diff options
-rw-r--r-- | misc.c | 8 | ||||
-rw-r--r-- | misc.h | 1 | ||||
-rw-r--r-- | multi.c | 38 | ||||
-rw-r--r-- | openvpn.8 | 24 |
4 files changed, 63 insertions, 8 deletions
@@ -864,6 +864,14 @@ setenv_int (struct env_set *es, const char *name, int value) } void +setenv_unsigned (struct env_set *es, const char *name, unsigned int value) +{ + char buf[64]; + openvpn_snprintf (buf, sizeof(buf), "%u", value); + setenv_str (es, name, buf); +} + +void setenv_str (struct env_set *es, const char *name, const char *value) { setenv_str_ex (es, name, value, CC_NAME, 0, 0, CC_PRINT, 0, 0); @@ -160,6 +160,7 @@ void setenv_str_ex (struct env_set *es, void setenv_counter (struct env_set *es, const char *name, counter_type value); void setenv_int (struct env_set *es, const char *name, int value); +void setenv_unsigned (struct env_set *es, const char *name, unsigned int value); void setenv_str (struct env_set *es, const char *name, const char *value); void setenv_str_safe (struct env_set *es, const char *name, const char *value); void setenv_del (struct env_set *es, const char *name); @@ -407,6 +407,9 @@ multi_client_disconnect_setenv (struct multi_context *m, setenv_counter (mi->context.c2.es, "bytes_received", mi->context.c2.link_read_bytes); setenv_counter (mi->context.c2.es, "bytes_sent", mi->context.c2.link_write_bytes); + /* setenv connection duration */ + const unsigned int duration = (unsigned int) now - mi->created; + setenv_unsigned (mi->context.c2.es, "time_duration", duration); } static void @@ -1274,6 +1277,31 @@ multi_client_connect_post_plugin (struct multi_context *m, #endif +static void +multi_client_connect_setenv (struct multi_context *m, + struct multi_instance *mi) +{ + struct gc_arena gc = gc_new (); + + /* setenv incoming cert common name for script */ + setenv_str (mi->context.c2.es, "common_name", tls_common_name (mi->context.c2.tls_multi, true)); + + /* setenv client real IP address */ + setenv_trusted (mi->context.c2.es, get_link_socket_info (&mi->context)); + + /* setenv client virtual IP address */ + multi_set_virtual_addr_env (m, mi); + + /* setenv connection time */ + { + const char *created_ascii = time_string (mi->created, 0, false, &gc); + setenv_str (mi->context.c2.es, "time_ascii", created_ascii); + setenv_unsigned (mi->context.c2.es, "time_unix", (unsigned int)mi->created); + } + + gc_free (&gc); +} + /* * Called as soon as the SSL/TLS connection authenticates. * @@ -1365,14 +1393,8 @@ multi_connection_established (struct multi_context *m, struct multi_instance *mi */ multi_select_virtual_addr (m, mi); - /* setenv incoming cert common name for script */ - setenv_str (mi->context.c2.es, "common_name", tls_common_name (mi->context.c2.tls_multi, true)); - - /* setenv client real IP address */ - setenv_trusted (mi->context.c2.es, get_link_socket_info (&mi->context)); - - /* setenv client virtual IP address */ - multi_set_virtual_addr_env (m, mi); + /* do --client-connect setenvs */ + multi_client_connect_setenv (m, mi); #ifdef ENABLE_PLUGIN /* @@ -5080,6 +5080,30 @@ or (unknown signal). This variable is set just prior to down script execution. .\"********************************************************* .TP +.B time_ascii +Client connection timestamp, formatted as a human-readable +time string. +Set prior to execution of the +.B --client-connect +script. +.\"********************************************************* +.TP +.B time_duration +The duration (in seconds) of the client session which is now +disconnecting. +Set prior to execution of the +.B --client-disconnect +script. +.\"********************************************************* +.TP +.B time_unix +Client connection timestamp, formatted as a unix integer +date/time value. +Set prior to execution of the +.B --client-connect +script. +.\"********************************************************* +.TP .B tls_id_{n} A series of certificate fields from the remote peer, where |