aboutsummaryrefslogtreecommitdiff
path: root/plugin (unfollow)
AgeCommit message (Collapse)AuthorFilesLines
2011-03-25common_name passing in auth_pam pluginJoe Patterson2-3/+10
Added the ability to have "COMMONNAME" replaced with certificate common name in pam conversation. Signed-off-by: Joe Patterson <j.m.patterson@gmail.com> Acked-By: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
2011-03-25Separate the general plug-in version constant and v3 plug-in structs versionDavid Sommerseth1-2/+2
After a review of the second round of the the v3 plug-in implementation, it was decided to use a separate constant defining the version of the structs used for argument and return value passing, instead of OPENVPN_PLUGIN_VERSION. To not make it too complex, this patch uses a shared version constant for all the v3 structures. It is not expected that these strucutures will change too much and too often. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: James Yonan <james@openvpn.net>
2011-03-25Added a simple plug-in demonstrating the v3 plug-in API.David Sommerseth1-0/+245
To build the plug-in, do ./build log_v3 in the plugin/examples directory. This plug-in can be tested by running an OpenVPN server like this: # ./openvpn --plugin plugin/examples/log_v3.so --dev tun \ --server 192.168.240.0 255.255.255.0 --ca sample-keys/ca.crt \ --cert sample-keys/server.crt --key sample-keys/server.key \ --dh sample-keys/dh1024.pem The client can be started like this: # ./openvpn --client --remote localhost --ca sample-keys/ca.crt \ --cert sample-keys/client.crt --key sample-keys/client.key \ --dev tun --nobind --auth-user-pass This plug-in will only log arguments and environment variables it receives during all the different plug-in phases OpenVPN currently supports. It will also parse the X509 certificate information given during the TLS_VERIFY phase. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: James Yonan <james@openvpn.net>
2010-10-21When I began testing OpenVPN v2.1_rc9 I was having trouble authenticating to ↵Daniel Johnson1-7/+35
the MS Active Directory through auth-pam and Samba. I used the following line in my configs (without the linebreak of course): plugin /opt/openvpn/openvpn-auth-pam.so "openvpn login OURDOMAIN+USERNAME password PASSWORD" Finally I turned on more verbose logging and found that the plugin did not recognize "USERNAME" as something to replace, because it expected the string to be surrounded by whitespace. I wrote the following patch to correct this. I hope you find it useful, Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-04-28Updated copyright date to 2010.James Yonan5-5/+5
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5599 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-12-10Fixed a couple issues in sample plugins auth-pam.c and down-root.c:james2-2/+6
1. Fail gracefully rather than segfault if calloc returns NULL. 2. The openvpn_plugin_abort_v1 function can potentially be called with handle == NULL. Add code to detect this case, and if so, avoid dereferencing pointers derived from handle. (Thanks to David Sommerseth for finding this bug). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5261 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-05-30Update copyright to 2009.james5-5/+5
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-10-06Copyright notice changed to reflect change in name ofjames5-5/+5
Telethra to OpenVPN Technologies. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3409 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-26Completely revamped the system for calling external programs and scripts:james1-0/+184
* All external programs and scripts are now called by execve() on unix and CreateProcess on Windows. * The system() function is no longer used. * Argument lists for external programs and scripts are now built by the new argv_printf function which natively outputs to string arrays (i.e. char *argv[] lists), never truncates its output, and eliminates the security issues inherent in formatting and parsing command lines, and dealing with argument quoting. * The --script-security directive has been added to offer policy controls on OpenVPN's execution of external programs and scripts. Also added a new plugin example (openvpn/plugin/examples/log.c) that logs information to stdout for every plugin method called by OpenVPN. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3122 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-14Copyright change OpenVPN Solutions LLC -> Telethra, Inc.james4-4/+4
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3048 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-11Updated copyright notice to 2008.james4-4/+4
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2995 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-04In auth-pam authentication module, even when in debug mode,james1-2/+8
never output passwords to stderr. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2979 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-04Incremented version to 2.1_rc7d.james1-31/+131
Support asynchronous authentication by plugins by allowing OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return OPENVPN_PLUGIN_FUNC_DEFERRED. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_DEF_AUTH. Added a simple packet filter functionality that can be driven by a plugin. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_PF. See openvpn/plugin/defer/simple.c for examples of ENABLE_DEF_AUTH and ENABLE_PF. "TLS Error: local/remote TLS keys are out of sync" is no longer a fatal error for TCP-based sessions, since the error can arise normally in the course of deferred authentication. In a related change, allow packet-id sequence to begin at some number n > 0 for TCP sessions, rather than strictly requiring sequence to begin at 1. Added a test to configure.ac for LoadLibrary function on Windows. Modified "make dist" function to include all files from install-win32 so that ./domake-win can be run from a tarball-expanded directory. setenv and setenv-safe directives may now omit a value argument which defaults to "". git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2978 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-25Fixed a bug in plugin.c that caused openvpn_plugin_client_destructor_v1james3-12/+79
to not be called for the top-level "generic" client template. Added additional documentation to openvpn-plugin.h that more clearly illustrates the full sequence and ordering of plugin callbacks (plugin/defer/simple.c was extended to provide the raw data for this documentation). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2973 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-24Support asynchronous/deferred authentication injames5-0/+192
OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY plugin handler. See documentation in openvpn-plugin.h and example usage in plugin/defer/simple.c. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2969 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-01auth-pam change: link with -lpam ratherjames2-3/+2
than dlopen (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1421 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-10-16Reverted plugin directory location.james15-0/+1872
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@638 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-10-13Renamed plugin to plugins to work aroundjames15-1872/+0
strange automake issue. 2.1_beta2 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@603 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-10-04Added support for openvpn_plugin_select_initialization_point_v1james2-1/+8
2.1_beta1 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@591 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-20 13:27:40 +0000