OpenVPN
base64.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2017-2024 David Sommerseth <davids@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program (see the file COPYING included with this
21  * distribution); if not, write to the Free Software Foundation, Inc.,
22  * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23  */
24 
25 #include <stdio.h>
26 #include <string.h>
27 #include <stdlib.h>
28 
29 #include "openvpn-plugin.h"
30 
31 #define PLUGIN_NAME "base64.c"
32 
33 /* Exported plug-in v3 API functions */
53 static const char *
54 get_env(const char *name, const char *envp[])
55 {
56  if (envp)
57  {
58  int i;
59  const int namelen = strlen(name);
60  for (i = 0; envp[i]; ++i)
61  {
62  if (!strncmp(envp[i], name, namelen))
63  {
64  const char *cp = envp[i] + namelen;
65  if (*cp == '=')
66  {
67  return cp + 1;
68  }
69  }
70  }
71  }
72  return NULL;
73 }
74 
75 
99 openvpn_plugin_open_v3(const int v3structver,
100  struct openvpn_plugin_args_open_in const *args,
102 {
103  /* Check that we are API compatible */
104  if (v3structver != OPENVPN_PLUGINv3_STRUCTVER)
105  {
106  printf("base64.c: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
108  }
109 
110  /* Which callbacks to intercept. */
111  ret->type_mask =
114 
115  /* we don't need a plug-in context in this example, but OpenVPN expects "something" */
116  ret->handle = calloc(1, 1);
117 
118  /* Hook into the exported functions from OpenVPN */
119  ovpn_log = args->callbacks->plugin_log;
123 
124  /* Print some version information about the OpenVPN process using this plug-in */
125  ovpn_log(PLOG_NOTE, PLUGIN_NAME, "OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n",
126  args->ovpn_version, args->ovpn_version_major,
128 
130 }
131 
132 
153 OPENVPN_EXPORT int
154 openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
155 {
156  if (type != OPENVPN_PLUGIN_TLS_VERIFY
158  {
159  ovpn_log(PLOG_ERR, PLUGIN_NAME, "Unsupported plug-in hook call attempted");
161  }
162 
163  /* get username/password from envp string array */
164  const char *clcert_cn = get_env("X509_0_CN", envp);
165  if (!clcert_cn)
166  {
167  /* Ignore certificate checks not being a client certificate */
169  }
170 
171  /* test the BASE64 encode function */
172  char *buf = NULL;
173  int r = ovpn_base64_encode(clcert_cn, strlen(clcert_cn), &buf);
174  ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 encoded '%s' (return value %i): '%s'",
175  clcert_cn, r, buf);
176 
177  /* test the BASE64 decode function */
178  char buf2[256] = {0};
179  r = ovpn_base64_decode(buf, &buf2, 255);
180  ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 decoded '%s' (return value %i): '%s'",
181  buf, r, buf2);
182 
183  /* Verify the result, and free the buffer allocated by ovpn_base64_encode() */
184  r = strcmp(clcert_cn, buf2);
185  free(buf);
186 
188 }
189 
190 
198 OPENVPN_EXPORT void
200 {
201  struct plugin_context *context = (struct plugin_context *) handle;
202  free(context);
203 }
openvpn_plugin_callbacks::plugin_base64_decode
plugin_base64_decode_t plugin_base64_decode
Definition: openvpn-plugin.h:323
plugin_base64_encode_t
int(* plugin_base64_encode_t)(const void *data, int size, char **str)
Export of openvpn_base64_encode() to be used inside plug-ins.
Definition: openvpn-plugin.h:285
OPENVPN_PLUGIN_CLIENT_CONNECT_V2
#define OPENVPN_PLUGIN_CLIENT_CONNECT_V2
Definition: openvpn-plugin.h:126
PLOG_NOTE
@ PLOG_NOTE
Definition: openvpn-plugin.h:235
ovpn_base64_encode
plugin_base64_encode_t ovpn_base64_encode
Pointer to the openvpn_base64_encode () function.
Definition: base64.c:36
openvpn_plugin_close_v1
OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
This cleans up the last part of the plug-in, allows it to shut down cleanly and release the plug-in g...
Definition: base64.c:199
argv
Definition: argv.h:35
openvpn_plugin_args_open_in
Arguments used to transport variables to the plug-in.
Definition: openvpn-plugin.h:359
context
Contains all state information for one tunnel.
Definition: openvpn.h:476
plugin_context
Definition: sample-client-connect.c:62
OPENVPN_PLUGINv3_STRUCTVER
#define OPENVPN_PLUGINv3_STRUCTVER
Defines version of the v3 plugin argument structs.
Definition: openvpn-plugin.h:226
openvpn_plugin_func_v1
OPENVPN_EXPORT int openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
This function is called by OpenVPN each time the OpenVPN reaches a point where plug-in calls should h...
Definition: base64.c:154
openvpn_plugin_args_open_return::type_mask
int type_mask
Definition: openvpn-plugin.h:396
plugin_log_t
void(* plugin_log_t)(openvpn_plugin_log_flags_t flags, const char *plugin_name, const char *format,...) _ovpn_chk_fmt(3
Definition: openvpn-plugin.h:254
OPENVPN_PLUGIN_MASK
#define OPENVPN_PLUGIN_MASK(x)
Definition: openvpn-plugin.h:137
openvpn_plugin_args_open_in::ovpn_version_patch
const char *const ovpn_version_patch
Definition: openvpn-plugin.h:369
openvpn_plugin_args_open_in::ovpn_version_major
const unsigned int ovpn_version_major
Definition: openvpn-plugin.h:367
PLUGIN_NAME
#define PLUGIN_NAME
Definition: base64.c:31
OPENVPN_PLUGIN_FUNC_ERROR
#define OPENVPN_PLUGIN_FUNC_ERROR
Definition: openvpn-plugin.h:149
ovpn_vlog
plugin_vlog_t ovpn_vlog
Pointer to the OpenVPN vlog function.
Definition: base64.c:35
plugin_base64_decode_t
int(* plugin_base64_decode_t)(const char *str, void *data, int size)
Export of openvpn_base64_decode() to be used inside plug-ins.
Definition: openvpn-plugin.h:298
OPENVPN_EXPORT
#define OPENVPN_EXPORT
Definition: openvpn-plugin.h:156
ovpn_log
plugin_log_t ovpn_log
Pointer to the OpenVPN log function.
Definition: base64.c:34
openvpn_plugin_callbacks::plugin_base64_encode
plugin_base64_encode_t plugin_base64_encode
Definition: openvpn-plugin.h:322
plugin_vlog_t
void(*) typedef void(* plugin_vlog_t)(openvpn_plugin_log_flags_t flags, const char *plugin_name, const char *format, va_list arglist) _ovpn_chk_fmt(3
Definition: openvpn-plugin.h:258
get_env
static const char * get_env(const char *name, const char *envp[])
Search the environment pointer for a specific env var name.
Definition: base64.c:54
OPENVPN_PLUGIN_TLS_VERIFY
#define OPENVPN_PLUGIN_TLS_VERIFY
Definition: openvpn-plugin.h:121
openvpn_plugin_callbacks::plugin_vlog
plugin_vlog_t plugin_vlog
Definition: openvpn-plugin.h:320
openvpn_plugin_args_open_in::ovpn_version
const char * ovpn_version
Definition: openvpn-plugin.h:366
PLOG_ERR
@ PLOG_ERR
Definition: openvpn-plugin.h:233
openvpn_plugin_args_open_return
Arguments used to transport variables from the plug-in back to the OpenVPN process.
Definition: openvpn-plugin.h:394
openvpn_plugin_args_open_return::handle
openvpn_plugin_handle_t handle
Definition: openvpn-plugin.h:397
OPENVPN_PLUGIN_FUNC_SUCCESS
#define OPENVPN_PLUGIN_FUNC_SUCCESS
Definition: openvpn-plugin.h:148
ovpn_base64_decode
plugin_base64_decode_t ovpn_base64_decode
Pointer to the openvpn_base64_decode () function.
Definition: base64.c:37
openvpn_plugin_open_v3
OPENVPN_EXPORT int openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args, struct openvpn_plugin_args_open_return *ret)
This function is called when OpenVPN loads the plug-in.
Definition: base64.c:99
openvpn-plugin.h
openvpn_plugin_handle_t
void * openvpn_plugin_handle_t
Definition: openvpn-plugin.h:143
openvpn_plugin_args_open_in::callbacks
struct openvpn_plugin_callbacks * callbacks
Definition: openvpn-plugin.h:364
openvpn_plugin_callbacks::plugin_log
plugin_log_t plugin_log
Definition: openvpn-plugin.h:319
openvpn_plugin_args_open_in::ovpn_version_minor
const unsigned int ovpn_version_minor
Definition: openvpn-plugin.h:368