /* external program not run due to script security */
 #define OPENVPN_EXECVE_FAILURE    127 /* exit code passed back from child when execve fails */

 int script_security(void);

 void script_security_set(int level);

 /* openvpn_execve flags */
 #define S_SCRIPT    (1<<0)
 #define S_FATAL     (1<<1)

 #define S_EXITCODE  (1<<2)

 /* wrapper around the execve() call */
 int openvpn_popen(const struct argv *a,  const struct env_set *es);

 bool openvpn_execve_allowed(const unsigned int flags);

 int openvpn_execve_check(const struct argv *a, const struct env_set *es,
                           const unsigned int flags, const char *error_message);

 static inline int
 openvpn_run_script(const struct argv *a, const struct env_set *es,
                    const unsigned int flags, const char *hook)
 {
     char msg[256];

     openvpn_snprintf(msg, sizeof(msg),
                      "WARNING: Failed running command (%s)", hook);
     return openvpn_execve_check(a, es, flags | S_SCRIPT, msg);
 }

 #endif /* ifndef RUN_COMMAND_H */
openvpn_execve_check
int openvpn_execve_check(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *error_message)
Definition: run_command.c:195

basic.h

openvpn_execve_allowed
bool openvpn_execve_allowed(const unsigned int flags)
Definition: run_command.c:112

env_set.h

flags
list flags
Definition: .ycm_extra_conf.py:4

S_SCRIPT
#define S_SCRIPT
Definition: run_command.h:45

openvpn_snprintf
bool openvpn_snprintf(char *str, size_t size, const char *format,...)
Definition: buffer.c:296

openvpn_popen
int openvpn_popen(const struct argv *a, const struct env_set *es)
Definition: run_command.c:232

openvpn_run_script
static int openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Will run a script and return the exit code of the script if between 0 and 255, -1 otherwise...
Definition: run_command.h:64

msg
#define msg(flags,...)
Definition: error.h:153

script_security
int script_security(void)
Definition: run_command.c:45

script_security_set
void script_security_set(int level)
Definition: run_command.c:51

env_set
Definition: env_set.h:42

argv
Definition: argv.h:35