From 587df08abda3c8f1f85ccdba4d8b82a736c11e2d Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Wed, 3 Jul 2013 21:17:10 +0200 Subject: plugin: Extend the plug-in v3 API to identify the SSL implementation used OpenVPN would segfault unexpectedly if it would be compiled against PolarSSL and the plug-in would expect OpenSSL, or vice-versa. This segfault would not appear before the plug-in would try to access functions which would be available if the plug-in and OpenVPN uses the same SSL implementation. This patch adds a member to the plug-in initialisation function, which identifies the SSL implementation. The log_v3 plug-in is updated accordingly + a simple fix to make it buildable again using the ./build script. A minor documentation error in the openvpn-plugin.h was also corrected, where it mentioned OPENVPN_PLUGIN_VERSION instead of OPENVPN_PLUGINv3_STRUCTVER. v2 - add const ovpnSSLAPI ssl_api at the end of struct openvpn_plugin_args_open_in and not in the "middle" v3 - fix bug in plug-in init, as the SSLAPI was located wrong in the args struct sent to the openvpn_plugin_open_v3() function. v4 - Ensure SSLAPI got a sane/known value if SSL is disabled or unknown Signed-off-by: David Sommerseth Acked-by: Gert Doering Message-Id: <1372879030-10576-1-git-send-email-dazo@users.sourceforge.net> URL: http://article.gmane.org/gmane.network.openvpn.devel/7754 Signed-off-by: Gert Doering --- sample/sample-plugins/log/build | 2 +- sample/sample-plugins/log/log_v3.c | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'sample') diff --git a/sample/sample-plugins/log/build b/sample/sample-plugins/log/build index bbb05f7..c07ec40 100755 --- a/sample/sample-plugins/log/build +++ b/sample/sample-plugins/log/build @@ -6,7 +6,7 @@ # # This directory is where we will look for openvpn-plugin.h -CPPFLAGS="${CPPFLAGS:--I../../..}" +CPPFLAGS="${CPPFLAGS:--I../../../include}" CC="${CC:-gcc}" CFLAGS="${CFLAGS:--O2 -Wall -g}" diff --git a/sample/sample-plugins/log/log_v3.c b/sample/sample-plugins/log/log_v3.c index 742c756..4d3af91 100644 --- a/sample/sample-plugins/log/log_v3.c +++ b/sample/sample-plugins/log/log_v3.c @@ -85,6 +85,11 @@ openvpn_plugin_open_v3 (const int v3structver, return OPENVPN_PLUGIN_FUNC_ERROR; } + if( args->ssl_api != SSLAPI_OPENSSL ) { + printf("This plug-in can only be used against OpenVPN with OpenSSL\n"); + return OPENVPN_PLUGIN_FUNC_ERROR; + } + /* Which callbacks to intercept. */ ret->type_mask = OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_UP) | -- cgit