diff options
Diffstat (limited to 'openvpn-plugin.h')
-rw-r--r-- | openvpn-plugin.h | 129 |
1 files changed, 118 insertions, 11 deletions
diff --git a/openvpn-plugin.h b/openvpn-plugin.h index fcd823e..62124e8 100644 --- a/openvpn-plugin.h +++ b/openvpn-plugin.h @@ -22,6 +22,8 @@ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +#define OPENVPN_PLUGIN_VERSION 2 + /* * Plug-in types. These types correspond to the set of script callbacks * supported by OpenVPN. @@ -35,7 +37,8 @@ #define OPENVPN_PLUGIN_CLIENT_CONNECT 6 #define OPENVPN_PLUGIN_CLIENT_DISCONNECT 7 #define OPENVPN_PLUGIN_LEARN_ADDRESS 8 -#define OPENVPN_PLUGIN_N 9 +#define OPENVPN_PLUGIN_CLIENT_CONNECT_V2 9 +#define OPENVPN_PLUGIN_N 10 /* * Build a mask out of a set of plug-in types. @@ -86,6 +89,20 @@ typedef void *openvpn_plugin_handle_t; #endif /* + * Used by openvpn_plugin_func to return structured + * data. The plugin should allocate all structure + * instances, name strings, and value strings with + * malloc, since OpenVPN will assume that it + * can free the list by calling free() over the same. + */ +struct openvpn_plugin_string_list +{ + struct openvpn_plugin_string_list *next; + char *name; + char *value; +}; + +/* * Multiple plugin modules can be cascaded, and modules can be * used in tandem with scripts. The order of operation is that * the module func() functions are called in the order that @@ -113,7 +130,7 @@ typedef void *openvpn_plugin_handle_t; */ /* - * FUNCTION: openvpn_plugin_open_v1 + * FUNCTION: openvpn_plugin_open_v2 * * REQUIRED: YES * @@ -141,15 +158,20 @@ typedef void *openvpn_plugin_handle_t; * these variables are not actually written to the "official" * environmental variable store of the process. * + * return_list : used to return data back to OpenVPN. + * * RETURN VALUE * * An openvpn_plugin_handle_t value on success, NULL on failure */ -OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_open_v1) - (unsigned int *type_mask, const char *argv[], const char *envp[]); +OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_open_v2) + (unsigned int *type_mask, + const char *argv[], + const char *envp[], + struct openvpn_plugin_string_list **return_list); /* - * FUNCTION: openvpn_plugin_func_v1 + * FUNCTION: openvpn_plugin_func_v2 * * Called to perform the work of a given script type. * @@ -158,7 +180,7 @@ OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_op * ARGUMENTS * * handle : the openvpn_plugin_handle_t value which was returned by - * openvpn_plugin_open_v1. + * openvpn_plugin_open. * * type : one of the PLUGIN_x types * @@ -171,12 +193,22 @@ OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_op * these variables are not actually written to the "official" * environmental variable store of the process. * + * per_client_context : the per-client context pointer which was returned by + * openvpn_plugin_client_constructor_v1, if defined. + * + * return_list : used to return data back to OpenVPN. + * * RETURN VALUE * * OPENVPN_PLUGIN_FUNC_SUCCESS on success, OPENVPN_PLUGIN_FUNC_ERROR on failure */ -OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v1) - (openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]); +OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v2) + (openvpn_plugin_handle_t handle, + const int type, + const char *argv[], + const char *envp[], + void *per_client_context, + struct openvpn_plugin_string_list **return_list); /* * FUNCTION: openvpn_plugin_close_v1 @@ -186,7 +218,7 @@ OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v1) * ARGUMENTS * * handle : the openvpn_plugin_handle_t value which was returned by - * openvpn_plugin_open_v1. + * openvpn_plugin_open. * * Called immediately prior to plug-in unload. */ @@ -201,11 +233,86 @@ OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC(openvpn_plugin_close_v1) * ARGUMENTS * * handle : the openvpn_plugin_handle_t value which was returned by - * openvpn_plugin_open_v1. + * openvpn_plugin_open. * * Called when OpenVPN is in the process of aborting due to a fatal error. * Will only be called on an open context returned by a prior successful - * openvpn_plugin_open_v1 callback. + * openvpn_plugin_open callback. */ OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC(openvpn_plugin_abort_v1) (openvpn_plugin_handle_t handle); + +/* + * FUNCTION: openvpn_plugin_client_constructor_v1 + * + * Called to allocate a per-client memory region, which + * is then passed to the openvpn_plugin_func_v2 function. + * This function is called every time the OpenVPN server + * constructs a client instance object, which normally + * occurs when a session-initiating packet is received + * by a new client, even before the client has authenticated. + * + * This function should allocate the private memory needed + * by the plugin to track individual OpenVPN clients, and + * return a void * to this memory region. + * + * REQUIRED: NO + * + * ARGUMENTS + * + * handle : the openvpn_plugin_handle_t value which was returned by + * openvpn_plugin_open. + * + * RETURN VALUE + * + * void * pointer to plugin's private per-client memory region, or NULL + * if no memory region is required. + */ +OPENVPN_PLUGIN_DEF void * OPENVPN_PLUGIN_FUNC(openvpn_plugin_client_constructor_v1) + (openvpn_plugin_handle_t handle); + +/* + * FUNCTION: openvpn_plugin_client_destructor_v1 + * + * This function is called on client instance object destruction. + * + * REQUIRED: NO + * + * ARGUMENTS + * + * handle : the openvpn_plugin_handle_t value which was returned by + * openvpn_plugin_open. + * + * per_client_context : the per-client context pointer which was returned by + * openvpn_plugin_client_constructor_v1, if defined. + */ +OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC(openvpn_plugin_client_destructor_v1) + (openvpn_plugin_handle_t handle, void *per_client_context); + +/* + * FUNCTION: openvpn_plugin_min_version_required_v1 + * + * This function is called by OpenVPN to query the minimum + plugin interface version number required by the plugin. + * + * REQUIRED: NO + * + * RETURN VALUE + * + * The minimum OpenVPN plugin interface version number necessary to support + * this plugin. + */ +OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_min_version_required_v1) + (void); + +/* + * Deprecated functions which are still supported for backward compatibility. + */ + +OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_open_v1) + (unsigned int *type_mask, + const char *argv[], + const char *envp[]); + +OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v1) + (openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]); |