diff options
| author | David Sommerseth <davids@redhat.com> | 2013-07-03 21:17:10 +0200 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2013-07-03 21:20:59 +0200 |
| commit | 587df08abda3c8f1f85ccdba4d8b82a736c11e2d (patch) | |
| tree | 71feead0ccf410eb44f9fdaca1d497f3e56947fc /sample | |
| parent | e3d388652f59fd2ddd9c7f470f7ef62ee6b35595 (diff) | |
| download | openvpn-587df08abda3c8f1f85ccdba4d8b82a736c11e2d.tar.gz openvpn-587df08abda3c8f1f85ccdba4d8b82a736c11e2d.tar.xz openvpn-587df08abda3c8f1f85ccdba4d8b82a736c11e2d.zip | |
plugin: Extend the plug-in v3 API to identify the SSL implementation used
OpenVPN would segfault unexpectedly if it would be compiled against
PolarSSL
and the plug-in would expect OpenSSL, or vice-versa. This segfault would
not appear before the plug-in would try to access functions which would
be available if the plug-in and OpenVPN uses the same SSL implementation.
This patch adds a member to the plug-in initialisation function, which
identifies the SSL implementation.
The log_v3 plug-in is updated accordingly + a simple fix to make it
buildable again using the ./build script.
A minor documentation error in the openvpn-plugin.h was also
corrected, where it mentioned OPENVPN_PLUGIN_VERSION instead of
OPENVPN_PLUGINv3_STRUCTVER.
v2 - add const ovpnSSLAPI ssl_api at the end of
struct openvpn_plugin_args_open_in and not in the "middle"
v3 - fix bug in plug-in init, as the SSLAPI was located wrong in the
args struct sent to the openvpn_plugin_open_v3() function.
v4 - Ensure SSLAPI got a sane/known value if SSL is disabled or unknown
Signed-off-by: David Sommerseth <davids@redhat.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1372879030-10576-1-git-send-email-dazo@users.sourceforge.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7754
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'sample')
| -rwxr-xr-x | sample/sample-plugins/log/build | 2 | ||||
| -rw-r--r-- | sample/sample-plugins/log/log_v3.c | 5 |
2 files changed, 6 insertions, 1 deletions
diff --git a/sample/sample-plugins/log/build b/sample/sample-plugins/log/build index bbb05f7..c07ec40 100755 --- a/sample/sample-plugins/log/build +++ b/sample/sample-plugins/log/build @@ -6,7 +6,7 @@ # # This directory is where we will look for openvpn-plugin.h -CPPFLAGS="${CPPFLAGS:--I../../..}" +CPPFLAGS="${CPPFLAGS:--I../../../include}" CC="${CC:-gcc}" CFLAGS="${CFLAGS:--O2 -Wall -g}" diff --git a/sample/sample-plugins/log/log_v3.c b/sample/sample-plugins/log/log_v3.c index 742c756..4d3af91 100644 --- a/sample/sample-plugins/log/log_v3.c +++ b/sample/sample-plugins/log/log_v3.c @@ -85,6 +85,11 @@ openvpn_plugin_open_v3 (const int v3structver, return OPENVPN_PLUGIN_FUNC_ERROR; } + if( args->ssl_api != SSLAPI_OPENSSL ) { + printf("This plug-in can only be used against OpenVPN with OpenSSL\n"); + return OPENVPN_PLUGIN_FUNC_ERROR; + } + /* Which callbacks to intercept. */ ret->type_mask = OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_UP) | |