Management interface can now listen on a unix

domain socket, for example:

  management /tmp/openvpn unix

Also added management-client-user and management-client-group
directives to control which processes are allowed to connect
to the socket.


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3396 e7ae566f-a301-0410-adde-c780ea21d3b5

1 files changed, 9 insertions, 0 deletions

diff --git a/manage.h b/manage.h
index 6983ae8..0ad303e 100644
--- a/manage.h
+++ b/manage.h
@@ -202,12 +202,17 @@ struct man_settings {
   bool defined;
   unsigned int flags; /* MF_x flags */
   struct openvpn_sockaddr local;
+#if UNIX_SOCK_SUPPORT
+  struct sockaddr_un local_unix;
+#endif
   bool management_over_tunnel;
   struct user_pass up;
   int log_history_cache;
   int echo_buffer_size;
   int state_buffer_size;
   char *write_peer_info_file;
+  int client_uid;
+  int client_gid;
 
 /* flags for handling the management interface "signal" command */
 # define MANSIG_IGNORE_USR1_HUP  (1<<0)
@@ -295,10 +300,14 @@ struct management *management_init (void);
 #ifdef MANAGEMENT_PF
 # define MF_CLIENT_PF         (1<<7)
 #endif
+# define MF_LISTEN_UNIX       (1<<8)
+
 bool management_open (struct management *man,
 		      const char *addr,
 		      const int port,
 		      const char *pass_file,
+		      const char *client_user,
+		      const char *client_group,
 		      const int log_history_cache,
 		      const int echo_buffer_size,
 		      const int state_buffer_size,