[Openvpn-devel,1/5] Implement parsing and sending INFO and INFO_PRE control messages

Message ID 20190613144113.6418-2-arne@rfc2549.org
State Superseded
Headers show
Series Implement additional two step authentication methods | expand

Commit Message

Arne Schwabe June 13, 2019, 4:41 a.m. UTC
OpenVPN out of band and auth pending authentication implements these
messages to send information during the authentication to the UI,
implement these message also in OpenVPN 2.x to be able to be piked up
by the UI

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
---
 src/openvpn/forward.c |  8 ++++++++
 src/openvpn/push.c    | 33 +++++++++++++++++++++++++++++++++
 src/openvpn/push.h    |  3 +++
 3 files changed, 44 insertions(+)

Comments

David Sommerseth Oct. 22, 2019, 9:36 a.m. UTC | #1
On 13/06/2019 16:41, Arne Schwabe wrote:
> OpenVPN out of band and auth pending authentication implements these
> messages to send information during the authentication to the UI,
> implement these message also in OpenVPN 2.x to be able to be piked up
> by the UI
> 
> Signed-off-by: Arne Schwabe <arne@rfc2549.org>
> ---
>  src/openvpn/forward.c |  8 ++++++++
>  src/openvpn/push.c    | 33 +++++++++++++++++++++++++++++++++
>  src/openvpn/push.h    |  3 +++
>  3 files changed, 44 insertions(+)
> 
[...snip...]
> diff --git a/src/openvpn/push.c b/src/openvpn/push.c
> index 8befc6f5..8632a9bb 100644
> --- a/src/openvpn/push.c
> +++ b/src/openvpn/push.c
> @@ -176,6 +176,39 @@ server_pushed_signal(struct context *c, const struct buffer *buffer, const bool
>      }
>  }
>  
> +void
> +server_pushed_info(struct context *c, const struct buffer *buffer,
> +                   const int adv)
> +{
> +    const char *m = "";
> +    struct buffer buf = *buffer;
> +
> +    if (buf_advance(&buf, adv) && buf_read_u8(&buf) == ',' && BLEN(&buf))
> +    {
> +        m = BSTR(&buf);
> +    }
> +
> +    #ifdef ENABLE_MANAGEMENT

This looks good, but the indenting of the #ifdef above is wrong; it should be
at the beginning of the line.

Patch

diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 35df089a..3803479f 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -395,6 +395,14 @@  check_incoming_control_channel_dowork(struct context *c)
             {
                 server_pushed_signal(c, &buf, false, 4);
             }
+            else if (buf_string_match_head_str(&buf, "INFO_PRE"))
+            {
+                server_pushed_info(c, &buf, 8);
+            }
+            else if (buf_string_match_head_str(&buf, "INFO"))
+            {
+                server_pushed_info(c, &buf, 4);
+            }
             else
             {
                 msg(D_PUSH_ERRORS, "WARNING: Received unknown control message: %s", BSTR(&buf));
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 8befc6f5..8632a9bb 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -176,6 +176,39 @@  server_pushed_signal(struct context *c, const struct buffer *buffer, const bool
     }
 }
 
+void
+server_pushed_info(struct context *c, const struct buffer *buffer,
+                   const int adv)
+{
+    const char *m = "";
+    struct buffer buf = *buffer;
+
+    if (buf_advance(&buf, adv) && buf_read_u8(&buf) == ',' && BLEN(&buf))
+    {
+        m = BSTR(&buf);
+    }
+
+    #ifdef ENABLE_MANAGEMENT
+    struct gc_arena gc;
+    if (management)
+    {
+        gc = gc_new();
+
+        /*
+         * We use >INFOMSG here instead of plain >INFO since INFO is used to
+         * for management greeting and we don't want to confuse the client
+         */
+        struct buffer out = alloc_buf_gc(256, &gc);
+        buf_printf(&out, ">%s:%s", "INFOMSG", m);
+        management_notify_generic(management, BSTR(&out));
+
+        gc_free(&gc);
+    }
+    #endif
+    msg(D_PUSH, "Info command was pushed by server ('%s')", m);
+}
+
+
 #if P2MP_SERVER
 /**
  * Add an option to the given push list by providing a format string.
diff --git a/src/openvpn/push.h b/src/openvpn/push.h
index 5f6181e7..750a9800 100644
--- a/src/openvpn/push.h
+++ b/src/openvpn/push.h
@@ -50,6 +50,9 @@  void receive_auth_failed(struct context *c, const struct buffer *buffer);
 
 void server_pushed_signal(struct context *c, const struct buffer *buffer, const bool restart, const int adv);
 
+void server_pushed_info(struct context *c, const struct buffer *buffer,
+                        const int adv);
+
 void incoming_push_message(struct context *c, const struct buffer *buffer);
 
 #if P2MP_SERVER