diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-06-04 05:16:44 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-06-04 05:16:44 +0000 |
| commit | 47ae8457f9e9c2bb0f5c1e8f28822e1bbc16c196 (patch) | |
| tree | 0f47ea714dda8312ee85fe7530ee231c59b91221 /plugin.c | |
| parent | 7c51fe16b435712423dd00145008ab58a95fdc5e (diff) | |
| download | openvpn-47ae8457f9e9c2bb0f5c1e8f28822e1bbc16c196.tar.gz openvpn-47ae8457f9e9c2bb0f5c1e8f28822e1bbc16c196.tar.xz openvpn-47ae8457f9e9c2bb0f5c1e8f28822e1bbc16c196.zip | |
Incremented version to 2.1_rc7d.
Support asynchronous authentication by plugins by allowing
OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return
OPENVPN_PLUGIN_FUNC_DEFERRED. See comments in
openvpn-plugin.h for documentation. Enabled by ENABLE_DEF_AUTH.
Added a simple packet filter functionality that can be driven by
a plugin. See comments in openvpn-plugin.h for documentation.
Enabled by ENABLE_PF.
See openvpn/plugin/defer/simple.c for examples of ENABLE_DEF_AUTH
and ENABLE_PF.
"TLS Error: local/remote TLS keys are out of sync" is no longer a
fatal error for TCP-based sessions, since the error can arise
normally in the course of deferred authentication. In a related
change, allow packet-id sequence to begin at some number n > 0 for
TCP sessions, rather than strictly requiring sequence to begin
at 1.
Added a test to configure.ac for LoadLibrary function on Windows.
Modified "make dist" function to include all files from
install-win32 so that ./domake-win can be run from a
tarball-expanded directory.
setenv and setenv-safe directives may now omit a value argument
which defaults to "".
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2978 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'plugin.c')
| -rw-r--r-- | plugin.c | 23 |
1 files changed, 18 insertions, 5 deletions
@@ -83,6 +83,8 @@ plugin_type_name (const int type) return "PLUGIN_LEARN_ADDRESS"; case OPENVPN_PLUGIN_TLS_FINAL: return "PLUGIN_TLS_FINAL"; + case OPENVPN_PLUGIN_ENABLE_PF: + return "OPENVPN_PLUGIN_ENABLE_PF"; default: return "PLUGIN_???"; } @@ -540,6 +542,7 @@ plugin_call (const struct plugin_list *pl, int i; const char **envp; const int n = plugin_n (pl); + bool success = false; bool error = false; bool deferred = false; @@ -556,10 +559,18 @@ plugin_call (const struct plugin_list *pl, args, pr ? &pr->list[i] : NULL, envp); - if (status == OPENVPN_PLUGIN_FUNC_ERROR) - error = true; - else if (status == OPENVPN_PLUGIN_FUNC_DEFERRED) - deferred = true; + switch (status) + { + case OPENVPN_PLUGIN_FUNC_SUCCESS: + success = true; + break; + case OPENVPN_PLUGIN_FUNC_DEFERRED: + deferred = true; + break; + default: + error = true; + break; + } } if (pr) @@ -569,7 +580,9 @@ plugin_call (const struct plugin_list *pl, gc_free (&gc); - if (error) + if (type == OPENVPN_PLUGIN_ENABLE_PF && success) + return OPENVPN_PLUGIN_FUNC_SUCCESS; + else if (error) return OPENVPN_PLUGIN_FUNC_ERROR; else if (deferred) return OPENVPN_PLUGIN_FUNC_DEFERRED; |