summaryrefslogtreecommitdiff
path: root/openvpn/sample/sample-plugins/log/log_v3.c
diff options
context:
space:
mode:
Diffstat (limited to 'openvpn/sample/sample-plugins/log/log_v3.c')
-rw-r--r--openvpn/sample/sample-plugins/log/log_v3.c252
1 files changed, 0 insertions, 252 deletions
diff --git a/openvpn/sample/sample-plugins/log/log_v3.c b/openvpn/sample/sample-plugins/log/log_v3.c
deleted file mode 100644
index 4d3af91a..00000000
--- a/openvpn/sample/sample-plugins/log/log_v3.c
+++ /dev/null
@@ -1,252 +0,0 @@
-/*
- * OpenVPN -- An application to securely tunnel IP networks
- * over a single TCP/UDP port, with support for SSL/TLS-based
- * session authentication and key exchange,
- * packet encryption, packet authentication, and
- * packet compression.
- *
- * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
- * Copyright (C) 2010 David Sommerseth <dazo@users.sourceforge.net>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program (see the file COPYING included with this
- * distribution); if not, write to the Free Software Foundation, Inc.,
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-/*
- * This plugin is similar to simple.c, except it also logs extra information
- * to stdout for every plugin method called by OpenVPN. The only difference
- * between this (log_v3.c) and log.c is that this module uses the v3 plug-in
- * API.
- *
- * See the README file for build instructions.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#define ENABLE_SSL
-
-#include "openvpn-plugin.h"
-
-/*
- * Our context, where we keep our state.
- */
-struct plugin_context {
- const char *username;
- const char *password;
-};
-
-/*
- * Given an environmental variable name, search
- * the envp array for its value, returning it
- * if found or NULL otherwise.
- */
-static const char *
-get_env (const char *name, const char *envp[])
-{
- if (envp)
- {
- int i;
- const int namelen = strlen (name);
- for (i = 0; envp[i]; ++i)
- {
- if (!strncmp (envp[i], name, namelen))
- {
- const char *cp = envp[i] + namelen;
- if (*cp == '=')
- return cp + 1;
- }
- }
- }
- return NULL;
-}
-
-OPENVPN_EXPORT int
-openvpn_plugin_open_v3 (const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
- struct openvpn_plugin_args_open_return *ret)
-{
- struct plugin_context *context = NULL;
-
- /* Check that we are API compatible */
- if( v3structver != OPENVPN_PLUGINv3_STRUCTVER ) {
- return OPENVPN_PLUGIN_FUNC_ERROR;
- }
-
- if( args->ssl_api != SSLAPI_OPENSSL ) {
- printf("This plug-in can only be used against OpenVPN with OpenSSL\n");
- return OPENVPN_PLUGIN_FUNC_ERROR;
- }
-
- /* Which callbacks to intercept. */
- ret->type_mask =
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_UP) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_DOWN) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_ROUTE_UP) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_IPCHANGE) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_TLS_VERIFY) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_CLIENT_CONNECT_V2) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_CLIENT_DISCONNECT) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_LEARN_ADDRESS) |
- OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_TLS_FINAL);
-
-
- /* Allocate our context */
- context = (struct plugin_context *) calloc (1, sizeof (struct plugin_context));
-
- /* Set the username/password we will require. */
- context->username = "foo";
- context->password = "bar";
-
- /* Point the global context handle to our newly created context */
- ret->handle = (void *) context;
-
- return OPENVPN_PLUGIN_FUNC_SUCCESS;
-}
-
-void
-show (const int type, const char *argv[], const char *envp[])
-{
- size_t i;
- switch (type)
- {
- case OPENVPN_PLUGIN_UP:
- printf ("OPENVPN_PLUGIN_UP\n");
- break;
- case OPENVPN_PLUGIN_DOWN:
- printf ("OPENVPN_PLUGIN_DOWN\n");
- break;
- case OPENVPN_PLUGIN_ROUTE_UP:
- printf ("OPENVPN_PLUGIN_ROUTE_UP\n");
- break;
- case OPENVPN_PLUGIN_IPCHANGE:
- printf ("OPENVPN_PLUGIN_IPCHANGE\n");
- break;
- case OPENVPN_PLUGIN_TLS_VERIFY:
- printf ("OPENVPN_PLUGIN_TLS_VERIFY\n");
- break;
- case OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY:
- printf ("OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY\n");
- break;
- case OPENVPN_PLUGIN_CLIENT_CONNECT_V2:
- printf ("OPENVPN_PLUGIN_CLIENT_CONNECT_V2\n");
- break;
- case OPENVPN_PLUGIN_CLIENT_DISCONNECT:
- printf ("OPENVPN_PLUGIN_CLIENT_DISCONNECT\n");
- break;
- case OPENVPN_PLUGIN_LEARN_ADDRESS:
- printf ("OPENVPN_PLUGIN_LEARN_ADDRESS\n");
- break;
- case OPENVPN_PLUGIN_TLS_FINAL:
- printf ("OPENVPN_PLUGIN_TLS_FINAL\n");
- break;
- default:
- printf ("OPENVPN_PLUGIN_?\n");
- break;
- }
-
- printf ("ARGV\n");
- for (i = 0; argv[i] != NULL; ++i)
- printf ("%d '%s'\n", (int)i, argv[i]);
-
- printf ("ENVP\n");
- for (i = 0; envp[i] != NULL; ++i)
- printf ("%d '%s'\n", (int)i, envp[i]);
-}
-
-static void
-x509_print_info (X509 *x509crt)
-{
- int i, n;
- int fn_nid;
- ASN1_OBJECT *fn;
- ASN1_STRING *val;
- X509_NAME *x509_name;
- X509_NAME_ENTRY *ent;
- const char *objbuf;
- unsigned char *buf;
-
- x509_name = X509_get_subject_name (x509crt);
- n = X509_NAME_entry_count (x509_name);
- for (i = 0; i < n; ++i)
- {
- ent = X509_NAME_get_entry (x509_name, i);
- if (!ent)
- continue;
- fn = X509_NAME_ENTRY_get_object (ent);
- if (!fn)
- continue;
- val = X509_NAME_ENTRY_get_data (ent);
- if (!val)
- continue;
- fn_nid = OBJ_obj2nid (fn);
- if (fn_nid == NID_undef)
- continue;
- objbuf = OBJ_nid2sn (fn_nid);
- if (!objbuf)
- continue;
- buf = (unsigned char *)1; /* bug in OpenSSL 0.9.6b ASN1_STRING_to_UTF8 requires this workaround */
- if (ASN1_STRING_to_UTF8 (&buf, val) <= 0)
- continue;
-
- printf("X509 %s: %s\n", objbuf, (char *)buf);
- OPENSSL_free (buf);
- }
-}
-
-
-
-OPENVPN_EXPORT int
-openvpn_plugin_func_v3 (const int version,
- struct openvpn_plugin_args_func_in const *args,
- struct openvpn_plugin_args_func_return *retptr)
-{
- struct plugin_context *context = (struct plugin_context *) args->handle;
-
- printf("\nopenvpn_plugin_func_v3() :::::>> ");
- show (args->type, args->argv, args->envp);
-
- /* Dump some X509 information if we're in the TLS_VERIFY phase */
- if ((args->type == OPENVPN_PLUGIN_TLS_VERIFY) && args->current_cert ) {
- printf("---- X509 Subject information ----\n");
- printf("Certificate depth: %i\n", args->current_cert_depth);
- x509_print_info(args->current_cert);
- printf("----------------------------------\n");
- }
-
- /* check entered username/password against what we require */
- if (args->type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
- {
- /* get username/password from envp string array */
- const char *username = get_env ("username", args->envp);
- const char *password = get_env ("password", args->envp);
-
- if (username && !strcmp (username, context->username)
- && password && !strcmp (password, context->password))
- return OPENVPN_PLUGIN_FUNC_SUCCESS;
- else
- return OPENVPN_PLUGIN_FUNC_ERROR;
- }
- else
- return OPENVPN_PLUGIN_FUNC_SUCCESS;
-}
-
-OPENVPN_EXPORT void
-openvpn_plugin_close_v1 (openvpn_plugin_handle_t handle)
-{
- struct plugin_context *context = (struct plugin_context *) handle;
- free (context);
-}