From 89309c8cde167d6a1651332f2a491ba051f5c30e Mon Sep 17 00:00:00 2001
From: David Sommerseth <dazo@users.sourceforge.net>
Date: Sun, 9 Jun 2013 01:34:34 +0200
Subject: eurephia-auth: Fixed a few issues when using OpenVPN 2.2

- SSLAPI_OPENSSL isn't available in this version.  Print a warning
  during compile time that OpenVPN must be compiled against OpenSSL.
  If OpenVPN is not compiled against OpenSSL, it may most likely crash.
  OpenVPN 2.3.2 and below can be compiled against PolarSSL and does
  not contain the needed arguments->ssl_api variable to identify
  SSL implementation at runtime.

- Bug: When moving the certificate information extraction to
  openvpn_plugin_func_v1(), the certificate level was not
  extracted correctly.  It needs to be converted to an integer.

Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
---
 plugin/eurephia-auth.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/plugin/eurephia-auth.c b/plugin/eurephia-auth.c
index c93df1d..1488d9a 100644
--- a/plugin/eurephia-auth.c
+++ b/plugin/eurephia-auth.c
@@ -256,6 +256,7 @@ OPENVPN_EXPORT int openvpn_plugin_open_v3(const int apiversion,
                 return OPENVPN_PLUGIN_FUNC_ERROR;
         }
 
+#if OPENVPN_PLUGINv3_STRUCTVER > 1
         // Check that OpenVPN uses OpenSSL
         if( arguments->ssl_api != SSLAPI_OPENSSL ) {
                 arguments->callbacks->plugin_log(PLOG_ERR, "eurephia",
@@ -263,6 +264,9 @@ OPENVPN_EXPORT int openvpn_plugin_open_v3(const int apiversion,
                                                  "eurephia requires OpenSSL.");
                 return OPENVPN_PLUGIN_FUNC_ERROR;
         }
+#else
+#warning OpenVPN must be compiled against OpenSSL for eurephia to function.  You have been warned!
+#endif
 
         // Define what will trigger eurephia
         ovpnret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
@@ -319,8 +323,8 @@ OPENVPN_EXPORT int openvpn_plugin_func_v1(openvpn_plugin_handle_t handle,
 
         if( type != OPENVPN_PLUGIN_UP ) {
                 // Exctract certificate information from either environment variables
-                ci = parse_tlsid(GETENV_TLSID(ctx, envp, argv[1]),
-                                 GETENV_TLSDIGEST(ctx, envp, argv[1]));
+                ci = parse_tlsid(GETENV_TLSID(ctx, envp, atoi_nullsafe(argv[1])),
+                                 GETENV_TLSDIGEST(ctx, envp, atoi_nullsafe(argv[1])));
                 if( ci == NULL ) {
                         eurephia_log(ctx, LOG_FATAL, 0, "Failed to extract certificate info");
                         return OPENVPN_PLUGIN_FUNC_ERROR;
-- 
cgit