Menu
▾
▴
openvpn-devel
|
From: ordex (C. Review) <ge...@op...> - 2025-04-14 19:22:19
|
Attention is currently required from: flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 14: (8 comments) Patchset: PS14: the change is extremely long, so not easy to comment to everything, but I threw a few concerns worth checking. File sample/sample-plugins/client-connect/sample-client-connect.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/c6e0d1ce_30cbe3ba : PS14, Line 135: stderr, this hurts me a bit, for two reasons: 1) "stderr," should just stay on the same line as fprintf, given that there is enough space; 2) when going to a new line, I personally prefer to see the text aligned to the opening parenthesis. http://gerrit.openvpn.net/c/openvpn/+/791/comment/27a22e79_01461376 : PS14, Line 251: MODULE, same as above, I expected MODULE to be on the line above NOTE: I won't report any other occurrence of this in the rest of the patch http://gerrit.openvpn.net/c/openvpn/+/791/comment/3682efec_128649c3 : PS14, Line 252: "env has UV_WANT_CC_ASYNC=%d, but " here there is a more generic question to answer: do we want to keep string on the same line, even if they are too long? Pro being that the casual reader could be reasonably able to grep an error message (with some magic, due to format patterns). File sample/sample-plugins/defer/multi-auth.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/e5889e88_f1a4caaa : PS14, Line 267: np(context->test_valid_user), I'd vote for putting these arguments on the same line, if there is enough space. http://gerrit.openvpn.net/c/openvpn/+/791/comment/8f6e4102_5edbebdb : PS14, Line 294: const char *envp[]) ratio behind this change? one arg per line? http://gerrit.openvpn.net/c/openvpn/+/791/comment/99dbd0d9_8682fdd3 : PS14, Line 418: plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_constructor_v1"); how about forcing a new line after variables declaration? File sample/sample-plugins/log/log_v3.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/c1025c39_05185d3b : PS14, Line 87: "log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n"); this is probably another instance of the same situation as before. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 14 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Mon, 14 Apr 2025 19:21:32 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment |
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-04-16 11:48:42
|
Attention is currently required from: ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 14: (6 comments) File sample/sample-plugins/client-connect/sample-client-connect.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/1bf6c87b_4e6169ab : PS14, Line 135: stderr, > this hurts me a bit, for two reasons: […] Not quite sure why it doesn't align to "(", it does for almost all other occurences. I think it might have a trade-off here between trying to align and trying to get the string in the colum limit. http://gerrit.openvpn.net/c/openvpn/+/791/comment/4cf494a4_79f7b8ce : PS14, Line 251: MODULE, > same as above, I expected MODULE to be on the line above […] So basically what you want is "BinPackArguments: true", will apply that. http://gerrit.openvpn.net/c/openvpn/+/791/comment/d9dba330_b8c72914 : PS14, Line 252: "env has UV_WANT_CC_ASYNC=%d, but " > here there is a more generic question to answer: do we want to keep string on the same line, even if […] Has nothing to do with this patch though, AFAICT File sample/sample-plugins/defer/multi-auth.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/8b72fd16_d619cd73 : PS14, Line 294: const char *envp[]) > ratio behind this change? one arg per line? yes. This is BinPackParameters. Do you also want that set to "true"? http://gerrit.openvpn.net/c/openvpn/+/791/comment/d94e4661_457ff043 : PS14, Line 418: plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_constructor_v1"); > how about forcing a new line after variables declaration? Doesn't seem to be supported. There is a feature request for it: https://github.com/llvm/llvm-project/issues/97303 File sample/sample-plugins/log/log_v3.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/c9c800e4_6ecdeccd : PS14, Line 87: "log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n"); > this is probably another instance of the same situation as before. yes -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 14 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Wed, 16 Apr 2025 11:47:43 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: ordex <an...@ma...> Gerrit-MessageType: comment |
|
From: ordex (C. Review) <ge...@op...> - 2025-04-16 11:53:37
|
Attention is currently required from: flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 14: (2 comments) File sample/sample-plugins/client-connect/sample-client-connect.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/cd08c6bb_0b6173ee : PS14, Line 252: "env has UV_WANT_CC_ASYNC=%d, but " > Has nothing to do with this patch though, AFAICT You're right. I thought it was the right moment to trigger the discussion, so we can possibly find a clang-format option that addresses this. File sample/sample-plugins/defer/multi-auth.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/6b1aef69_72e254a0 : PS14, Line 294: const char *envp[]) > yes. This is BinPackParameters. […] I think we should. It will also make BinPackParameters consistent with BinPackArguments -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 14 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Wed, 16 Apr 2025 11:52:42 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: flichtenheld <fr...@li...> Comment-In-Reply-To: ordex <an...@ma...> Gerrit-MessageType: comment |
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-04-16 13:49:17
|
Attention is currently required from: ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 16: (4 comments) File sample/sample-plugins/client-connect/sample-client-connect.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/763d178b_37f47877 : PS14, Line 251: MODULE, > So basically what you want is "BinPackArguments: true", will apply that. Done File sample/sample-plugins/defer/multi-auth.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/e720aaa5_9dff2c4a : PS14, Line 267: np(context->test_valid_user), > I'd vote for putting these arguments on the same line, if there is enough space. Done http://gerrit.openvpn.net/c/openvpn/+/791/comment/6d71e7fc_faa3fc2d : PS14, Line 418: plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_constructor_v1"); > Doesn't seem to be supported. There is a feature request for it: https://github. […] Acknowledged File sample/sample-plugins/log/log_v3.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/5a59375c_600cff63 : PS14, Line 87: "log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n"); > yes Acknowledged -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 16 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Wed, 16 Apr 2025 13:48:29 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: flichtenheld <fr...@li...> Comment-In-Reply-To: ordex <an...@ma...> Gerrit-MessageType: comment |
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-04-16 13:56:11
|
Attention is currently required from: ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 16: (1 comment) File sample/sample-plugins/defer/multi-auth.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/d4a601b3_b1efe856 : PS14, Line 294: const char *envp[]) > I think we should. […] I disagree. Note that when setting BinPackParameters to true this will apply to all functions and all parameters. I think in general if the parameters to do fit on one line, it is better to put them one per line. Let's see what others think. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 16 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Wed, 16 Apr 2025 13:55:23 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: flichtenheld <fr...@li...> Comment-In-Reply-To: ordex <an...@ma...> Gerrit-MessageType: comment |
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-04-30 13:05:22
|
Attention is currently required from: ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 17: (1 comment) File sample/sample-plugins/defer/multi-auth.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/86c264e5_529758c0 : PS14, Line 294: const char *envp[]) > I disagree. […] BinPackParameter is set to true now after cron2 agreed with you. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 17 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Wed, 30 Apr 2025 13:04:34 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: flichtenheld <fr...@li...> Comment-In-Reply-To: ordex <an...@ma...> Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-05-24 14:14:25
|
Attention is currently required from: flichtenheld, ordex, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 18: (5 comments) Patchset: PS18: Overall this is impressively good. Some changes (struct opening bracket) should have been done all along :-) - others just make sense. I have a few that I do not like and I think one actual bug in the ruleset (`do...while()` in buffer.c). File src/openvpn/buffer.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/e228108e_a877cddf : PS18, Line 850: } while (c); it should not do that http://gerrit.openvpn.net/c/openvpn/+/791/comment/450ac52e_57fa1b4a : PS18, Line 915: && c != 127)) /* allow ascii non-control and UTF-8, consider DEL to be a control */ this is ugly, but I guess the best way to fix it is to manually move the comment before the if() line File src/openvpn/comp.h: http://gerrit.openvpn.net/c/openvpn/+/791/comment/07c11cf5_a35c47d6 : PS18, Line 93: bool check_compression_settings_valid(struct compress_options *info, int msglevel); this is one of the changes I'm not sure we want - having the return type on the line before gives us more line length for the actual prototype, and also it eases "grep ^function" to find prototype + function implementation (my use case, which I could certainly solve differently) File src/openvpn/console_builtin.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/ecc1640a_115b4d7b : PS18, Line 74: msg(M_WARN | M_ERRNO, "get_console_input_win32(): unexpected error"); the extra spaces around `foo|bar` are not really to my liking ("this belongs together" vibes) -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 18 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: cron2 <ge...@gr...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Sat, 24 May 2025 14:14:08 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment |
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-05-26 09:55:04
|
Attention is currently required from: cron2, ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 18: (3 comments) File src/openvpn/buffer.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/6892fcb6_41f2daaf : PS18, Line 850: } while (c); > it should not do that Why? http://gerrit.openvpn.net/c/openvpn/+/791/comment/18dc39e2_b722d6bf : PS18, Line 915: && c != 127)) /* allow ascii non-control and UTF-8, consider DEL to be a control */ > this is ugly, but I guess the best way to fix it is to manually move the comment before the if() lin […] Yes. File src/openvpn/console_builtin.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/e785d1b2_41139a46 : PS18, Line 74: msg(M_WARN | M_ERRNO, "get_console_input_win32(): unexpected error"); > the extra spaces around `foo|bar` are not really to my liking ("this belongs together" vibes) Interestingly one of the things we can't configure in clang-format. The space around binary operators is not optional. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 18 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: cron2 <ge...@gr...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: cron2 <ge...@gr...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Mon, 26 May 2025 09:54:45 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: cron2 <ge...@gr...> Gerrit-MessageType: comment |
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-05-26 10:41:30
|
Attention is currently required from: cron2, ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 19: (4 comments) File src/openvpn/buffer.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/5fa573c3_de511cf1 : PS18, Line 850: } while (c); > Why? As discussed on IRC this is actually correct for our current formatting. http://gerrit.openvpn.net/c/openvpn/+/791/comment/5173a895_ec42235c : PS18, Line 915: && c != 127)) /* allow ascii non-control and UTF-8, consider DEL to be a control */ > Yes. Done in separate commit. File src/openvpn/comp.h: http://gerrit.openvpn.net/c/openvpn/+/791/comment/ca6252bf_a8b50dfe : PS18, Line 93: bool check_compression_settings_valid(struct compress_options *info, int msglevel); > this is one of the changes I'm not sure we want - having the return type on the line before gives us […] As discussed in IRC this is consistent with what we have. Switched the .clang-format to use "AllDefinitions" instead which doesn't change anything but better matches our policy. File src/openvpn/console_builtin.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/9b83c0b1_41c7cd5f : PS18, Line 74: msg(M_WARN | M_ERRNO, "get_console_input_win32(): unexpected error"); > Interestingly one of the things we can't configure in clang-format. […] Done -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 19 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: cron2 <ge...@gr...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: cron2 <ge...@gr...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Mon, 26 May 2025 10:40:42 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: cron2 <ge...@gr...> Comment-In-Reply-To: flichtenheld <fr...@li...> Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-08-04 15:18:50
|
Attention is currently required from: flichtenheld, ordex, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/791?usp=email ) Change subject: Reformat the whole project with clang-format ...................................................................... Patch Set 23: Code-Review+2 (3 comments) Patchset: PS23: So, reviewed most of this, and especially tested this on all the testbeds (nothing fails). As agreed, move to "ColumnLimit: 0" afterwards with a cleanup patch, as the force-unwrapping by "100" creates ugliness and also "surprising submit fails" - we use common sense ;-) File src/openvpn/crypto.c: http://gerrit.openvpn.net/c/openvpn/+/791/comment/9105cd07_6cc952af : PS18, Line 391: epoch); not sure what happened here... http://gerrit.openvpn.net/c/openvpn/+/791/comment/ce26f764_3092ba12 : PS18, Line 1604: msg(M_FATAL, this is another one where the result is uglier than the start... maybe it needs manual breaking of the string so it can fit "properly" in 2 lines -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/791?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Gerrit-Change-Number: 791 Gerrit-PatchSet: 23 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-CC: ordex <an...@ma...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Mon, 04 Aug 2025 15:18:30 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: Gert D. <ge...@gr...> - 2025-08-04 15:19:09
|
From: Frank Lichtenheld <fr...@li...> Done with pre-commit run -a, so the version defined in pre-commit config is used. This also changes the Github workflow so that there is no commit that fails GHA. Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: Gert Doering <ge...@gr...> --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/791 This mail reflects revision 23 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering <ge...@gr...> diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index bd5895b..ba7f64b 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -5,35 +5,26 @@ pull_request: jobs: - checkuncrustify: - name: "Check code style with Uncrustify" - # Ubuntu 22.04 has uncrustify 0.72_f - runs-on: ubuntu-22.04 + clang-format: + name: Check code style with clang-format + runs-on: ubuntu-24.04 steps: - name: Install dependencies - run: sudo apt update && sudo apt install -y uncrustify + run: | + sudo apt update && sudo apt install -y python3-pip + pip3 install pre-commit - name: Checkout OpenVPN uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: openvpn - - name: Show uncrustify version - run: uncrustify --version - - name: Run uncrustify - run: ./dev-tools/reformat-all.sh - working-directory: openvpn + - name: Run clang-format + run: pre-commit run -a --show-diff-on-failure || true - name: Check for changes - run: git diff --output=uncrustify-changes.patch - working-directory: openvpn - - name: Show changes on standard output - run: git diff - working-directory: openvpn + run: git diff --output=format-changes.patch - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: - name: uncrustify-changes.patch - path: 'openvpn/uncrustify-changes.patch' + name: format-changes.patch + path: format-changes.patch - name: Set job status - run: test ! -s uncrustify-changes.patch - working-directory: openvpn + run: test ! -s format-changes.patch android: strategy: diff --git a/include/openvpn-msg.h b/include/openvpn-msg.h index 106a274..a692137 100644 --- a/include/openvpn-msg.h +++ b/include/openvpn-msg.h @@ -26,7 +26,8 @@ #include <windef.h> #include <ws2tcpip.h> -typedef enum { +typedef enum +{ msg_acknowledgement, msg_add_address, msg_del_address, @@ -50,28 +51,33 @@ msg_create_adapter } message_type_t; -typedef struct { +typedef struct +{ message_type_t type; size_t size; int message_id; } message_header_t; -typedef union { +typedef union +{ struct in_addr ipv4; struct in6_addr ipv6; } inet_address_t; -typedef struct { +typedef struct +{ int index; char name[256]; } interface_t; -typedef enum { - wfp_block_local = 1<<0, - wfp_block_dns = 1<<1 +typedef enum +{ + wfp_block_local = 1 << 0, + wfp_block_dns = 1 << 1 } wfp_block_flags_t; -typedef struct { +typedef struct +{ message_header_t header; short family; inet_address_t address; @@ -79,7 +85,8 @@ interface_t iface; } address_message_t; -typedef struct { +typedef struct +{ message_header_t header; short family; inet_address_t prefix; @@ -89,7 +96,8 @@ int metric; } route_message_t; -typedef struct { +typedef struct +{ message_header_t header; interface_t iface; char domains[512]; @@ -99,14 +107,16 @@ } dns_cfg_message_t; -typedef enum { +typedef enum +{ nrpt_dnssec } nrpt_flags_t; -#define NRPT_ADDR_NUM 8 /* Max. number of addresses */ +#define NRPT_ADDR_NUM 8 /* Max. number of addresses */ #define NRPT_ADDR_SIZE 48 /* Max. address strlen + some */ typedef char nrpt_address_t[NRPT_ADDR_SIZE]; -typedef struct { +typedef struct +{ message_header_t header; interface_t iface; nrpt_address_t addresses[NRPT_ADDR_NUM]; @@ -115,14 +125,16 @@ nrpt_flags_t flags; } nrpt_dns_cfg_message_t; -typedef struct { +typedef struct +{ message_header_t header; interface_t iface; int addr_len; inet_address_t addr[4]; /* support up to 4 dns addresses */ } wins_cfg_message_t; -typedef struct { +typedef struct +{ message_header_t header; interface_t iface; int disable_nbt; @@ -134,41 +146,48 @@ /* TODO: NTP */ -typedef struct { +typedef struct +{ message_header_t header; short family; interface_t iface; } flush_neighbors_message_t; -typedef struct { +typedef struct +{ message_header_t header; int error_number; } ack_message_t; -typedef struct { +typedef struct +{ message_header_t header; wfp_block_flags_t flags; interface_t iface; } wfp_block_message_t; -typedef struct { +typedef struct +{ message_header_t header; interface_t iface; } enable_dhcp_message_t; -typedef struct { +typedef struct +{ message_header_t header; interface_t iface; short family; int mtu; } set_mtu_message_t; -typedef enum { +typedef enum +{ ADAPTER_TYPE_DCO, ADAPTER_TYPE_TAP, } adapter_type_t; -typedef struct { +typedef struct +{ message_header_t header; adapter_type_t adapter_type; } create_adapter_message_t; diff --git a/sample/sample-plugins/client-connect/sample-client-connect.c b/sample/sample-plugins/client-connect/sample-client-connect.c index 3dda782..7e3b5a9 100644 --- a/sample/sample-plugins/client-connect/sample-client-connect.c +++ b/sample/sample-plugins/client-connect/sample-client-connect.c @@ -58,8 +58,9 @@ * Our context, where we keep our state. */ -struct plugin_context { - int verb; /* logging verbosity */ +struct plugin_context +{ + int verb; /* logging verbosity */ }; /* this is used for the CLIENT_CONNECT_V2 async/deferred handler @@ -68,8 +69,9 @@ * this, and the "CLIENT_CONNECT_DEFER_V2" handler looks at it to see * if it's time yet to succeed/fail */ -struct plugin_per_client_context { - time_t sleep_until; /* wakeup time (time() + sleep) */ +struct plugin_per_client_context +{ + time_t sleep_until; /* wakeup time (time() + sleep) */ bool want_fail; bool want_disable; const char *client_config; @@ -117,8 +119,7 @@ /* use v3 functions so we can use openvpn's logging and base64 etc. */ OPENVPN_EXPORT int -openvpn_plugin_open_v3(const int v3structver, - struct openvpn_plugin_args_open_in const *args, +openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args, struct openvpn_plugin_args_open_return *ret) { /* const char **argv = args->argv; */ /* command line arguments (unused) */ @@ -127,7 +128,9 @@ /* Check API compatibility -- struct version 5 or higher needed */ if (v3structver < 5) { - fprintf(stderr, "sample-client-connect: this plugin is incompatible with the running version of OpenVPN\n"); + fprintf( + stderr, + "sample-client-connect: this plugin is incompatible with the running version of OpenVPN\n"); return OPENVPN_PLUGIN_FUNC_ERROR; } @@ -143,18 +146,17 @@ /* * Intercept just about everything... */ - ret->type_mask = - OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); + ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); /* Save global pointers to functions exported from openvpn */ plugin_log = args->callbacks->plugin_log; @@ -166,7 +168,7 @@ */ context->verb = atoi_null0(get_env("verb", envp)); - ret->handle = (openvpn_plugin_handle_t *) context; + ret->handle = (openvpn_plugin_handle_t *)context; plugin_log(PLOG_NOTE, MODULE, "initialization succeeded"); return OPENVPN_PLUGIN_FUNC_SUCCESS; @@ -242,8 +244,10 @@ const char *ccd_file = get_env("client_connect_deferred_file", envp); if (!ccd_file) { - plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC_ASYNC=%d, but " - "'client_connect_deferred_file' not set -> fail", seconds); + plugin_log(PLOG_NOTE, MODULE, + "env has UV_WANT_CC_ASYNC=%d, but " + "'client_connect_deferred_file' not set -> fail", + seconds); return OPENVPN_PLUGIN_FUNC_ERROR; } @@ -257,13 +261,13 @@ int fd = open(ccd_file, O_WRONLY); if (fd < 0) { - plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file); + plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file); return OPENVPN_PLUGIN_FUNC_ERROR; } if (write(fd, "2", 1) != 1) { - plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file ); + plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file); close(fd); return OPENVPN_PLUGIN_FUNC_ERROR; } @@ -277,11 +281,11 @@ /* fork, sleep, succeed/fail according to env vars */ pid_t p1 = fork(); - if (p1 < 0) /* Fork failed */ + if (p1 < 0) /* Fork failed */ { return OPENVPN_PLUGIN_FUNC_ERROR; } - if (p1 > 0) /* parent process */ + if (p1 > 0) /* parent process */ { waitpid(p1, NULL, 0); return OPENVPN_PLUGIN_FUNC_DEFERRED; @@ -291,10 +295,10 @@ pid_t p2 = fork(); if (p2 < 0) { - plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "BACKGROUND: fork(2) failed"); + plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "BACKGROUND: fork(2) failed"); exit(1); } - if (p2 > 0) /* new parent: exit right away */ + if (p2 > 0) /* new parent: exit right away */ { exit(0); } @@ -324,16 +328,16 @@ fd = open(ccd_file, O_WRONLY); if (fd < 0) { - plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file); + plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file); exit(1); } plugin_log(PLOG_NOTE, MODULE, "cc_handle_deferred_v1: done, signalling %s", - (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "success" : "fail" ); + (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "success" : "fail"); if (write(fd, (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "1" : "0", 1) != 1) { - plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file ); + plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file); } close(fd); @@ -341,14 +345,12 @@ } int -openvpn_plugin_client_connect(struct plugin_context *context, - const char **argv, - const char **envp) +openvpn_plugin_client_connect(struct plugin_context *context, const char **argv, const char **envp) { /* log environment variables handed to us by OpenVPN, but * only if "setenv verb" is 3 or higher (arbitrary number) */ - if (context->verb>=3) + if (context->verb >= 3) { for (int i = 0; argv[i]; i++) { @@ -389,8 +391,7 @@ int openvpn_plugin_client_connect_v2(struct plugin_context *context, - struct plugin_per_client_context *pcc, - const char **envp, + struct plugin_per_client_context *pcc, const char **envp, struct openvpn_plugin_string_list **return_list) { /* by setting "UV_WANT_CC2_ASYNC" we go to async/deferred mode */ @@ -420,7 +421,8 @@ pcc->want_fail = (want_fail != NULL); pcc->want_disable = (want_disable != NULL); pcc->client_config = client_config; - plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_ASYNC=%s -> set up deferred handler", want_async); + plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_ASYNC=%s -> set up deferred handler", + want_async); return OPENVPN_PLUGIN_FUNC_DEFERRED; } @@ -431,8 +433,7 @@ return OPENVPN_PLUGIN_FUNC_ERROR; } - struct openvpn_plugin_string_list *rl = - calloc(1, sizeof(struct openvpn_plugin_string_list)); + struct openvpn_plugin_string_list *rl = calloc(1, sizeof(struct openvpn_plugin_string_list)); if (!rl) { plugin_log(PLOG_ERR, MODULE, "malloc(return_list) failed"); @@ -466,12 +467,10 @@ int openvpn_plugin_client_connect_defer_v2(struct plugin_context *context, struct plugin_per_client_context *pcc, - struct openvpn_plugin_string_list - **return_list) + struct openvpn_plugin_string_list **return_list) { time_t time_left = pcc->sleep_until - time(NULL); - plugin_log(PLOG_NOTE, MODULE, "defer_v2: seconds left=%d", - (int) time_left); + plugin_log(PLOG_NOTE, MODULE, "defer_v2: seconds left=%d", (int)time_left); /* not yet due? */ if (time_left > 0) @@ -482,15 +481,14 @@ /* client wants fail? */ if (pcc->want_fail) { - plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_FAIL -> fail" ); + plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_FAIL -> fail"); return OPENVPN_PLUGIN_FUNC_ERROR; } /* fill in RL according to with-disable / without-disable */ /* TODO: unify this with non-deferred case */ - struct openvpn_plugin_string_list *rl = - calloc(1, sizeof(struct openvpn_plugin_string_list)); + struct openvpn_plugin_string_list *rl = calloc(1, sizeof(struct openvpn_plugin_string_list)); if (!rl) { plugin_log(PLOG_ERR, MODULE, "malloc(return_list) failed"); @@ -522,15 +520,12 @@ } OPENVPN_EXPORT int -openvpn_plugin_func_v2(openvpn_plugin_handle_t handle, - const int type, - const char *argv[], - const char *envp[], - void *per_client_context, +openvpn_plugin_func_v2(openvpn_plugin_handle_t handle, const int type, const char *argv[], + const char *envp[], void *per_client_context, struct openvpn_plugin_string_list **return_list) { - struct plugin_context *context = (struct plugin_context *) handle; - struct plugin_per_client_context *pcc = (struct plugin_per_client_context *) per_client_context; + struct plugin_context *context = (struct plugin_context *)handle; + struct plugin_per_client_context *pcc = (struct plugin_per_client_context *)per_client_context; /* for most functions, we just "don't do anything" but log the * event received (so one can follow it in the log and understand @@ -564,13 +559,11 @@ case OPENVPN_PLUGIN_CLIENT_CONNECT_V2: plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_CONNECT_V2"); - return openvpn_plugin_client_connect_v2(context, pcc, envp, - return_list); + return openvpn_plugin_client_connect_v2(context, pcc, envp, return_list); case OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2: plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2"); - return openvpn_plugin_client_connect_defer_v2(context, pcc, - return_list); + return openvpn_plugin_client_connect_defer_v2(context, pcc, return_list); case OPENVPN_PLUGIN_CLIENT_DISCONNECT: plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_DISCONNECT"); @@ -607,7 +600,7 @@ OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; printf("FUNC: openvpn_plugin_close_v1\n"); free(context); } diff --git a/sample/sample-plugins/defer/multi-auth.c b/sample/sample-plugins/defer/multi-auth.c index 9a2cb13..3c9c9c6 100644 --- a/sample/sample-plugins/defer/multi-auth.c +++ b/sample/sample-plugins/defer/multi-auth.c @@ -62,7 +62,8 @@ * Our context, where we keep our state. */ -struct plugin_context { +struct plugin_context +{ int test_deferred_auth; char *authid; char *test_valid_user; @@ -103,11 +104,12 @@ * structver '5' here to indicate a desire for modern openvpn, rather * than a need for any particular feature found in structver beyond '1'. */ -#define OPENVPN_PLUGIN_VERSION_MIN 3 +#define OPENVPN_PLUGIN_VERSION_MIN 3 #define OPENVPN_PLUGIN_STRUCTVER_MIN 5 -struct plugin_per_client_context { +struct plugin_per_client_context +{ int n_calls; bool generated_pf_file; }; @@ -175,13 +177,13 @@ /* use v3 functions so we can use openvpn's logging and base64 etc. */ OPENVPN_EXPORT int -openvpn_plugin_open_v3(const int v3structver, - struct openvpn_plugin_args_open_in const *args, +openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args, struct openvpn_plugin_args_open_return *ret) { if (v3structver < OPENVPN_PLUGIN_STRUCTVER_MIN) { - fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", MODULE); + fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", + MODULE); return OPENVPN_PLUGIN_FUNC_ERROR; } @@ -194,7 +196,7 @@ * Allocate our context */ struct plugin_context *context = NULL; - context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context)); + context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context)); if (!context) { goto error; @@ -238,7 +240,7 @@ * Which callbacks to intercept. */ ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY); - ret->handle = (openvpn_plugin_handle_t *) context; + ret->handle = (openvpn_plugin_handle_t *)context; plog(context, PLOG_NOTE, "initialization succeeded"); return OPENVPN_PLUGIN_FUNC_SUCCESS; @@ -253,29 +255,22 @@ } static bool -do_auth_user_pass(struct plugin_context *context, - const char *username, const char *password) +do_auth_user_pass(struct plugin_context *context, const char *username, const char *password) { - plog(context, PLOG_NOTE, - "expect_user=%s, received_user=%s, expect_passw=%s, received_passw=%s", - np(context->test_valid_user), - np(username), - np(context->test_valid_pass), - np(password)); + plog(context, PLOG_NOTE, "expect_user=%s, received_user=%s, expect_passw=%s, received_passw=%s", + np(context->test_valid_user), np(username), np(context->test_valid_pass), np(password)); if (context->test_valid_user && context->test_valid_pass) { if ((strcmp(context->test_valid_user, username) != 0) || (strcmp(context->test_valid_pass, password) != 0)) { - plog(context, PLOG_ERR, - "User/Password auth result: FAIL"); + plog(context, PLOG_ERR, "User/Password auth result: FAIL"); return false; } else { - plog(context, PLOG_NOTE, - "User/Password auth result: PASS"); + plog(context, PLOG_NOTE, "User/Password auth result: PASS"); return true; } } @@ -284,8 +279,7 @@ static int -auth_user_pass_verify(struct plugin_context *context, - struct plugin_per_client_context *pcc, +auth_user_pass_verify(struct plugin_context *context, struct plugin_per_client_context *pcc, const char *argv[], const char *envp[]) { /* get username/password from envp string array */ @@ -295,8 +289,8 @@ if (!context->test_deferred_auth) { plog(context, PLOG_NOTE, "Direct authentication"); - return do_auth_user_pass(context, username, password) ? - OPENVPN_PLUGIN_FUNC_SUCCESS : OPENVPN_PLUGIN_FUNC_ERROR; + return do_auth_user_pass(context, username, password) ? OPENVPN_PLUGIN_FUNC_SUCCESS + : OPENVPN_PLUGIN_FUNC_ERROR; } /* get auth_control_file filename from envp string array*/ @@ -317,11 +311,11 @@ /* fork, sleep, succeed (no "real" auth done = always succeed) */ pid_t p1 = fork(); - if (p1 < 0) /* Fork failed */ + if (p1 < 0) /* Fork failed */ { return OPENVPN_PLUGIN_FUNC_ERROR; } - if (p1 > 0) /* parent process */ + if (p1 > 0) /* parent process */ { waitpid(p1, NULL, 0); return OPENVPN_PLUGIN_FUNC_DEFERRED; @@ -331,11 +325,11 @@ pid_t p2 = fork(); if (p2 < 0) { - plog(context, PLOG_ERR|PLOG_ERRNO, "BACKGROUND: fork(2) failed"); + plog(context, PLOG_ERR | PLOG_ERRNO, "BACKGROUND: fork(2) failed"); exit(1); } - if (p2 != 0) /* new parent: exit right away */ + if (p2 != 0) /* new parent: exit right away */ { exit(0); } @@ -347,7 +341,7 @@ */ /* do mighty complicated work that will really take time here... */ - useconds_t wait_time = (useconds_t)context->test_deferred_auth*1000; + useconds_t wait_time = (useconds_t)context->test_deferred_auth * 1000; plog(context, PLOG_NOTE, "in async/deferred handler, usleep(%u)", wait_time); usleep(wait_time); @@ -355,8 +349,7 @@ int fd = open(auth_control_file, O_WRONLY); if (fd < 0) { - plog(context, PLOG_ERR|PLOG_ERRNO, - "open('%s') failed", auth_control_file); + plog(context, PLOG_ERR | PLOG_ERRNO, "open('%s') failed", auth_control_file); exit(1); } @@ -368,7 +361,7 @@ if (write(fd, result, 1) != 1) { - plog(context, PLOG_ERR|PLOG_ERRNO, "write to '%s' failed", auth_control_file ); + plog(context, PLOG_ERR | PLOG_ERRNO, "write to '%s' failed", auth_control_file); } close(fd); @@ -377,19 +370,20 @@ OPENVPN_EXPORT int -openvpn_plugin_func_v3(const int v3structver, - struct openvpn_plugin_args_func_in const *args, +openvpn_plugin_func_v3(const int v3structver, struct openvpn_plugin_args_func_in const *args, struct openvpn_plugin_args_func_return *ret) { if (v3structver < OPENVPN_PLUGIN_STRUCTVER_MIN) { - fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", MODULE); + fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", + MODULE); return OPENVPN_PLUGIN_FUNC_ERROR; } const char **argv = args->argv; const char **envp = args->envp; - struct plugin_context *context = (struct plugin_context *) args->handle; - struct plugin_per_client_context *pcc = (struct plugin_per_client_context *) args->per_client_context; + struct plugin_context *context = (struct plugin_context *)args->handle; + struct plugin_per_client_context *pcc = + (struct plugin_per_client_context *)args->per_client_context; switch (args->type) { case OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY: @@ -405,7 +399,7 @@ OPENVPN_EXPORT void * openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_constructor_v1"); return calloc(1, sizeof(struct plugin_per_client_context)); } @@ -413,7 +407,7 @@ OPENVPN_EXPORT void openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *per_client_context) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_destructor_v1"); free(per_client_context); } @@ -421,7 +415,7 @@ OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_close_v1"); free(context); } diff --git a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c index b73144f..e7556a1 100644 --- a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c +++ b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c @@ -37,22 +37,25 @@ #define MAXPATH 1024 #endif -#define ovpn_err(fmt, ...) \ - plugin->log(PLOG_ERR, "SSO", fmt, ## __VA_ARGS__) -#define ovpn_dbg(fmt, ...) \ - plugin->log(PLOG_DEBUG, "SSO", fmt, ## __VA_ARGS__) -#define ovpn_note(fmt, ...) \ - plugin->log(PLOG_NOTE, "SSO", fmt, ## __VA_ARGS__) +#define ovpn_err(fmt, ...) plugin->log(PLOG_ERR, "SSO", fmt, ##__VA_ARGS__) +#define ovpn_dbg(fmt, ...) plugin->log(PLOG_DEBUG, "SSO", fmt, ##__VA_ARGS__) +#define ovpn_note(fmt, ...) plugin->log(PLOG_NOTE, "SSO", fmt, ##__VA_ARGS__) -enum endpoint { CLIENT = 1, SERVER = 2 }; +enum endpoint +{ + CLIENT = 1, + SERVER = 2 +}; -struct plugin { +struct plugin +{ plugin_log_t log; enum endpoint type; int mask; }; -struct session { +struct session +{ char user[48]; char key[48]; }; @@ -85,8 +88,7 @@ } OPENVPN_EXPORT int -openvpn_plugin_open_v3(const int version, - struct openvpn_plugin_args_open_in const *args, +openvpn_plugin_open_v3(const int version, struct openvpn_plugin_args_open_in const *args, struct openvpn_plugin_args_open_return *rv) { struct plugin *plugin = calloc(1, sizeof(*plugin)); @@ -98,9 +100,9 @@ } plugin->type = get_env("remote_1", args->envp) ? CLIENT : SERVER; - plugin->log = args->callbacks->plugin_log; + plugin->log = args->callbacks->plugin_log; - plugin->mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); + plugin->mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); plugin->mask |= OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY); ovpn_note("vpn endpoint type=%s", plugin->type == CLIENT ? "client" : "server"); @@ -163,8 +165,8 @@ static int tls_verify(struct openvpn_plugin_args_func_in const *args) { - struct plugin *plugin = (struct plugin *)args->handle; - struct session *sess = (struct session *)args->per_client_context; + struct plugin *plugin = (struct plugin *)args->handle; + struct session *sess = (struct session *)args->per_client_context; /* we store cert subject for the server end point only */ if (plugin->type != SERVER) @@ -199,8 +201,8 @@ static void server_store(struct openvpn_plugin_args_func_in const *args) { - struct plugin *plugin = (struct plugin *)args->handle; - struct session *sess = (struct session *)args->per_client_context; + struct plugin *plugin = (struct plugin *)args->handle; + struct session *sess = (struct session *)args->per_client_context; char file[MAXPATH]; snprintf(file, sizeof(file) - 1, "/tmp/openvpn_sso_%s", sess->key); @@ -211,8 +213,8 @@ static void client_store(struct openvpn_plugin_args_func_in const *args) { - struct plugin *plugin = (struct plugin *)args->handle; - struct session *sess = (struct session *)args->per_client_context; + struct plugin *plugin = (struct plugin *)args->handle; + struct session *sess = (struct session *)args->per_client_context; char *file = "/tmp/openvpn_sso_user"; ovpn_note("app session file: %s", file); @@ -223,8 +225,8 @@ tls_final(struct openvpn_plugin_args_func_in const *args, struct openvpn_plugin_args_func_return *rv) { - struct plugin *plugin = (struct plugin *)args->handle; - struct session *sess = (struct session *)args->per_client_context; + struct plugin *plugin = (struct plugin *)args->handle; + struct session *sess = (struct session *)args->per_client_context; const char *key; if (!(key = get_env("exported_keying_material", args->envp))) @@ -251,8 +253,7 @@ } OPENVPN_EXPORT int -openvpn_plugin_func_v3(const int version, - struct openvpn_plugin_args_func_in const *args, +openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *args, struct openvpn_plugin_args_func_return *rv) { switch (args->type) @@ -270,7 +271,7 @@ openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle) { struct plugin *plugin = (struct plugin *)handle; - struct session *sess = calloc(1, sizeof(*sess)); + struct session *sess = calloc(1, sizeof(*sess)); ovpn_note("app session created"); @@ -281,7 +282,7 @@ openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *ctx) { struct plugin *plugin = (struct plugin *)handle; - struct session *sess = (struct session *)ctx; + struct session *sess = (struct session *)ctx; ovpn_note("app session key: %s", sess->key); ovpn_note("app session destroyed"); diff --git a/sample/sample-plugins/log/log.c b/sample/sample-plugins/log/log.c index 63d714f..70fa60d 100644 --- a/sample/sample-plugins/log/log.c +++ b/sample/sample-plugins/log/log.c @@ -36,7 +36,8 @@ /* * Our context, where we keep our state. */ -struct plugin_context { +struct plugin_context +{ const char *username; const char *password; }; @@ -75,7 +76,7 @@ /* * Allocate our context */ - context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context)); + context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context)); if (context == NULL) { printf("PLUGIN: allocating memory for context failed\n"); @@ -91,19 +92,17 @@ /* * Which callbacks to intercept. */ - *type_mask = - OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); + *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); - return (openvpn_plugin_handle_t) context; + return (openvpn_plugin_handle_t)context; } void @@ -171,9 +170,10 @@ } OPENVPN_EXPORT int -openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]) +openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], + const char *envp[]) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; show(type, argv, envp); @@ -184,8 +184,8 @@ const char *username = get_env("username", envp); const char *password = get_env("password", envp); - if (username && !strcmp(username, context->username) - && password && !strcmp(password, context->password)) + if (username && !strcmp(username, context->username) && password + && !strcmp(password, context->password)) { return OPENVPN_PLUGIN_FUNC_SUCCESS; } @@ -203,6 +203,6 @@ OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; free(context); } diff --git a/sample/sample-plugins/log/log_v3.c b/sample/sample-plugins/log/log_v3.c index 02cdda8..cef22cf 100644 --- a/sample/sample-plugins/log/log_v3.c +++ b/sample/sample-plugins/log/log_v3.c @@ -39,7 +39,8 @@ /* * Our context, where we keep our state. */ -struct plugin_context { +struct plugin_context +{ const char *username; const char *password; }; @@ -71,8 +72,7 @@ } OPENVPN_EXPORT int -openvpn_plugin_open_v3(const int v3structver, - struct openvpn_plugin_args_open_in const *args, +openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args, struct openvpn_plugin_args_open_return *ret) { struct plugin_context *context = NULL; @@ -80,7 +80,8 @@ /* Check that we are API compatible */ if (v3structver != OPENVPN_PLUGINv3_STRUCTVER) { - printf("log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n"); + printf( + "log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n"); return OPENVPN_PLUGIN_FUNC_ERROR; } @@ -91,26 +92,24 @@ } /* Print some version information about the OpenVPN process using this plug-in */ - printf("log_v3: OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n", - args->ovpn_version, args->ovpn_version_major, - args->ovpn_version_minor, args->ovpn_version_patch); + printf("log_v3: OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n", args->ovpn_version, + args->ovpn_version_major, args->ovpn_version_minor, args->ovpn_version_patch); /* Which callbacks to intercept. */ - ret->type_mask = - OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); + ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL); /* Allocate our context */ - context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context)); + context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context)); if (context == NULL) { printf("PLUGIN: allocating memory for context failed\n"); @@ -122,7 +121,7 @@ context->password = "bar"; /* Point the global context handle to our newly created context */ - ret->handle = (void *) context; + ret->handle = (void *)context; return OPENVPN_PLUGIN_FUNC_SUCCESS; } @@ -243,13 +242,11 @@ } - OPENVPN_EXPORT int -openvpn_plugin_func_v3(const int version, - struct openvpn_plugin_args_func_in const *args, +openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *args, struct openvpn_plugin_args_func_return *retptr) { - struct plugin_context *context = (struct plugin_context *) args->handle; + struct plugin_context *context = (struct plugin_context *)args->handle; printf("\nopenvpn_plugin_func_v3() :::::>> "); show(args->type, args->argv, args->envp); @@ -270,8 +267,8 @@ const char *username = get_env("username", args->envp); const char *password = get_env("password", args->envp); - if (username && !strcmp(username, context->username) - && password && !strcmp(password, context->password)) + if (username && !strcmp(username, context->username) && password + && !strcmp(password, context->password)) { return OPENVPN_PLUGIN_FUNC_SUCCESS; } @@ -289,6 +286,6 @@ OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; free(context); } diff --git a/sample/sample-plugins/simple/base64.c b/sample/sample-plugins/simple/base64.c index b6c0c97..8a1dedd 100644 --- a/sample/sample-plugins/simple/base64.c +++ b/sample/sample-plugins/simple/base64.c @@ -98,21 +98,20 @@ * */ OPENVPN_EXPORT int -openvpn_plugin_open_v3(const int v3structver, - struct openvpn_plugin_args_open_in const *args, +openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args, struct openvpn_plugin_args_open_return *ret) { /* Check that we are API compatible */ if (v3structver != OPENVPN_PLUGINv3_STRUCTVER) { - printf("base64.c: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n"); + printf( + "base64.c: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n"); return OPENVPN_PLUGIN_FUNC_ERROR; } /* Which callbacks to intercept. */ - ret->type_mask = - OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) - |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2); + ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY) + | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2); /* we don't need a plug-in context in this example, but OpenVPN expects "something" */ ret->handle = calloc(1, 1); @@ -125,8 +124,8 @@ /* Print some version information about the OpenVPN process using this plug-in */ ovpn_log(PLOG_NOTE, PLUGIN_NAME, "OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n", - args->ovpn_version, args->ovpn_version_major, - args->ovpn_version_minor, args->ovpn_version_patch); + args->ovpn_version, args->ovpn_version_major, args->ovpn_version_minor, + args->ovpn_version_patch); return OPENVPN_PLUGIN_FUNC_SUCCESS; } @@ -154,10 +153,10 @@ */ OPENVPN_EXPORT int -openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]) +openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], + const char *envp[]) { - if (type != OPENVPN_PLUGIN_TLS_VERIFY - && type != OPENVPN_PLUGIN_CLIENT_CONNECT_V2) + if (type != OPENVPN_PLUGIN_TLS_VERIFY && type != OPENVPN_PLUGIN_CLIENT_CONNECT_V2) { ovpn_log(PLOG_ERR, PLUGIN_NAME, "Unsupported plug-in hook call attempted"); return OPENVPN_PLUGIN_FUNC_ERROR; @@ -174,14 +173,13 @@ /* test the BASE64 encode function */ char *buf = NULL; int r = ovpn_base64_encode(clcert_cn, (int)strlen(clcert_cn), &buf); - ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 encoded '%s' (return value %i): '%s'", - clcert_cn, r, buf); + ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 encoded '%s' (return value %i): '%s'", clcert_cn, r, + buf); /* test the BASE64 decode function */ - char buf2[256] = {0}; + char buf2[256] = { 0 }; r = ovpn_base64_decode(buf, &buf2, 255); - ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 decoded '%s' (return value %i): '%s'", - buf, r, buf2); + ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 decoded '%s' (return value %i): '%s'", buf, r, buf2); /* Verify the result, and free the buffer allocated by ovpn_base64_encode() */ r = strcmp(clcert_cn, buf2); @@ -201,6 +199,6 @@ OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; free(context); } diff --git a/sample/sample-plugins/simple/simple.c b/sample/sample-plugins/simple/simple.c index ed5bce5..8b2b793 100644 --- a/sample/sample-plugins/simple/simple.c +++ b/sample/sample-plugins/simple/simple.c @@ -38,7 +38,8 @@ /* * Our context, where we keep our state. */ -struct plugin_context { +struct plugin_context +{ const char *username; const char *password; }; @@ -77,7 +78,7 @@ /* * Allocate our context */ - context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context)); + context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context)); if (context == NULL) { printf("PLUGIN: allocating memory for context failed\n"); @@ -96,21 +97,22 @@ */ *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY); - return (openvpn_plugin_handle_t) context; + return (openvpn_plugin_handle_t)context; } OPENVPN_EXPORT int -openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]) +openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], + const char *envp[]) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; /* get username/password from envp string array */ const char *username = get_env("username", envp); const char *password = get_env("password", envp); /* check entered username/password against what we require */ - if (username && !strcmp(username, context->username) - && password && !strcmp(password, context->password)) + if (username && !strcmp(username, context->username) && password + && !strcmp(password, context->password)) { return OPENVPN_PLUGIN_FUNC_SUCCESS; } @@ -123,6 +125,6 @@ OPENVPN_EXPORT void openvpn_plugin_close_v1(openvpn_plugin_handle_t handle) { - struct plugin_context *context = (struct plugin_context *) handle; + struct plugin_context *context = (struct plugin_context *)handle; free(context); } diff --git a/src/compat/compat-basename.c b/src/compat/compat-basename.c index 18944f6..24f5af7 100644 --- a/src/compat/compat-basename.c +++ b/src/compat/compat-basename.c @@ -41,7 +41,7 @@ /* If NULL, check for \ instead ... might be Windows a path */ p = strrchr(filename, '\\'); } - return p ? p + 1 : (char *) filename; + return p ? p + 1 : (char *)filename; } #endif /* HAVE_BASENAME */ diff --git a/src/compat/compat-dirname.c b/src/compat/compat-dirname.c index 17de8ad..a432bae 100644 --- a/src/compat/compat-dirname.c +++ b/src/compat/compat-dirname.c @@ -89,7 +89,7 @@ /* The '/' is the last character, we have to look further. */ if (runp != path) { - last_slash = (char *) __memrchr(path, separator, runp - path); + last_slash = (char *)__memrchr(path, separator, runp - path); } } @@ -134,7 +134,7 @@ /* This assignment is ill-designed but the XPG specs require to * return a string containing "." in any case no directory part is * found and so a static and constant string is required. */ - path = (char *) dot; + path = (char *)dot; } return path; diff --git a/src/compat/compat-gettimeofday.c b/src/compat/compat-gettimeofday.c index de53cb5..29ded6c 100644 --- a/src/compat/compat-gettimeofday.c +++ b/src/compat/compat-gettimeofday.c @@ -48,7 +48,7 @@ { const time_t t = time(NULL); const DWORD gtc = GetTickCount(); - gtc_base = t - gtc/1000; + gtc_base = t - gtc / 1000; gtc_last = gtc; } @@ -112,7 +112,7 @@ return 0; } -#else /* ifdef _WIN32 */ +#else /* ifdef _WIN32 */ #include <time.h> diff --git a/src/openvpn/argv.c b/src/openvpn/argv.c index 34266d4..903fc0a 100644 --- a/src/openvpn/argv.c +++ b/src/openvpn/argv.c @@ -284,8 +284,7 @@ * free()d to avoid memory leaks. */ static char * -argv_prep_format(const char *format, const char delim, size_t *count, - struct gc_arena *gc) +argv_prep_format(const char *format, const char delim, size_t *count, struct gc_arena *gc) { if (format == NULL) { @@ -311,7 +310,7 @@ * the string is empty; the resulting format string * will never start with a delimiter. */ - if (j > 0) /* Has anything been written to the output string? */ + if (j > 0) /* Has anything been written to the output string? */ { f[j++] = delim; } @@ -347,7 +346,7 @@ static bool argv_printf_arglist(struct argv *argres, const char *format, va_list arglist) { - const char delim = 0x1D; /* ASCII Group Separator (GS) */ + const char delim = 0x1D; /* ASCII Group Separator (GS) */ bool res = false; /* @@ -484,8 +483,8 @@ argv_reset(argres); char *parms[MAX_PARMS + 1] = { 0 }; - int nparms = parse_line(cmdstr, parms, MAX_PARMS, "SCRIPT-ARGV", 0, - D_ARGV_PARSE_CMD, &argres->gc); + int nparms = + parse_line(cmdstr, parms, MAX_PARMS, "SCRIPT-ARGV", 0, D_ARGV_PARSE_CMD, &argres->gc); if (nparms) { int i; diff --git a/src/openvpn/argv.h b/src/openvpn/argv.h index f694760..056fe31 100644 --- a/src/openvpn/argv.h +++ b/src/openvpn/argv.h @@ -31,7 +31,8 @@ #include "buffer.h" -struct argv { +struct argv +{ struct gc_arena gc; size_t capacity; size_t argc; @@ -55,21 +56,21 @@ bool argv_printf(struct argv *a, const char *format, ...) #ifdef __GNUC__ #if __USE_MINGW_ANSI_STDIO -__attribute__ ((format(gnu_printf, 2, 3))) + __attribute__((format(gnu_printf, 2, 3))) #else -__attribute__ ((format(__printf__, 2, 3))) + __attribute__((format(__printf__, 2, 3))) #endif #endif -; + ; bool argv_printf_cat(struct argv *a, const char *format, ...) #ifdef __GNUC__ #if __USE_MINGW_ANSI_STDIO -__attribute__ ((format(gnu_printf, 2, 3))) + __attribute__((format(gnu_printf, 2, 3))) #else -__attribute__ ((format(__printf__, 2, 3))) + __attribute__((format(__printf__, 2, 3))) #endif #endif -; + ; #endif /* ifndef ARGV_H */ diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c index 3cf55e8..a694e81 100644 --- a/src/openvpn/auth_token.c +++ b/src/openvpn/auth_token.c @@ -18,7 +18,7 @@ const char *auth_token_pem_name = "OpenVPN auth-token server key"; -#define AUTH_TOKEN_SESSION_ID_LEN 12 +#define AUTH_TOKEN_SESSION_ID_LEN 12 #define AUTH_TOKEN_SESSION_ID_BASE64_LEN (AUTH_TOKEN_SESSION_ID_LEN * 8 / 6) #if AUTH_TOKEN_SESSION_ID_LEN % 3 @@ -53,7 +53,7 @@ } else if (auth_token_state_flags & AUTH_TOKEN_HMAC_OK) { - switch (auth_token_state_flags & (AUTH_TOKEN_VALID_EMPTYUSER|AUTH_TOKEN_EXPIRED)) + switch (auth_token_state_flags & (AUTH_TOKEN_VALID_EMPTYUSER | AUTH_TOKEN_EXPIRED)) { case 0: state = "Authenticated"; @@ -107,9 +107,9 @@ * in the encoding */ - char session_id[AUTH_TOKEN_SESSION_ID_LEN*2] = {0}; + char session_id[AUTH_TOKEN_SESSION_ID_LEN * 2] = { 0 }; memcpy(session_id, session_id_source + strlen(SESSION_ID_PREFIX), - AUTH_TOKEN_SESSION_ID_LEN*8/6); + AUTH_TOKEN_SESSION_ID_LEN * 8 / 6); setenv_str(session->opt->es, "session_id", session_id); } @@ -121,8 +121,7 @@ } void -auth_token_init_secret(struct key_ctx *key_ctx, const char *key_file, - bool key_inline) +auth_token_init_secret(struct key_ctx *key_ctx, const char *key_file, bool key_inline) { struct key_type kt = auth_token_kt(); @@ -131,14 +130,12 @@ bool key_loaded = false; if (key_file) { - key_loaded = read_pem_key_file(&server_secret_key, - auth_token_pem_name, - key_file, key_inline); + key_loaded = + read_pem_key_file(&server_secret_key, auth_token_pem_name, key_file, key_inline); } else { - key_loaded = generate_ephemeral_key(&server_secret_key, - auth_token_pem_name); + key_loaded = generate_ephemeral_key(&server_secret_key, auth_token_pem_name); } if (!key_loaded) @@ -169,7 +166,7 @@ int64_t initial_timestamp = timestamp; hmac_ctx_t *ctx = multi->opt.auth_token_key.hmac; - ASSERT(hmac_ctx_size(ctx) == 256/8); + ASSERT(hmac_ctx_size(ctx) == 256 / 8); uint8_t sessid[AUTH_TOKEN_SESSION_ID_LEN]; @@ -185,7 +182,7 @@ char *initial_token_copy = string_alloc(multi->auth_token_initial, &gc); char *old_sessid = initial_token_copy + strlen(SESSION_ID_PREFIX); - char *old_tstamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN*8/6; + char *old_tstamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN * 8 / 6; /* * We null terminate the old token just after the session ID to let @@ -197,12 +194,13 @@ memcpy(&initial_timestamp, &old_tstamp_decode, sizeof(initial_timestamp)); old_tstamp_initial[0] = '\0'; - ASSERT(openvpn_base64_decode(old_sessid, sessid, AUTH_TOKEN_SESSION_ID_LEN) == AUTH_TOKEN_SESSION_ID_LEN); + ASSERT(openvpn_base64_decode(old_sessid, sessid, AUTH_TOKEN_SESSION_ID_LEN) + == AUTH_TOKEN_SESSION_ID_LEN); } else if (!rand_bytes(sessid, AUTH_TOKEN_SESSION_ID_LEN)) { - msg( M_FATAL, "Failed to get enough randomness for " - "authentication token"); + msg(M_FATAL, "Failed to get enough randomness for " + "authentication token"); } /* Calculate the HMAC */ @@ -210,7 +208,7 @@ * with \0 in them is asking for troubles in so many ways anyway that we * ignore that corner case here */ - uint8_t hmac_output[256/8]; + uint8_t hmac_output[256 / 8]; hmac_ctx_reset(ctx); @@ -222,20 +220,20 @@ struct key_state *ks = &multi->session[TM_ACTIVE].key[KS_PRIMARY]; if (ks->auth_token_state_flags & AUTH_TOKEN_VALID_EMPTYUSER) { - hmac_ctx_update(ctx, (const uint8_t *) "", 0); + hmac_ctx_update(ctx, (const uint8_t *)"", 0); } else { - hmac_ctx_update(ctx, (uint8_t *) up->username, (int) strlen(up->username)); + hmac_ctx_update(ctx, (uint8_t *)up->username, (int)strlen(up->username)); } hmac_ctx_update(ctx, sessid, AUTH_TOKEN_SESSION_ID_LEN); - hmac_ctx_update(ctx, (uint8_t *) &initial_timestamp, sizeof(initial_timestamp)); - hmac_ctx_update(ctx, (uint8_t *) ×tamp, sizeof(timestamp)); + hmac_ctx_update(ctx, (uint8_t *)&initial_timestamp, sizeof(initial_timestamp)); + hmac_ctx_update(ctx, (uint8_t *)×tamp, sizeof(timestamp)); hmac_ctx_final(ctx, hmac_output); /* Construct the unencoded session token */ - struct buffer token = alloc_buf_gc( - 2*sizeof(uint64_t) + AUTH_TOKEN_SESSION_ID_LEN + 256/8, &gc); + struct buffer token = + alloc_buf_gc(2 * sizeof(uint64_t) + AUTH_TOKEN_SESSION_ID_LEN + 256 / 8, &gc); ASSERT(buf_write(&token, sessid, sizeof(sessid))); ASSERT(buf_write(&token, &initial_timestamp, sizeof(initial_timestamp))); @@ -245,8 +243,8 @@ char *b64output = NULL; openvpn_base64_encode(BPTR(&token), BLEN(&token), &b64output); - struct buffer session_token = alloc_buf_gc( - strlen(SESSION_ID_PREFIX) + strlen(b64output) + 1, &gc); + struct buffer session_token = + alloc_buf_gc(strlen(SESSION_ID_PREFIX) + strlen(b64output) + 1, &gc); ASSERT(buf_write(&session_token, SESSION_ID_PREFIX, strlen(SESSION_ID_PREFIX))); ASSERT(buf_write(&session_token, b64output, (int)strlen(b64output))); @@ -258,8 +256,7 @@ free(multi->auth_token); multi->auth_token = strdup((char *)BPTR(&session_token)); - dmsg(D_SHOW_KEYS, "Generated token for client: %s (%s)", - multi->auth_token, up->username); + dmsg(D_SHOW_KEYS, "Generated token for client: %s (%s)", multi->auth_token, up->username); if (!multi->auth_token_initial) { @@ -277,22 +274,21 @@ static bool check_hmac_token(hmac_ctx_t *ctx, const uint8_t *b64decoded, const char *username) { - ASSERT(hmac_ctx_size(ctx) == 256/8); + ASSERT(hmac_ctx_size(ctx) == 256 / 8); - uint8_t hmac_output[256/8]; + uint8_t hmac_output[256 / 8]; hmac_ctx_reset(ctx); - hmac_ctx_update(ctx, (uint8_t *) username, (int)strlen(username)); - hmac_ctx_update(ctx, b64decoded, TOKEN_DATA_LEN - 256/8); + hmac_ctx_update(ctx, (uint8_t *)username, (int)strlen(username)); + hmac_ctx_update(ctx, b64decoded, TOKEN_DATA_LEN - 256 / 8); hmac_ctx_final(ctx, hmac_output); - const uint8_t *hmac = b64decoded + TOKEN_DATA_LEN - 256/8; + const uint8_t *hmac = b64decoded + TOKEN_DATA_LEN - 256 / 8; return memcmp_constant_time(&hmac_output, hmac, 32) == 0; } unsigned int -verify_auth_token(struct user_pass *up, struct tls_multi *multi, - struct tls_session *session) +verify_auth_token(struct user_pass *up, struct tls_multi *multi, struct tls_session *session) { /* * Base64 is <= input and input is < USER_PASS_LEN, so using USER_PASS_LEN @@ -300,8 +296,8 @@ */ ASSERT(up && !up->protected); uint8_t b64decoded[USER_PASS_LEN]; - int decoded_len = openvpn_base64_decode(up->password + strlen(SESSION_ID_PREFIX), - b64decoded, USER_PASS_LEN); + int decoded_len = + openvpn_base64_decode(up->password + strlen(SESSION_ID_PREFIX), b64decoded, USER_PASS_LEN); /* * Ensure that the decoded data is the size of the @@ -309,8 +305,7 @@ */ if (decoded_len != TOKEN_DATA_LEN) { - msg(M_WARN, "ERROR: --auth-token wrong size (%d!=%d)", - decoded_len, (int) TOKEN_DATA_LEN); + msg(M_WARN, "ERROR: --auth-token wrong size (%d!=%d)", decoded_len, (int)TOKEN_DATA_LEN); return 0; } @@ -343,15 +338,14 @@ } else { - msg(M_WARN, "--auth-gen-token: HMAC on token from client failed (%s)", - up->username); + msg(M_WARN, "--auth-gen-token: HMAC on token from client failed (%s)", up->username); return 0; } /* Accept session tokens only if their timestamp is in the acceptable range * for renegotiations */ - bool in_renegotiation_time = now >= timestamp - && now < timestamp + 2 * session->opt->auth_token_renewal; + bool in_renegotiation_time = + now >= timestamp && now < timestamp + 2 * session->opt->auth_token_renewal; if (!in_renegotiation_time) { @@ -363,14 +357,14 @@ /* Sanity check the initial timestamp */ if (timestamp < timestamp_initial) { - msg(M_WARN, "Initial timestamp (%" PRIu64 ") in token from client earlier than " + msg(M_WARN, + "Initial timestamp (%" PRIu64 ") in token from client earlier than " "current timestamp %" PRIu64 ". Broken/unsynchronised clock?", timestamp_initial, timestamp); ret |= AUTH_TOKEN_EXPIRED; } - if (multi->opt.auth_token_lifetime - && now > timestamp_initial + multi->opt.auth_token_lifetime) + if (multi->opt.auth_token_lifetime && now > timestamp_initial + multi->opt.auth_token_lifetime) { ret |= AUTH_TOKEN_EXPIRED; } @@ -391,7 +385,7 @@ strlen(SESSION_ID_PREFIX) + AUTH_TOKEN_SESSION_ID_BASE64_LEN)) { msg(M_WARN, "--auth-gen-token: session id in token changed (Rejecting " - "token."); + "token."); ret = 0; } return ret; @@ -409,8 +403,7 @@ } if (multi->auth_token_initial) { - secure_memzero(multi->auth_token_initial, - strlen(multi->auth_token_initial)); + secure_memzero(multi->auth_token_initial, strlen(multi->auth_token_initial)); free(multi->auth_token_initial); } multi->auth_token = NULL; @@ -438,7 +431,7 @@ if (!multi->auth_token_initial) { msg(D_SHOW_KEYS, "initial auth-token not generated yet, skipping " - "auth-token renewal."); + "auth-token renewal."); return; } diff --git a/src/openvpn/auth_token.h b/src/openvpn/auth_token.h index 3d56ee6..1e4a413 100644 --- a/src/openvpn/auth_token.h +++ b/src/openvpn/auth_token.h @@ -58,27 +58,22 @@ * This function will free() an existing multi->auth_token and keep the * existing initial timestamp and session id contained in that token. */ -void -generate_auth_token(const struct user_pass *up, struct tls_multi *multi); +void generate_auth_token(const struct user_pass *up, struct tls_multi *multi); /** * Verifies the auth token to be in the format that generate_auth_token * create and checks if the token is valid. * */ -unsigned -verify_auth_token(struct user_pass *up, struct tls_multi *multi, - struct tls_session *session); - +unsigned verify_auth_token(struct user_pass *up, struct tls_multi *multi, + struct tls_session *session); /** * Loads an HMAC secret from a file or if no file is present generates a * epheremal secret for the run time of the server and stores it into ... [truncated message content] |
|
From: Gert D. <ge...@gr...> - 2025-08-04 19:42:24
|
So this patch is huge, touches almost all files, and has the potential
to sneak in "innocent" changes - which is why we have the clang-format
rules published beforehand, so whoever wants can verify that this
patch is, indeed, only the result of clang-format (checkout the
commit before that, run "clang-format -i *.c *.h", then "diff" to
the files after this commit).
This said, I have pushed it to all test instruments we have, and
everything still compiles *and tests* fine. Just to be sure.
It has a few ugly warts where the code "as it was before" did not
make it possible to apply the rules in a non-ugly way (like some
SetLastError() calls with long /* comments */ after them) - there will
be a few more commits coming that clean up these accidents, for example
by moving the comment before the line so it does not need wrapping.
Also, we'll change the setting of "ColumnLimit" to "0" in a subsequent
patch, as it turns out that the setting of "100" will also make
clang-format un-wrap some multi-line statements in most interesting
ways - so these are better left to human common sense. The limit we try
to achieve is still "80, if you can, 100, if wrapping at 80 would be more
ugly" (and we had heated discussions on which constructs are "ugly"...
as they say, the beauty lies in the eyes of the beholder).
For whatever reason, error.h, openvpnmsica.c and tapctl/main.c differ
here in function return type wrapping, but this will be addressed in
a followup patch.
Your patch has been applied to the master branch.
commit 3cca3367e6e0ffeccb8e39cb2c739d1dcb086701
Author: Frank Lichtenheld
Date: Mon Aug 4 17:18:47 2025 +0200
Reformat the whole project with clang-format
Signed-off-by: Frank Lichtenheld <fr...@li...>
Acked-by: Gert Doering <ge...@gr...>
Message-Id: <202...@gr...>
URL: https://gerrit.openvpn.net/c/openvpn/+/791
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-07-16 15:34:55
|
Attention is currently required from: cron2, ordex, plaisthos.
Hello plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/791?usp=email
to look at the new patch set (#22).
Change subject: Reformat the whole project with clang-format
......................................................................
Reformat the whole project with clang-format
Done with pre-commit run -a, so the version
defined in pre-commit config is used.
Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e
Signed-off-by: Frank Lichtenheld <fr...@li...>
---
M include/openvpn-msg.h
M sample/sample-plugins/client-connect/sample-client-connect.c
M sample/sample-plugins/defer/multi-auth.c
M sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
M sample/sample-plugins/log/log.c
M sample/sample-plugins/log/log_v3.c
M sample/sample-plugins/simple/base64.c
M sample/sample-plugins/simple/simple.c
M src/compat/compat-basename.c
M src/compat/compat-dirname.c
M src/compat/compat-gettimeofday.c
M src/openvpn/argv.c
M src/openvpn/argv.h
M src/openvpn/auth_token.c
M src/openvpn/auth_token.h
M src/openvpn/base64.c
M src/openvpn/base64.h
M src/openvpn/basic.h
M src/openvpn/buffer.c
M src/openvpn/buffer.h
M src/openvpn/circ_list.h
M src/openvpn/clinat.c
M src/openvpn/clinat.h
M src/openvpn/common.h
M src/openvpn/comp-lz4.c
M src/openvpn/comp.c
M src/openvpn/comp.h
M src/openvpn/compstub.c
M src/openvpn/console.c
M src/openvpn/console.h
M src/openvpn/console_builtin.c
M src/openvpn/console_systemd.c
M src/openvpn/crypto.c
M src/openvpn/crypto.h
M src/openvpn/crypto_backend.h
M src/openvpn/crypto_epoch.c
M src/openvpn/crypto_epoch.h
M src/openvpn/crypto_mbedtls.c
M src/openvpn/crypto_mbedtls.h
M src/openvpn/crypto_openssl.c
M src/openvpn/crypto_openssl.h
M src/openvpn/cryptoapi.c
M src/openvpn/dco.c
M src/openvpn/dco.h
M src/openvpn/dco_freebsd.c
M src/openvpn/dco_freebsd.h
M src/openvpn/dco_internal.h
M src/openvpn/dco_linux.c
M src/openvpn/dco_linux.h
M src/openvpn/dco_win.c
M src/openvpn/dco_win.h
M src/openvpn/dhcp.c
M src/openvpn/dhcp.h
M src/openvpn/dns.c
M src/openvpn/dns.h
M src/openvpn/env_set.c
M src/openvpn/env_set.h
M src/openvpn/errlevel.h
M src/openvpn/error.c
M src/openvpn/error.h
M src/openvpn/event.c
M src/openvpn/event.h
M src/openvpn/fdmisc.c
M src/openvpn/fdmisc.h
M src/openvpn/forward.c
M src/openvpn/forward.h
M src/openvpn/fragment.c
M src/openvpn/fragment.h
M src/openvpn/gremlin.c
M src/openvpn/gremlin.h
M src/openvpn/helper.c
M src/openvpn/httpdigest.c
M src/openvpn/httpdigest.h
M src/openvpn/init.c
M src/openvpn/init.h
M src/openvpn/integer.h
M src/openvpn/interval.c
M src/openvpn/interval.h
M src/openvpn/list.c
M src/openvpn/list.h
M src/openvpn/lladdr.c
M src/openvpn/lzo.c
M src/openvpn/lzo.h
M src/openvpn/manage.c
M src/openvpn/manage.h
M src/openvpn/mbedtls_compat.h
M src/openvpn/mbuf.c
M src/openvpn/mbuf.h
M src/openvpn/memdbg.h
M src/openvpn/misc.c
M src/openvpn/misc.h
M src/openvpn/mroute.c
M src/openvpn/mroute.h
M src/openvpn/mss.c
M src/openvpn/mss.h
M src/openvpn/mstats.c
M src/openvpn/mstats.h
M src/openvpn/mtcp.c
M src/openvpn/mtcp.h
M src/openvpn/mtu.c
M src/openvpn/mtu.h
M src/openvpn/mudp.c
M src/openvpn/multi.c
M src/openvpn/multi.h
M src/openvpn/multi_io.c
M src/openvpn/networking.h
M src/openvpn/networking_freebsd.c
M src/openvpn/networking_iproute2.c
M src/openvpn/networking_sitnl.c
M src/openvpn/ntlm.c
M src/openvpn/occ.c
M src/openvpn/occ.h
M src/openvpn/openssl_compat.h
M src/openvpn/openvpn.c
M src/openvpn/openvpn.h
M src/openvpn/options.c
M src/openvpn/options.h
M src/openvpn/options_util.c
M src/openvpn/options_util.h
M src/openvpn/otime.c
M src/openvpn/otime.h
M src/openvpn/ovpn_dco_freebsd.h
M src/openvpn/packet_id.c
M src/openvpn/packet_id.h
M src/openvpn/perf.c
M src/openvpn/perf.h
M src/openvpn/ping.c
M src/openvpn/ping.h
M src/openvpn/pkcs11.c
M src/openvpn/pkcs11.h
M src/openvpn/pkcs11_backend.h
M src/openvpn/pkcs11_mbedtls.c
M src/openvpn/pkcs11_openssl.c
M src/openvpn/platform.c
M src/openvpn/platform.h
M src/openvpn/plugin.c
M src/openvpn/plugin.h
M src/openvpn/pool.c
M src/openvpn/pool.h
M src/openvpn/proto.c
M src/openvpn/proto.h
M src/openvpn/proxy.c
M src/openvpn/proxy.h
M src/openvpn/ps.c
M src/openvpn/ps.h
M src/openvpn/push.c
M src/openvpn/push.h
M src/openvpn/pushlist.h
M src/openvpn/reflect_filter.c
M src/openvpn/reflect_filter.h
M src/openvpn/reliable.c
M src/openvpn/reliable.h
A src/openvpn/ring_buffer.h
M src/openvpn/route.c
M src/openvpn/route.h
M src/openvpn/run_command.c
M src/openvpn/run_command.h
M src/openvpn/schedule.c
M src/openvpn/schedule.h
M src/openvpn/session_id.h
M src/openvpn/shaper.c
M src/openvpn/shaper.h
M src/openvpn/sig.c
M src/openvpn/sig.h
M src/openvpn/socket.c
M src/openvpn/socket.h
M src/openvpn/socks.c
M src/openvpn/socks.h
M src/openvpn/ssl.c
M src/openvpn/ssl.h
M src/openvpn/ssl_backend.h
M src/openvpn/ssl_common.h
M src/openvpn/ssl_mbedtls.c
M src/openvpn/ssl_mbedtls.h
M src/openvpn/ssl_ncp.c
M src/openvpn/ssl_ncp.h
M src/openvpn/ssl_openssl.c
M src/openvpn/ssl_openssl.h
M src/openvpn/ssl_pkt.c
M src/openvpn/ssl_pkt.h
M src/openvpn/ssl_util.c
M src/openvpn/ssl_util.h
M src/openvpn/ssl_verify.c
M src/openvpn/ssl_verify.h
M src/openvpn/ssl_verify_backend.h
M src/openvpn/ssl_verify_mbedtls.c
M src/openvpn/ssl_verify_mbedtls.h
M src/openvpn/ssl_verify_openssl.c
M src/openvpn/status.c
M src/openvpn/status.h
M src/openvpn/syshead.h
M src/openvpn/tls_crypt.c
M src/openvpn/tls_crypt.h
M src/openvpn/tun.c
M src/openvpn/tun.h
M src/openvpn/tun_afunix.c
M src/openvpn/tun_afunix.h
M src/openvpn/vlan.c
M src/openvpn/vlan.h
M src/openvpn/wfp_block.c
M src/openvpn/wfp_block.h
M src/openvpn/win32-util.c
M src/openvpn/win32.c
M src/openvpn/win32.h
M src/openvpn/xkey_common.h
M src/openvpn/xkey_helper.c
M src/openvpn/xkey_provider.c
M src/openvpnmsica/dllmain.c
M src/openvpnmsica/msica_arg.c
M src/openvpnmsica/msica_arg.h
M src/openvpnmsica/msiex.c
M src/openvpnmsica/msiex.h
M src/openvpnmsica/openvpnmsica.c
M src/openvpnmsica/openvpnmsica.h
M src/openvpnserv/common.c
M src/openvpnserv/interactive.c
M src/openvpnserv/service.c
M src/openvpnserv/service.h
M src/openvpnserv/validate.c
M src/openvpnserv/validate.h
M src/plugins/auth-pam/auth-pam.c
M src/plugins/auth-pam/pamdl.c
M src/plugins/auth-pam/utils.c
M src/plugins/auth-pam/utils.h
M src/plugins/down-root/down-root.c
M src/tapctl/basic.h
M src/tapctl/error.h
M src/tapctl/main.c
M src/tapctl/tap.c
M src/tapctl/tap.h
M tests/ntlm_support.c
M tests/unit_tests/example_test/test.c
M tests/unit_tests/example_test/test2.c
M tests/unit_tests/openvpn/cert_data.h
M tests/unit_tests/openvpn/mock_management.c
M tests/unit_tests/openvpn/mock_msg.c
M tests/unit_tests/openvpn/mock_msg.h
M tests/unit_tests/openvpn/mock_ssl_dependencies.c
M tests/unit_tests/openvpn/pkey_test_utils.c
M tests/unit_tests/openvpn/test_argv.c
M tests/unit_tests/openvpn/test_auth_token.c
M tests/unit_tests/openvpn/test_buffer.c
M tests/unit_tests/openvpn/test_crypto.c
M tests/unit_tests/openvpn/test_cryptoapi.c
M tests/unit_tests/openvpn/test_misc.c
M tests/unit_tests/openvpn/test_ncp.c
M tests/unit_tests/openvpn/test_networking.c
M tests/unit_tests/openvpn/test_packet_id.c
M tests/unit_tests/openvpn/test_pkcs11.c
M tests/unit_tests/openvpn/test_pkt.c
M tests/unit_tests/openvpn/test_provider.c
M tests/unit_tests/openvpn/test_ssl.c
M tests/unit_tests/openvpn/test_tls_crypt.c
M tests/unit_tests/openvpn/test_user_pass.c
M tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
255 files changed, 11,864 insertions(+), 15,015 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/91/791/22
diff --git a/include/openvpn-msg.h b/include/openvpn-msg.h
index e0d0bb0..6e43588 100644
--- a/include/openvpn-msg.h
+++ b/include/openvpn-msg.h
@@ -27,7 +27,8 @@
#include <windef.h>
#include <ws2tcpip.h>
-typedef enum {
+typedef enum
+{
msg_acknowledgement,
msg_add_address,
msg_del_address,
@@ -51,28 +52,33 @@
msg_create_adapter
} message_type_t;
-typedef struct {
+typedef struct
+{
message_type_t type;
size_t size;
int message_id;
} message_header_t;
-typedef union {
+typedef union
+{
struct in_addr ipv4;
struct in6_addr ipv6;
} inet_address_t;
-typedef struct {
+typedef struct
+{
int index;
char name[256];
} interface_t;
-typedef enum {
- wfp_block_local = 1<<0,
- wfp_block_dns = 1<<1
+typedef enum
+{
+ wfp_block_local = 1 << 0,
+ wfp_block_dns = 1 << 1
} wfp_block_flags_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
short family;
inet_address_t address;
@@ -80,7 +86,8 @@
interface_t iface;
} address_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
short family;
inet_address_t prefix;
@@ -90,7 +97,8 @@
int metric;
} route_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
char domains[512];
@@ -100,14 +108,16 @@
} dns_cfg_message_t;
-typedef enum {
+typedef enum
+{
nrpt_dnssec
} nrpt_flags_t;
-#define NRPT_ADDR_NUM 8 /* Max. number of addresses */
+#define NRPT_ADDR_NUM 8 /* Max. number of addresses */
#define NRPT_ADDR_SIZE 48 /* Max. address strlen + some */
typedef char nrpt_address_t[NRPT_ADDR_SIZE];
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
nrpt_address_t addresses[NRPT_ADDR_NUM];
@@ -116,14 +126,16 @@
nrpt_flags_t flags;
} nrpt_dns_cfg_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
int addr_len;
inet_address_t addr[4]; /* support up to 4 dns addresses */
} wins_cfg_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
int disable_nbt;
@@ -135,41 +147,48 @@
/* TODO: NTP */
-typedef struct {
+typedef struct
+{
message_header_t header;
short family;
interface_t iface;
} flush_neighbors_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
int error_number;
} ack_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
wfp_block_flags_t flags;
interface_t iface;
} wfp_block_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
} enable_dhcp_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
short family;
int mtu;
} set_mtu_message_t;
-typedef enum {
+typedef enum
+{
ADAPTER_TYPE_DCO,
ADAPTER_TYPE_TAP,
} adapter_type_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
adapter_type_t adapter_type;
} create_adapter_message_t;
diff --git a/sample/sample-plugins/client-connect/sample-client-connect.c b/sample/sample-plugins/client-connect/sample-client-connect.c
index 18c2c6f..b180002 100644
--- a/sample/sample-plugins/client-connect/sample-client-connect.c
+++ b/sample/sample-plugins/client-connect/sample-client-connect.c
@@ -59,8 +59,9 @@
* Our context, where we keep our state.
*/
-struct plugin_context {
- int verb; /* logging verbosity */
+struct plugin_context
+{
+ int verb; /* logging verbosity */
};
/* this is used for the CLIENT_CONNECT_V2 async/deferred handler
@@ -69,8 +70,9 @@
* this, and the "CLIENT_CONNECT_DEFER_V2" handler looks at it to see
* if it's time yet to succeed/fail
*/
-struct plugin_per_client_context {
- time_t sleep_until; /* wakeup time (time() + sleep) */
+struct plugin_per_client_context
+{
+ time_t sleep_until; /* wakeup time (time() + sleep) */
bool want_fail;
bool want_disable;
const char *client_config;
@@ -119,8 +121,7 @@
/* use v3 functions so we can use openvpn's logging and base64 etc. */
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
/* const char **argv = args->argv; */ /* command line arguments (unused) */
@@ -129,7 +130,9 @@
/* Check API compatibility -- struct version 5 or higher needed */
if (v3structver < 5)
{
- fprintf(stderr, "sample-client-connect: this plugin is incompatible with the running version of OpenVPN\n");
+ fprintf(
+ stderr,
+ "sample-client-connect: this plugin is incompatible with the running version of OpenVPN\n");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -145,18 +148,17 @@
/*
* Intercept just about everything...
*/
- ret->type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
/* Save global pointers to functions exported from openvpn */
plugin_log = args->callbacks->plugin_log;
@@ -168,7 +170,7 @@
*/
context->verb = atoi_null0(get_env("verb", envp));
- ret->handle = (openvpn_plugin_handle_t *) context;
+ ret->handle = (openvpn_plugin_handle_t *)context;
plugin_log(PLOG_NOTE, MODULE, "initialization succeeded");
return OPENVPN_PLUGIN_FUNC_SUCCESS;
@@ -244,8 +246,10 @@
const char *ccd_file = get_env("client_connect_deferred_file", envp);
if (!ccd_file)
{
- plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC_ASYNC=%d, but "
- "'client_connect_deferred_file' not set -> fail", seconds);
+ plugin_log(PLOG_NOTE, MODULE,
+ "env has UV_WANT_CC_ASYNC=%d, but "
+ "'client_connect_deferred_file' not set -> fail",
+ seconds);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -259,13 +263,13 @@
int fd = open(ccd_file, O_WRONLY);
if (fd < 0)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
if (write(fd, "2", 1) != 1)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file );
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file);
close(fd);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -279,11 +283,11 @@
/* fork, sleep, succeed/fail according to env vars */
pid_t p1 = fork();
- if (p1 < 0) /* Fork failed */
+ if (p1 < 0) /* Fork failed */
{
return OPENVPN_PLUGIN_FUNC_ERROR;
}
- if (p1 > 0) /* parent process */
+ if (p1 > 0) /* parent process */
{
waitpid(p1, NULL, 0);
return OPENVPN_PLUGIN_FUNC_DEFERRED;
@@ -293,10 +297,10 @@
pid_t p2 = fork();
if (p2 < 0)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "BACKGROUND: fork(2) failed");
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "BACKGROUND: fork(2) failed");
exit(1);
}
- if (p2 > 0) /* new parent: exit right away */
+ if (p2 > 0) /* new parent: exit right away */
{
exit(0);
}
@@ -326,16 +330,16 @@
fd = open(ccd_file, O_WRONLY);
if (fd < 0)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
exit(1);
}
plugin_log(PLOG_NOTE, MODULE, "cc_handle_deferred_v1: done, signalling %s",
- (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "success" : "fail" );
+ (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "success" : "fail");
if (write(fd, (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "1" : "0", 1) != 1)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file );
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file);
}
close(fd);
@@ -343,14 +347,12 @@
}
int
-openvpn_plugin_client_connect(struct plugin_context *context,
- const char **argv,
- const char **envp)
+openvpn_plugin_client_connect(struct plugin_context *context, const char **argv, const char **envp)
{
/* log environment variables handed to us by OpenVPN, but
* only if "setenv verb" is 3 or higher (arbitrary number)
*/
- if (context->verb>=3)
+ if (context->verb >= 3)
{
for (int i = 0; argv[i]; i++)
{
@@ -391,8 +393,7 @@
int
openvpn_plugin_client_connect_v2(struct plugin_context *context,
- struct plugin_per_client_context *pcc,
- const char **envp,
+ struct plugin_per_client_context *pcc, const char **envp,
struct openvpn_plugin_string_list **return_list)
{
/* by setting "UV_WANT_CC2_ASYNC" we go to async/deferred mode */
@@ -422,7 +423,8 @@
pcc->want_fail = (want_fail != NULL);
pcc->want_disable = (want_disable != NULL);
pcc->client_config = client_config;
- plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_ASYNC=%s -> set up deferred handler", want_async);
+ plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_ASYNC=%s -> set up deferred handler",
+ want_async);
return OPENVPN_PLUGIN_FUNC_DEFERRED;
}
@@ -433,8 +435,7 @@
return OPENVPN_PLUGIN_FUNC_ERROR;
}
- struct openvpn_plugin_string_list *rl =
- calloc(1, sizeof(struct openvpn_plugin_string_list));
+ struct openvpn_plugin_string_list *rl = calloc(1, sizeof(struct openvpn_plugin_string_list));
if (!rl)
{
plugin_log(PLOG_ERR, MODULE, "malloc(return_list) failed");
@@ -468,12 +469,10 @@
int
openvpn_plugin_client_connect_defer_v2(struct plugin_context *context,
struct plugin_per_client_context *pcc,
- struct openvpn_plugin_string_list
- **return_list)
+ struct openvpn_plugin_string_list **return_list)
{
time_t time_left = pcc->sleep_until - time(NULL);
- plugin_log(PLOG_NOTE, MODULE, "defer_v2: seconds left=%d",
- (int) time_left);
+ plugin_log(PLOG_NOTE, MODULE, "defer_v2: seconds left=%d", (int)time_left);
/* not yet due? */
if (time_left > 0)
@@ -484,15 +483,14 @@
/* client wants fail? */
if (pcc->want_fail)
{
- plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_FAIL -> fail" );
+ plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_FAIL -> fail");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
/* fill in RL according to with-disable / without-disable */
/* TODO: unify this with non-deferred case */
- struct openvpn_plugin_string_list *rl =
- calloc(1, sizeof(struct openvpn_plugin_string_list));
+ struct openvpn_plugin_string_list *rl = calloc(1, sizeof(struct openvpn_plugin_string_list));
if (!rl)
{
plugin_log(PLOG_ERR, MODULE, "malloc(return_list) failed");
@@ -524,15 +522,12 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v2(openvpn_plugin_handle_t handle,
- const int type,
- const char *argv[],
- const char *envp[],
- void *per_client_context,
+openvpn_plugin_func_v2(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[], void *per_client_context,
struct openvpn_plugin_string_list **return_list)
{
- struct plugin_context *context = (struct plugin_context *) handle;
- struct plugin_per_client_context *pcc = (struct plugin_per_client_context *) per_client_context;
+ struct plugin_context *context = (struct plugin_context *)handle;
+ struct plugin_per_client_context *pcc = (struct plugin_per_client_context *)per_client_context;
/* for most functions, we just "don't do anything" but log the
* event received (so one can follow it in the log and understand
@@ -566,13 +561,11 @@
case OPENVPN_PLUGIN_CLIENT_CONNECT_V2:
plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_CONNECT_V2");
- return openvpn_plugin_client_connect_v2(context, pcc, envp,
- return_list);
+ return openvpn_plugin_client_connect_v2(context, pcc, envp, return_list);
case OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2:
plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2");
- return openvpn_plugin_client_connect_defer_v2(context, pcc,
- return_list);
+ return openvpn_plugin_client_connect_defer_v2(context, pcc, return_list);
case OPENVPN_PLUGIN_CLIENT_DISCONNECT:
plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_DISCONNECT");
@@ -609,7 +602,7 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
printf("FUNC: openvpn_plugin_close_v1\n");
free(context);
}
diff --git a/sample/sample-plugins/defer/multi-auth.c b/sample/sample-plugins/defer/multi-auth.c
index 38db07f..9f98391 100644
--- a/sample/sample-plugins/defer/multi-auth.c
+++ b/sample/sample-plugins/defer/multi-auth.c
@@ -63,7 +63,8 @@
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
int test_deferred_auth;
char *authid;
char *test_valid_user;
@@ -104,11 +105,12 @@
* structver '5' here to indicate a desire for modern openvpn, rather
* than a need for any particular feature found in structver beyond '1'.
*/
-#define OPENVPN_PLUGIN_VERSION_MIN 3
+#define OPENVPN_PLUGIN_VERSION_MIN 3
#define OPENVPN_PLUGIN_STRUCTVER_MIN 5
-struct plugin_per_client_context {
+struct plugin_per_client_context
+{
int n_calls;
bool generated_pf_file;
};
@@ -177,13 +179,13 @@
/* use v3 functions so we can use openvpn's logging and base64 etc. */
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
if (v3structver < OPENVPN_PLUGIN_STRUCTVER_MIN)
{
- fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", MODULE);
+ fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n",
+ MODULE);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -196,7 +198,7 @@
* Allocate our context
*/
struct plugin_context *context = NULL;
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (!context)
{
goto error;
@@ -240,7 +242,7 @@
* Which callbacks to intercept.
*/
ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY);
- ret->handle = (openvpn_plugin_handle_t *) context;
+ ret->handle = (openvpn_plugin_handle_t *)context;
plog(context, PLOG_NOTE, "initialization succeeded");
return OPENVPN_PLUGIN_FUNC_SUCCESS;
@@ -255,29 +257,22 @@
}
static bool
-do_auth_user_pass(struct plugin_context *context,
- const char *username, const char *password)
+do_auth_user_pass(struct plugin_context *context, const char *username, const char *password)
{
- plog(context, PLOG_NOTE,
- "expect_user=%s, received_user=%s, expect_passw=%s, received_passw=%s",
- np(context->test_valid_user),
- np(username),
- np(context->test_valid_pass),
- np(password));
+ plog(context, PLOG_NOTE, "expect_user=%s, received_user=%s, expect_passw=%s, received_passw=%s",
+ np(context->test_valid_user), np(username), np(context->test_valid_pass), np(password));
if (context->test_valid_user && context->test_valid_pass)
{
if ((strcmp(context->test_valid_user, username) != 0)
|| (strcmp(context->test_valid_pass, password) != 0))
{
- plog(context, PLOG_ERR,
- "User/Password auth result: FAIL");
+ plog(context, PLOG_ERR, "User/Password auth result: FAIL");
return false;
}
else
{
- plog(context, PLOG_NOTE,
- "User/Password auth result: PASS");
+ plog(context, PLOG_NOTE, "User/Password auth result: PASS");
return true;
}
}
@@ -286,8 +281,7 @@
static int
-auth_user_pass_verify(struct plugin_context *context,
- struct plugin_per_client_context *pcc,
+auth_user_pass_verify(struct plugin_context *context, struct plugin_per_client_context *pcc,
const char *argv[], const char *envp[])
{
/* get username/password from envp string array */
@@ -297,8 +291,8 @@
if (!context->test_deferred_auth)
{
plog(context, PLOG_NOTE, "Direct authentication");
- return do_auth_user_pass(context, username, password) ?
- OPENVPN_PLUGIN_FUNC_SUCCESS : OPENVPN_PLUGIN_FUNC_ERROR;
+ return do_auth_user_pass(context, username, password) ? OPENVPN_PLUGIN_FUNC_SUCCESS
+ : OPENVPN_PLUGIN_FUNC_ERROR;
}
/* get auth_control_file filename from envp string array*/
@@ -319,11 +313,11 @@
/* fork, sleep, succeed (no "real" auth done = always succeed) */
pid_t p1 = fork();
- if (p1 < 0) /* Fork failed */
+ if (p1 < 0) /* Fork failed */
{
return OPENVPN_PLUGIN_FUNC_ERROR;
}
- if (p1 > 0) /* parent process */
+ if (p1 > 0) /* parent process */
{
waitpid(p1, NULL, 0);
return OPENVPN_PLUGIN_FUNC_DEFERRED;
@@ -333,11 +327,11 @@
pid_t p2 = fork();
if (p2 < 0)
{
- plog(context, PLOG_ERR|PLOG_ERRNO, "BACKGROUND: fork(2) failed");
+ plog(context, PLOG_ERR | PLOG_ERRNO, "BACKGROUND: fork(2) failed");
exit(1);
}
- if (p2 != 0) /* new parent: exit right away */
+ if (p2 != 0) /* new parent: exit right away */
{
exit(0);
}
@@ -350,15 +344,14 @@
/* do mighty complicated work that will really take time here... */
plog(context, PLOG_NOTE, "in async/deferred handler, usleep(%d)",
- context->test_deferred_auth*1000);
- usleep(context->test_deferred_auth*1000);
+ context->test_deferred_auth * 1000);
+ usleep(context->test_deferred_auth * 1000);
/* now signal success state to openvpn */
int fd = open(auth_control_file, O_WRONLY);
if (fd < 0)
{
- plog(context, PLOG_ERR|PLOG_ERRNO,
- "open('%s') failed", auth_control_file);
+ plog(context, PLOG_ERR | PLOG_ERRNO, "open('%s') failed", auth_control_file);
exit(1);
}
@@ -370,7 +363,7 @@
if (write(fd, result, 1) != 1)
{
- plog(context, PLOG_ERR|PLOG_ERRNO, "write to '%s' failed", auth_control_file );
+ plog(context, PLOG_ERR | PLOG_ERRNO, "write to '%s' failed", auth_control_file);
}
close(fd);
@@ -379,19 +372,20 @@
OPENVPN_EXPORT int
-openvpn_plugin_func_v3(const int v3structver,
- struct openvpn_plugin_args_func_in const *args,
+openvpn_plugin_func_v3(const int v3structver, struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *ret)
{
if (v3structver < OPENVPN_PLUGIN_STRUCTVER_MIN)
{
- fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", MODULE);
+ fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n",
+ MODULE);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
const char **argv = args->argv;
const char **envp = args->envp;
- struct plugin_context *context = (struct plugin_context *) args->handle;
- struct plugin_per_client_context *pcc = (struct plugin_per_client_context *) args->per_client_context;
+ struct plugin_context *context = (struct plugin_context *)args->handle;
+ struct plugin_per_client_context *pcc =
+ (struct plugin_per_client_context *)args->per_client_context;
switch (args->type)
{
case OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY:
@@ -407,7 +401,7 @@
OPENVPN_EXPORT void *
openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_constructor_v1");
return calloc(1, sizeof(struct plugin_per_client_context));
}
@@ -415,7 +409,7 @@
OPENVPN_EXPORT void
openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *per_client_context)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_destructor_v1");
free(per_client_context);
}
@@ -423,7 +417,7 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_close_v1");
free(context);
}
diff --git a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
index cc256dd..137cf20 100644
--- a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
+++ b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
@@ -38,22 +38,25 @@
#define MAXPATH 1024
#endif
-#define ovpn_err(fmt, ...) \
- plugin->log(PLOG_ERR, "SSO", fmt, ## __VA_ARGS__)
-#define ovpn_dbg(fmt, ...) \
- plugin->log(PLOG_DEBUG, "SSO", fmt, ## __VA_ARGS__)
-#define ovpn_note(fmt, ...) \
- plugin->log(PLOG_NOTE, "SSO", fmt, ## __VA_ARGS__)
+#define ovpn_err(fmt, ...) plugin->log(PLOG_ERR, "SSO", fmt, ##__VA_ARGS__)
+#define ovpn_dbg(fmt, ...) plugin->log(PLOG_DEBUG, "SSO", fmt, ##__VA_ARGS__)
+#define ovpn_note(fmt, ...) plugin->log(PLOG_NOTE, "SSO", fmt, ##__VA_ARGS__)
-enum endpoint { CLIENT = 1, SERVER = 2 };
+enum endpoint
+{
+ CLIENT = 1,
+ SERVER = 2
+};
-struct plugin {
+struct plugin
+{
plugin_log_t log;
enum endpoint type;
int mask;
};
-struct session {
+struct session
+{
char user[48];
char key[48];
};
@@ -87,8 +90,7 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int version,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int version, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *rv)
{
struct plugin *plugin = calloc(1, sizeof(*plugin));
@@ -100,9 +102,9 @@
}
plugin->type = get_env("remote_1", args->envp) ? CLIENT : SERVER;
- plugin->log = args->callbacks->plugin_log;
+ plugin->log = args->callbacks->plugin_log;
- plugin->mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ plugin->mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
plugin->mask |= OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY);
ovpn_note("vpn endpoint type=%s", plugin->type == CLIENT ? "client" : "server");
@@ -165,8 +167,8 @@
static int
tls_verify(struct openvpn_plugin_args_func_in const *args)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
/* we store cert subject for the server end point only */
if (plugin->type != SERVER)
@@ -201,8 +203,8 @@
static void
server_store(struct openvpn_plugin_args_func_in const *args)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
char file[MAXPATH];
snprintf(file, sizeof(file) - 1, "/tmp/openvpn_sso_%s", sess->key);
@@ -213,8 +215,8 @@
static void
client_store(struct openvpn_plugin_args_func_in const *args)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
char *file = "/tmp/openvpn_sso_user";
ovpn_note("app session file: %s", file);
@@ -225,8 +227,8 @@
tls_final(struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *rv)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
const char *key;
if (!(key = get_env("exported_keying_material", args->envp)))
@@ -253,8 +255,7 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v3(const int version,
- struct openvpn_plugin_args_func_in const *args,
+openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *rv)
{
switch (args->type)
@@ -272,7 +273,7 @@
openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
{
struct plugin *plugin = (struct plugin *)handle;
- struct session *sess = calloc(1, sizeof(*sess));
+ struct session *sess = calloc(1, sizeof(*sess));
ovpn_note("app session created");
@@ -283,7 +284,7 @@
openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *ctx)
{
struct plugin *plugin = (struct plugin *)handle;
- struct session *sess = (struct session *)ctx;
+ struct session *sess = (struct session *)ctx;
ovpn_note("app session key: %s", sess->key);
ovpn_note("app session destroyed");
diff --git a/sample/sample-plugins/log/log.c b/sample/sample-plugins/log/log.c
index 82595cf..0a96c63 100644
--- a/sample/sample-plugins/log/log.c
+++ b/sample/sample-plugins/log/log.c
@@ -37,7 +37,8 @@
/*
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
const char *username;
const char *password;
};
@@ -77,7 +78,7 @@
/*
* Allocate our context
*/
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (context == NULL)
{
printf("PLUGIN: allocating memory for context failed\n");
@@ -93,19 +94,17 @@
/*
* Which callbacks to intercept.
*/
- *type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
- return (openvpn_plugin_handle_t) context;
+ return (openvpn_plugin_handle_t)context;
}
void
@@ -173,9 +172,10 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
+openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[])
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
show(type, argv, envp);
@@ -186,8 +186,8 @@
const char *username = get_env("username", envp);
const char *password = get_env("password", envp);
- if (username && !strcmp(username, context->username)
- && password && !strcmp(password, context->password))
+ if (username && !strcmp(username, context->username) && password
+ && !strcmp(password, context->password))
{
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -205,6 +205,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/sample/sample-plugins/log/log_v3.c b/sample/sample-plugins/log/log_v3.c
index c90cc3d..7da49c7 100644
--- a/sample/sample-plugins/log/log_v3.c
+++ b/sample/sample-plugins/log/log_v3.c
@@ -40,7 +40,8 @@
/*
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
const char *username;
const char *password;
};
@@ -73,8 +74,7 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
struct plugin_context *context = NULL;
@@ -82,7 +82,8 @@
/* Check that we are API compatible */
if (v3structver != OPENVPN_PLUGINv3_STRUCTVER)
{
- printf("log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
+ printf(
+ "log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -93,26 +94,24 @@
}
/* Print some version information about the OpenVPN process using this plug-in */
- printf("log_v3: OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n",
- args->ovpn_version, args->ovpn_version_major,
- args->ovpn_version_minor, args->ovpn_version_patch);
+ printf("log_v3: OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n", args->ovpn_version,
+ args->ovpn_version_major, args->ovpn_version_minor, args->ovpn_version_patch);
/* Which callbacks to intercept. */
- ret->type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
/* Allocate our context */
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (context == NULL)
{
printf("PLUGIN: allocating memory for context failed\n");
@@ -124,7 +123,7 @@
context->password = "bar";
/* Point the global context handle to our newly created context */
- ret->handle = (void *) context;
+ ret->handle = (void *)context;
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -245,13 +244,11 @@
}
-
OPENVPN_EXPORT int
-openvpn_plugin_func_v3(const int version,
- struct openvpn_plugin_args_func_in const *args,
+openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *retptr)
{
- struct plugin_context *context = (struct plugin_context *) args->handle;
+ struct plugin_context *context = (struct plugin_context *)args->handle;
printf("\nopenvpn_plugin_func_v3() :::::>> ");
show(args->type, args->argv, args->envp);
@@ -272,8 +269,8 @@
const char *username = get_env("username", args->envp);
const char *password = get_env("password", args->envp);
- if (username && !strcmp(username, context->username)
- && password && !strcmp(password, context->password))
+ if (username && !strcmp(username, context->username) && password
+ && !strcmp(password, context->password))
{
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -291,6 +288,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/sample/sample-plugins/simple/base64.c b/sample/sample-plugins/simple/base64.c
index 6855966..5b2cff5 100644
--- a/sample/sample-plugins/simple/base64.c
+++ b/sample/sample-plugins/simple/base64.c
@@ -100,21 +100,20 @@
*
*/
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
/* Check that we are API compatible */
if (v3structver != OPENVPN_PLUGINv3_STRUCTVER)
{
- printf("base64.c: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
+ printf(
+ "base64.c: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
/* Which callbacks to intercept. */
- ret->type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2);
+ ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2);
/* we don't need a plug-in context in this example, but OpenVPN expects "something" */
ret->handle = calloc(1, 1);
@@ -127,8 +126,8 @@
/* Print some version information about the OpenVPN process using this plug-in */
ovpn_log(PLOG_NOTE, PLUGIN_NAME, "OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n",
- args->ovpn_version, args->ovpn_version_major,
- args->ovpn_version_minor, args->ovpn_version_patch);
+ args->ovpn_version, args->ovpn_version_major, args->ovpn_version_minor,
+ args->ovpn_version_patch);
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -156,10 +155,10 @@
*/
OPENVPN_EXPORT int
-openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
+openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[])
{
- if (type != OPENVPN_PLUGIN_TLS_VERIFY
- && type != OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ if (type != OPENVPN_PLUGIN_TLS_VERIFY && type != OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
{
ovpn_log(PLOG_ERR, PLUGIN_NAME, "Unsupported plug-in hook call attempted");
return OPENVPN_PLUGIN_FUNC_ERROR;
@@ -176,14 +175,13 @@
/* test the BASE64 encode function */
char *buf = NULL;
int r = ovpn_base64_encode(clcert_cn, strlen(clcert_cn), &buf);
- ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 encoded '%s' (return value %i): '%s'",
- clcert_cn, r, buf);
+ ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 encoded '%s' (return value %i): '%s'", clcert_cn, r,
+ buf);
/* test the BASE64 decode function */
- char buf2[256] = {0};
+ char buf2[256] = { 0 };
r = ovpn_base64_decode(buf, &buf2, 255);
- ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 decoded '%s' (return value %i): '%s'",
- buf, r, buf2);
+ ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 decoded '%s' (return value %i): '%s'", buf, r, buf2);
/* Verify the result, and free the buffer allocated by ovpn_base64_encode() */
r = strcmp(clcert_cn, buf2);
@@ -203,6 +201,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/sample/sample-plugins/simple/simple.c b/sample/sample-plugins/simple/simple.c
index e17f3fa..2666e2f 100644
--- a/sample/sample-plugins/simple/simple.c
+++ b/sample/sample-plugins/simple/simple.c
@@ -39,7 +39,8 @@
/*
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
const char *username;
const char *password;
};
@@ -79,7 +80,7 @@
/*
* Allocate our context
*/
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (context == NULL)
{
printf("PLUGIN: allocating memory for context failed\n");
@@ -98,21 +99,22 @@
*/
*type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY);
- return (openvpn_plugin_handle_t) context;
+ return (openvpn_plugin_handle_t)context;
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
+openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[])
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
/* get username/password from envp string array */
const char *username = get_env("username", envp);
const char *password = get_env("password", envp);
/* check entered username/password against what we require */
- if (username && !strcmp(username, context->username)
- && password && !strcmp(password, context->password))
+ if (username && !strcmp(username, context->username) && password
+ && !strcmp(password, context->password))
{
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -125,6 +127,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/src/compat/compat-basename.c b/src/compat/compat-basename.c
index abb4f49..ea8bfbb 100644
--- a/src/compat/compat-basename.c
+++ b/src/compat/compat-basename.c
@@ -42,7 +42,7 @@
/* If NULL, check for \ instead ... might be Windows a path */
p = strrchr(filename, '\\');
}
- return p ? p + 1 : (char *) filename;
+ return p ? p + 1 : (char *)filename;
}
#endif /* HAVE_BASENAME */
diff --git a/src/compat/compat-dirname.c b/src/compat/compat-dirname.c
index c131dee..527f252 100644
--- a/src/compat/compat-dirname.c
+++ b/src/compat/compat-dirname.c
@@ -90,7 +90,7 @@
/* The '/' is the last character, we have to look further. */
if (runp != path)
{
- last_slash = (char *) __memrchr(path, separator, runp - path);
+ last_slash = (char *)__memrchr(path, separator, runp - path);
}
}
@@ -135,7 +135,7 @@
/* This assignment is ill-designed but the XPG specs require to
* return a string containing "." in any case no directory part is
* found and so a static and constant string is required. */
- path = (char *) dot;
+ path = (char *)dot;
}
return path;
diff --git a/src/compat/compat-gettimeofday.c b/src/compat/compat-gettimeofday.c
index 997f360..23b5734 100644
--- a/src/compat/compat-gettimeofday.c
+++ b/src/compat/compat-gettimeofday.c
@@ -49,7 +49,7 @@
{
const time_t t = time(NULL);
const DWORD gtc = GetTickCount();
- gtc_base = t - gtc/1000;
+ gtc_base = t - gtc / 1000;
gtc_last = gtc;
}
@@ -113,7 +113,7 @@
return 0;
}
-#else /* ifdef _WIN32 */
+#else /* ifdef _WIN32 */
#include <time.h>
diff --git a/src/openvpn/argv.c b/src/openvpn/argv.c
index 95215c0..78d37c7 100644
--- a/src/openvpn/argv.c
+++ b/src/openvpn/argv.c
@@ -285,8 +285,7 @@
* free()d to avoid memory leaks.
*/
static char *
-argv_prep_format(const char *format, const char delim, size_t *count,
- struct gc_arena *gc)
+argv_prep_format(const char *format, const char delim, size_t *count, struct gc_arena *gc)
{
if (format == NULL)
{
@@ -312,7 +311,7 @@
* the string is empty; the resulting format string
* will never start with a delimiter.
*/
- if (j > 0) /* Has anything been written to the output string? */
+ if (j > 0) /* Has anything been written to the output string? */
{
f[j++] = delim;
}
@@ -348,7 +347,7 @@
static bool
argv_printf_arglist(struct argv *argres, const char *format, va_list arglist)
{
- const char delim = 0x1D; /* ASCII Group Separator (GS) */
+ const char delim = 0x1D; /* ASCII Group Separator (GS) */
bool res = false;
/*
@@ -485,8 +484,8 @@
argv_reset(argres);
char *parms[MAX_PARMS + 1] = { 0 };
- int nparms = parse_line(cmdstr, parms, MAX_PARMS, "SCRIPT-ARGV", 0,
- D_ARGV_PARSE_CMD, &argres->gc);
+ int nparms =
+ parse_line(cmdstr, parms, MAX_PARMS, "SCRIPT-ARGV", 0, D_ARGV_PARSE_CMD, &argres->gc);
if (nparms)
{
int i;
diff --git a/src/openvpn/argv.h b/src/openvpn/argv.h
index 098a1cb..9aaa55b 100644
--- a/src/openvpn/argv.h
+++ b/src/openvpn/argv.h
@@ -32,7 +32,8 @@
#include "buffer.h"
-struct argv {
+struct argv
+{
struct gc_arena gc;
size_t capacity;
size_t argc;
@@ -56,21 +57,21 @@
bool argv_printf(struct argv *a, const char *format, ...)
#ifdef __GNUC__
#if __USE_MINGW_ANSI_STDIO
-__attribute__ ((format(gnu_printf, 2, 3)))
+ __attribute__((format(gnu_printf, 2, 3)))
#else
-__attribute__ ((format(__printf__, 2, 3)))
+ __attribute__((format(__printf__, 2, 3)))
#endif
#endif
-;
+ ;
bool argv_printf_cat(struct argv *a, const char *format, ...)
#ifdef __GNUC__
#if __USE_MINGW_ANSI_STDIO
-__attribute__ ((format(gnu_printf, 2, 3)))
+ __attribute__((format(gnu_printf, 2, 3)))
#else
-__attribute__ ((format(__printf__, 2, 3)))
+ __attribute__((format(__printf__, 2, 3)))
#endif
#endif
-;
+ ;
#endif /* ifndef ARGV_H */
diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c
index 3cf55e8..a694e81 100644
--- a/src/openvpn/auth_token.c
+++ b/src/openvpn/auth_token.c
@@ -18,7 +18,7 @@
const char *auth_token_pem_name = "OpenVPN auth-token server key";
-#define AUTH_TOKEN_SESSION_ID_LEN 12
+#define AUTH_TOKEN_SESSION_ID_LEN 12
#define AUTH_TOKEN_SESSION_ID_BASE64_LEN (AUTH_TOKEN_SESSION_ID_LEN * 8 / 6)
#if AUTH_TOKEN_SESSION_ID_LEN % 3
@@ -53,7 +53,7 @@
}
else if (auth_token_state_flags & AUTH_TOKEN_HMAC_OK)
{
- switch (auth_token_state_flags & (AUTH_TOKEN_VALID_EMPTYUSER|AUTH_TOKEN_EXPIRED))
+ switch (auth_token_state_flags & (AUTH_TOKEN_VALID_EMPTYUSER | AUTH_TOKEN_EXPIRED))
{
case 0:
state = "Authenticated";
@@ -107,9 +107,9 @@
* in the encoding
*/
- char session_id[AUTH_TOKEN_SESSION_ID_LEN*2] = {0};
+ char session_id[AUTH_TOKEN_SESSION_ID_LEN * 2] = { 0 };
memcpy(session_id, session_id_source + strlen(SESSION_ID_PREFIX),
- AUTH_TOKEN_SESSION_ID_LEN*8/6);
+ AUTH_TOKEN_SESSION_ID_LEN * 8 / 6);
setenv_str(session->opt->es, "session_id", session_id);
}
@@ -121,8 +121,7 @@
}
void
-auth_token_init_secret(struct key_ctx *key_ctx, const char *key_file,
- bool key_inline)
+auth_token_init_secret(struct key_ctx *key_ctx, const char *key_file, bool key_inline)
{
struct key_type kt = auth_token_kt();
@@ -131,14 +130,12 @@
bool key_loaded = false;
if (key_file)
{
- key_loaded = read_pem_key_file(&server_secret_key,
- auth_token_pem_name,
- key_file, key_inline);
+ key_loaded =
+ read_pem_key_file(&server_secret_key, auth_token_pem_name, key_file, key_inline);
}
else
{
- key_loaded = generate_ephemeral_key(&server_secret_key,
- auth_token_pem_name);
+ key_loaded = generate_ephemeral_key(&server_secret_key, auth_token_pem_name);
}
if (!key_loaded)
@@ -169,7 +166,7 @@
int64_t initial_timestamp = timestamp;
hmac_ctx_t *ctx = multi->opt.auth_token_key.hmac;
- ASSERT(hmac_ctx_size(ctx) == 256/8);
+ ASSERT(hmac_ctx_size(ctx) == 256 / 8);
uint8_t sessid[AUTH_TOKEN_SESSION_ID_LEN];
@@ -185,7 +182,7 @@
char *initial_token_copy = string_alloc(multi->auth_token_initial, &gc);
char *old_sessid = initial_token_copy + strlen(SESSION_ID_PREFIX);
- char *old_tstamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN*8/6;
+ char *old_tstamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN * 8 / 6;
/*
* We null terminate the old token just after the session ID to let
@@ -197,12 +194,13 @@
memcpy(&initial_timestamp, &old_tstamp_decode, sizeof(initial_timestamp));
old_tstamp_initial[0] = '\0';
- ASSERT(openvpn_base64_decode(old_sessid, sessid, AUTH_TOKEN_SESSION_ID_LEN) == AUTH_TOKEN_SESSION_ID_LEN);
+ ASSERT(openvpn_base64_decode(old_sessid, sessid, AUTH_TOKEN_SESSION_ID_LEN)
+ == AUTH_TOKEN_SESSION_ID_LEN);
}
else if (!rand_bytes(sessid, AUTH_TOKEN_SESSION_ID_LEN))
{
- msg( M_FATAL, "Failed to get enough randomness for "
- "authentication token");
+ msg(M_FATAL, "Failed to get enough randomness for "
+ "authentication token");
}
/* Calculate the HMAC */
@@ -210,7 +208,7 @@
* with \0 in them is asking for troubles in so many ways anyway that we
* ignore that corner case here
*/
- uint8_t hmac_output[256/8];
+ uint8_t hmac_output[256 / 8];
hmac_ctx_reset(ctx);
@@ -222,20 +220,20 @@
struct key_state *ks = &multi->session[TM_ACTIVE].key[KS_PRIMARY];
if (ks->auth_token_state_flags & AUTH_TOKEN_VALID_EMPTYUSER)
{
- hmac_ctx_update(ctx, (const uint8_t *) "", 0);
+ hmac_ctx_update(ctx, (const uint8_t *)"", 0);
}
else
{
- hmac_ctx_update(ctx, (uint8_t *) up->username, (int) strlen(up->username));
+ hmac_ctx_update(ctx, (uint8_t *)up->username, (int)strlen(up->username));
}
hmac_ctx_update(ctx, sessid, AUTH_TOKEN_SESSION_ID_LEN);
- hmac_ctx_update(ctx, (uint8_t *) &initial_timestamp, sizeof(initial_timestamp));
- hmac_ctx_update(ctx, (uint8_t *) ×tamp, sizeof(timestamp));
+ hmac_ctx_update(ctx, (uint8_t *)&initial_timestamp, sizeof(initial_timestamp));
+ hmac_ctx_update(ctx, (uint8_t *)×tamp, sizeof(timestamp));
hmac_ctx_final(ctx, hmac_output);
/* Construct the unencoded session token */
- struct buffer token = alloc_buf_gc(
- 2*sizeof(uint64_t) + AUTH_TOKEN_SESSION_ID_LEN + 256/8, &gc);
+ struct buffer token =
+ alloc_buf_gc(2 * sizeof(uint64_t) + AUTH_TOKEN_SESSION_ID_LEN + 256 / 8, &gc);
ASSERT(buf_write(&token, sessid, sizeof(sessid)));
ASSERT(buf_write(&token, &initial_timestamp, sizeof(initial_timestamp)));
@@ -245,8 +243,8 @@
char *b64output = NULL;
openvpn_base64_encode(BPTR(&token), BLEN(&token), &b64output);
- struct buffer session_token = alloc_buf_gc(
- strlen(SESSION_ID_PREFIX) + strlen(b64output) + 1, &gc);
+ struct buffer session_token =
+ alloc_buf_gc(strlen(SESSION_ID_PREFIX) + strlen(b64output) + 1, &gc);
ASSERT(buf_write(&session_token, SESSION_ID_PREFIX, strlen(SESSION_ID_PREFIX)));
ASSERT(buf_write(&session_token, b64output, (int)strlen(b64output)));
@@ -258,8 +256,7 @@
free(multi->auth_token);
multi->auth_token = strdup((char *)BPTR(&session_token));
- dmsg(D_SHOW_KEYS, "Generated token for client: %s (%s)",
- multi->auth_token, up->username);
+ dmsg(D_SHOW_KEYS, "Generated token for client: %s (%s)", multi->auth_token, up->username);
if (!multi->auth_token_initial)
{
@@ -277,22 +274,21 @@
static bool
check_hmac_token(hmac_ctx_t *ctx, const uint8_t *b64decoded, const char ...
[truncated message content] |
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-08-04 11:19:05
|
Attention is currently required from: cron2, ordex, plaisthos.
Hello plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/791?usp=email
to look at the new patch set (#23).
Change subject: Reformat the whole project with clang-format
......................................................................
Reformat the whole project with clang-format
Done with pre-commit run -a, so the version
defined in pre-commit config is used.
This also changes the Github workflow so that
there is no commit that fails GHA.
Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e
Signed-off-by: Frank Lichtenheld <fr...@li...>
---
M .github/workflows/build.yaml
M include/openvpn-msg.h
M sample/sample-plugins/client-connect/sample-client-connect.c
M sample/sample-plugins/defer/multi-auth.c
M sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
M sample/sample-plugins/log/log.c
M sample/sample-plugins/log/log_v3.c
M sample/sample-plugins/simple/base64.c
M sample/sample-plugins/simple/simple.c
M src/compat/compat-basename.c
M src/compat/compat-dirname.c
M src/compat/compat-gettimeofday.c
M src/openvpn/argv.c
M src/openvpn/argv.h
M src/openvpn/auth_token.c
M src/openvpn/auth_token.h
M src/openvpn/base64.c
M src/openvpn/base64.h
M src/openvpn/basic.h
M src/openvpn/buffer.c
M src/openvpn/buffer.h
M src/openvpn/circ_list.h
M src/openvpn/clinat.c
M src/openvpn/clinat.h
M src/openvpn/common.h
M src/openvpn/comp-lz4.c
M src/openvpn/comp.c
M src/openvpn/comp.h
M src/openvpn/compstub.c
M src/openvpn/console.c
M src/openvpn/console.h
M src/openvpn/console_builtin.c
M src/openvpn/console_systemd.c
M src/openvpn/crypto.c
M src/openvpn/crypto.h
M src/openvpn/crypto_backend.h
M src/openvpn/crypto_epoch.c
M src/openvpn/crypto_epoch.h
M src/openvpn/crypto_mbedtls.c
M src/openvpn/crypto_mbedtls.h
M src/openvpn/crypto_openssl.c
M src/openvpn/crypto_openssl.h
M src/openvpn/cryptoapi.c
M src/openvpn/dco.c
M src/openvpn/dco.h
M src/openvpn/dco_freebsd.c
M src/openvpn/dco_freebsd.h
M src/openvpn/dco_internal.h
M src/openvpn/dco_linux.c
M src/openvpn/dco_linux.h
M src/openvpn/dco_win.c
M src/openvpn/dco_win.h
M src/openvpn/dhcp.c
M src/openvpn/dhcp.h
M src/openvpn/dns.c
M src/openvpn/dns.h
M src/openvpn/env_set.c
M src/openvpn/env_set.h
M src/openvpn/errlevel.h
M src/openvpn/error.c
M src/openvpn/error.h
M src/openvpn/event.c
M src/openvpn/event.h
M src/openvpn/fdmisc.c
M src/openvpn/fdmisc.h
M src/openvpn/forward.c
M src/openvpn/forward.h
M src/openvpn/fragment.c
M src/openvpn/fragment.h
M src/openvpn/gremlin.c
M src/openvpn/gremlin.h
M src/openvpn/helper.c
M src/openvpn/httpdigest.c
M src/openvpn/httpdigest.h
M src/openvpn/init.c
M src/openvpn/init.h
M src/openvpn/integer.h
M src/openvpn/interval.c
M src/openvpn/interval.h
M src/openvpn/list.c
M src/openvpn/list.h
M src/openvpn/lladdr.c
M src/openvpn/lzo.c
M src/openvpn/lzo.h
M src/openvpn/manage.c
M src/openvpn/manage.h
M src/openvpn/mbedtls_compat.h
M src/openvpn/mbuf.c
M src/openvpn/mbuf.h
M src/openvpn/memdbg.h
M src/openvpn/misc.c
M src/openvpn/misc.h
M src/openvpn/mroute.c
M src/openvpn/mroute.h
M src/openvpn/mss.c
M src/openvpn/mss.h
M src/openvpn/mstats.c
M src/openvpn/mstats.h
M src/openvpn/mtcp.c
M src/openvpn/mtcp.h
M src/openvpn/mtu.c
M src/openvpn/mtu.h
M src/openvpn/mudp.c
M src/openvpn/multi.c
M src/openvpn/multi.h
M src/openvpn/multi_io.c
M src/openvpn/networking.h
M src/openvpn/networking_freebsd.c
M src/openvpn/networking_iproute2.c
M src/openvpn/networking_sitnl.c
M src/openvpn/ntlm.c
M src/openvpn/occ.c
M src/openvpn/occ.h
M src/openvpn/openssl_compat.h
M src/openvpn/openvpn.c
M src/openvpn/openvpn.h
M src/openvpn/options.c
M src/openvpn/options.h
M src/openvpn/options_util.c
M src/openvpn/options_util.h
M src/openvpn/otime.c
M src/openvpn/otime.h
M src/openvpn/ovpn_dco_freebsd.h
M src/openvpn/packet_id.c
M src/openvpn/packet_id.h
M src/openvpn/perf.c
M src/openvpn/perf.h
M src/openvpn/ping.c
M src/openvpn/ping.h
M src/openvpn/pkcs11.c
M src/openvpn/pkcs11.h
M src/openvpn/pkcs11_backend.h
M src/openvpn/pkcs11_mbedtls.c
M src/openvpn/pkcs11_openssl.c
M src/openvpn/platform.c
M src/openvpn/platform.h
M src/openvpn/plugin.c
M src/openvpn/plugin.h
M src/openvpn/pool.c
M src/openvpn/pool.h
M src/openvpn/proto.c
M src/openvpn/proto.h
M src/openvpn/proxy.c
M src/openvpn/proxy.h
M src/openvpn/ps.c
M src/openvpn/ps.h
M src/openvpn/push.c
M src/openvpn/push.h
M src/openvpn/push_util.c
M src/openvpn/pushlist.h
M src/openvpn/reflect_filter.c
M src/openvpn/reflect_filter.h
M src/openvpn/reliable.c
M src/openvpn/reliable.h
A src/openvpn/ring_buffer.h
M src/openvpn/route.c
M src/openvpn/route.h
M src/openvpn/run_command.c
M src/openvpn/run_command.h
M src/openvpn/schedule.c
M src/openvpn/schedule.h
M src/openvpn/session_id.h
M src/openvpn/shaper.c
M src/openvpn/shaper.h
M src/openvpn/sig.c
M src/openvpn/sig.h
M src/openvpn/socket.c
M src/openvpn/socket.h
M src/openvpn/socks.c
M src/openvpn/socks.h
M src/openvpn/ssl.c
M src/openvpn/ssl.h
M src/openvpn/ssl_backend.h
M src/openvpn/ssl_common.h
M src/openvpn/ssl_mbedtls.c
M src/openvpn/ssl_mbedtls.h
M src/openvpn/ssl_ncp.c
M src/openvpn/ssl_ncp.h
M src/openvpn/ssl_openssl.c
M src/openvpn/ssl_openssl.h
M src/openvpn/ssl_pkt.c
M src/openvpn/ssl_pkt.h
M src/openvpn/ssl_util.c
M src/openvpn/ssl_util.h
M src/openvpn/ssl_verify.c
M src/openvpn/ssl_verify.h
M src/openvpn/ssl_verify_backend.h
M src/openvpn/ssl_verify_mbedtls.c
M src/openvpn/ssl_verify_mbedtls.h
M src/openvpn/ssl_verify_openssl.c
M src/openvpn/status.c
M src/openvpn/status.h
M src/openvpn/syshead.h
M src/openvpn/tls_crypt.c
M src/openvpn/tls_crypt.h
M src/openvpn/tun.c
M src/openvpn/tun.h
M src/openvpn/tun_afunix.c
M src/openvpn/tun_afunix.h
M src/openvpn/vlan.c
M src/openvpn/vlan.h
M src/openvpn/wfp_block.c
M src/openvpn/wfp_block.h
M src/openvpn/win32-util.c
M src/openvpn/win32.c
M src/openvpn/win32.h
M src/openvpn/xkey_common.h
M src/openvpn/xkey_helper.c
M src/openvpn/xkey_provider.c
M src/openvpnmsica/dllmain.c
M src/openvpnmsica/msica_arg.c
M src/openvpnmsica/msica_arg.h
M src/openvpnmsica/msiex.c
M src/openvpnmsica/msiex.h
M src/openvpnmsica/openvpnmsica.c
M src/openvpnmsica/openvpnmsica.h
M src/openvpnserv/common.c
M src/openvpnserv/interactive.c
M src/openvpnserv/service.c
M src/openvpnserv/service.h
M src/openvpnserv/validate.c
M src/openvpnserv/validate.h
M src/plugins/auth-pam/auth-pam.c
M src/plugins/auth-pam/pamdl.c
M src/plugins/auth-pam/utils.c
M src/plugins/auth-pam/utils.h
M src/plugins/down-root/down-root.c
M src/tapctl/basic.h
M src/tapctl/error.h
M src/tapctl/main.c
M src/tapctl/tap.c
M src/tapctl/tap.h
M tests/ntlm_support.c
M tests/unit_tests/example_test/test.c
M tests/unit_tests/example_test/test2.c
M tests/unit_tests/openvpn/cert_data.h
M tests/unit_tests/openvpn/mock_management.c
M tests/unit_tests/openvpn/mock_msg.c
M tests/unit_tests/openvpn/mock_msg.h
M tests/unit_tests/openvpn/mock_ssl_dependencies.c
M tests/unit_tests/openvpn/pkey_test_utils.c
M tests/unit_tests/openvpn/test_argv.c
M tests/unit_tests/openvpn/test_auth_token.c
M tests/unit_tests/openvpn/test_buffer.c
M tests/unit_tests/openvpn/test_crypto.c
M tests/unit_tests/openvpn/test_cryptoapi.c
M tests/unit_tests/openvpn/test_misc.c
M tests/unit_tests/openvpn/test_ncp.c
M tests/unit_tests/openvpn/test_networking.c
M tests/unit_tests/openvpn/test_packet_id.c
M tests/unit_tests/openvpn/test_pkcs11.c
M tests/unit_tests/openvpn/test_pkt.c
M tests/unit_tests/openvpn/test_provider.c
M tests/unit_tests/openvpn/test_push_update_msg.c
M tests/unit_tests/openvpn/test_ssl.c
M tests/unit_tests/openvpn/test_tls_crypt.c
M tests/unit_tests/openvpn/test_user_pass.c
M tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
258 files changed, 12,008 insertions(+), 15,234 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/91/791/23
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index bd5895b..ba7f64b 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -5,35 +5,26 @@
pull_request:
jobs:
- checkuncrustify:
- name: "Check code style with Uncrustify"
- # Ubuntu 22.04 has uncrustify 0.72_f
- runs-on: ubuntu-22.04
+ clang-format:
+ name: Check code style with clang-format
+ runs-on: ubuntu-24.04
steps:
- name: Install dependencies
- run: sudo apt update && sudo apt install -y uncrustify
+ run: |
+ sudo apt update && sudo apt install -y python3-pip
+ pip3 install pre-commit
- name: Checkout OpenVPN
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- with:
- path: openvpn
- - name: Show uncrustify version
- run: uncrustify --version
- - name: Run uncrustify
- run: ./dev-tools/reformat-all.sh
- working-directory: openvpn
+ - name: Run clang-format
+ run: pre-commit run -a --show-diff-on-failure || true
- name: Check for changes
- run: git diff --output=uncrustify-changes.patch
- working-directory: openvpn
- - name: Show changes on standard output
- run: git diff
- working-directory: openvpn
+ run: git diff --output=format-changes.patch
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
- name: uncrustify-changes.patch
- path: 'openvpn/uncrustify-changes.patch'
+ name: format-changes.patch
+ path: format-changes.patch
- name: Set job status
- run: test ! -s uncrustify-changes.patch
- working-directory: openvpn
+ run: test ! -s format-changes.patch
android:
strategy:
diff --git a/include/openvpn-msg.h b/include/openvpn-msg.h
index 106a274..a692137 100644
--- a/include/openvpn-msg.h
+++ b/include/openvpn-msg.h
@@ -26,7 +26,8 @@
#include <windef.h>
#include <ws2tcpip.h>
-typedef enum {
+typedef enum
+{
msg_acknowledgement,
msg_add_address,
msg_del_address,
@@ -50,28 +51,33 @@
msg_create_adapter
} message_type_t;
-typedef struct {
+typedef struct
+{
message_type_t type;
size_t size;
int message_id;
} message_header_t;
-typedef union {
+typedef union
+{
struct in_addr ipv4;
struct in6_addr ipv6;
} inet_address_t;
-typedef struct {
+typedef struct
+{
int index;
char name[256];
} interface_t;
-typedef enum {
- wfp_block_local = 1<<0,
- wfp_block_dns = 1<<1
+typedef enum
+{
+ wfp_block_local = 1 << 0,
+ wfp_block_dns = 1 << 1
} wfp_block_flags_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
short family;
inet_address_t address;
@@ -79,7 +85,8 @@
interface_t iface;
} address_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
short family;
inet_address_t prefix;
@@ -89,7 +96,8 @@
int metric;
} route_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
char domains[512];
@@ -99,14 +107,16 @@
} dns_cfg_message_t;
-typedef enum {
+typedef enum
+{
nrpt_dnssec
} nrpt_flags_t;
-#define NRPT_ADDR_NUM 8 /* Max. number of addresses */
+#define NRPT_ADDR_NUM 8 /* Max. number of addresses */
#define NRPT_ADDR_SIZE 48 /* Max. address strlen + some */
typedef char nrpt_address_t[NRPT_ADDR_SIZE];
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
nrpt_address_t addresses[NRPT_ADDR_NUM];
@@ -115,14 +125,16 @@
nrpt_flags_t flags;
} nrpt_dns_cfg_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
int addr_len;
inet_address_t addr[4]; /* support up to 4 dns addresses */
} wins_cfg_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
int disable_nbt;
@@ -134,41 +146,48 @@
/* TODO: NTP */
-typedef struct {
+typedef struct
+{
message_header_t header;
short family;
interface_t iface;
} flush_neighbors_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
int error_number;
} ack_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
wfp_block_flags_t flags;
interface_t iface;
} wfp_block_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
} enable_dhcp_message_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
interface_t iface;
short family;
int mtu;
} set_mtu_message_t;
-typedef enum {
+typedef enum
+{
ADAPTER_TYPE_DCO,
ADAPTER_TYPE_TAP,
} adapter_type_t;
-typedef struct {
+typedef struct
+{
message_header_t header;
adapter_type_t adapter_type;
} create_adapter_message_t;
diff --git a/sample/sample-plugins/client-connect/sample-client-connect.c b/sample/sample-plugins/client-connect/sample-client-connect.c
index 3dda782..7e3b5a9 100644
--- a/sample/sample-plugins/client-connect/sample-client-connect.c
+++ b/sample/sample-plugins/client-connect/sample-client-connect.c
@@ -58,8 +58,9 @@
* Our context, where we keep our state.
*/
-struct plugin_context {
- int verb; /* logging verbosity */
+struct plugin_context
+{
+ int verb; /* logging verbosity */
};
/* this is used for the CLIENT_CONNECT_V2 async/deferred handler
@@ -68,8 +69,9 @@
* this, and the "CLIENT_CONNECT_DEFER_V2" handler looks at it to see
* if it's time yet to succeed/fail
*/
-struct plugin_per_client_context {
- time_t sleep_until; /* wakeup time (time() + sleep) */
+struct plugin_per_client_context
+{
+ time_t sleep_until; /* wakeup time (time() + sleep) */
bool want_fail;
bool want_disable;
const char *client_config;
@@ -117,8 +119,7 @@
/* use v3 functions so we can use openvpn's logging and base64 etc. */
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
/* const char **argv = args->argv; */ /* command line arguments (unused) */
@@ -127,7 +128,9 @@
/* Check API compatibility -- struct version 5 or higher needed */
if (v3structver < 5)
{
- fprintf(stderr, "sample-client-connect: this plugin is incompatible with the running version of OpenVPN\n");
+ fprintf(
+ stderr,
+ "sample-client-connect: this plugin is incompatible with the running version of OpenVPN\n");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -143,18 +146,17 @@
/*
* Intercept just about everything...
*/
- ret->type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
/* Save global pointers to functions exported from openvpn */
plugin_log = args->callbacks->plugin_log;
@@ -166,7 +168,7 @@
*/
context->verb = atoi_null0(get_env("verb", envp));
- ret->handle = (openvpn_plugin_handle_t *) context;
+ ret->handle = (openvpn_plugin_handle_t *)context;
plugin_log(PLOG_NOTE, MODULE, "initialization succeeded");
return OPENVPN_PLUGIN_FUNC_SUCCESS;
@@ -242,8 +244,10 @@
const char *ccd_file = get_env("client_connect_deferred_file", envp);
if (!ccd_file)
{
- plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC_ASYNC=%d, but "
- "'client_connect_deferred_file' not set -> fail", seconds);
+ plugin_log(PLOG_NOTE, MODULE,
+ "env has UV_WANT_CC_ASYNC=%d, but "
+ "'client_connect_deferred_file' not set -> fail",
+ seconds);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -257,13 +261,13 @@
int fd = open(ccd_file, O_WRONLY);
if (fd < 0)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
if (write(fd, "2", 1) != 1)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file );
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file);
close(fd);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -277,11 +281,11 @@
/* fork, sleep, succeed/fail according to env vars */
pid_t p1 = fork();
- if (p1 < 0) /* Fork failed */
+ if (p1 < 0) /* Fork failed */
{
return OPENVPN_PLUGIN_FUNC_ERROR;
}
- if (p1 > 0) /* parent process */
+ if (p1 > 0) /* parent process */
{
waitpid(p1, NULL, 0);
return OPENVPN_PLUGIN_FUNC_DEFERRED;
@@ -291,10 +295,10 @@
pid_t p2 = fork();
if (p2 < 0)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "BACKGROUND: fork(2) failed");
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "BACKGROUND: fork(2) failed");
exit(1);
}
- if (p2 > 0) /* new parent: exit right away */
+ if (p2 > 0) /* new parent: exit right away */
{
exit(0);
}
@@ -324,16 +328,16 @@
fd = open(ccd_file, O_WRONLY);
if (fd < 0)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "open('%s') failed", ccd_file);
exit(1);
}
plugin_log(PLOG_NOTE, MODULE, "cc_handle_deferred_v1: done, signalling %s",
- (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "success" : "fail" );
+ (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "success" : "fail");
if (write(fd, (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) ? "1" : "0", 1) != 1)
{
- plugin_log(PLOG_ERR|PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file );
+ plugin_log(PLOG_ERR | PLOG_ERRNO, MODULE, "write to '%s' failed", ccd_file);
}
close(fd);
@@ -341,14 +345,12 @@
}
int
-openvpn_plugin_client_connect(struct plugin_context *context,
- const char **argv,
- const char **envp)
+openvpn_plugin_client_connect(struct plugin_context *context, const char **argv, const char **envp)
{
/* log environment variables handed to us by OpenVPN, but
* only if "setenv verb" is 3 or higher (arbitrary number)
*/
- if (context->verb>=3)
+ if (context->verb >= 3)
{
for (int i = 0; argv[i]; i++)
{
@@ -389,8 +391,7 @@
int
openvpn_plugin_client_connect_v2(struct plugin_context *context,
- struct plugin_per_client_context *pcc,
- const char **envp,
+ struct plugin_per_client_context *pcc, const char **envp,
struct openvpn_plugin_string_list **return_list)
{
/* by setting "UV_WANT_CC2_ASYNC" we go to async/deferred mode */
@@ -420,7 +421,8 @@
pcc->want_fail = (want_fail != NULL);
pcc->want_disable = (want_disable != NULL);
pcc->client_config = client_config;
- plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_ASYNC=%s -> set up deferred handler", want_async);
+ plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_ASYNC=%s -> set up deferred handler",
+ want_async);
return OPENVPN_PLUGIN_FUNC_DEFERRED;
}
@@ -431,8 +433,7 @@
return OPENVPN_PLUGIN_FUNC_ERROR;
}
- struct openvpn_plugin_string_list *rl =
- calloc(1, sizeof(struct openvpn_plugin_string_list));
+ struct openvpn_plugin_string_list *rl = calloc(1, sizeof(struct openvpn_plugin_string_list));
if (!rl)
{
plugin_log(PLOG_ERR, MODULE, "malloc(return_list) failed");
@@ -466,12 +467,10 @@
int
openvpn_plugin_client_connect_defer_v2(struct plugin_context *context,
struct plugin_per_client_context *pcc,
- struct openvpn_plugin_string_list
- **return_list)
+ struct openvpn_plugin_string_list **return_list)
{
time_t time_left = pcc->sleep_until - time(NULL);
- plugin_log(PLOG_NOTE, MODULE, "defer_v2: seconds left=%d",
- (int) time_left);
+ plugin_log(PLOG_NOTE, MODULE, "defer_v2: seconds left=%d", (int)time_left);
/* not yet due? */
if (time_left > 0)
@@ -482,15 +481,14 @@
/* client wants fail? */
if (pcc->want_fail)
{
- plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_FAIL -> fail" );
+ plugin_log(PLOG_NOTE, MODULE, "env has UV_WANT_CC2_FAIL -> fail");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
/* fill in RL according to with-disable / without-disable */
/* TODO: unify this with non-deferred case */
- struct openvpn_plugin_string_list *rl =
- calloc(1, sizeof(struct openvpn_plugin_string_list));
+ struct openvpn_plugin_string_list *rl = calloc(1, sizeof(struct openvpn_plugin_string_list));
if (!rl)
{
plugin_log(PLOG_ERR, MODULE, "malloc(return_list) failed");
@@ -522,15 +520,12 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v2(openvpn_plugin_handle_t handle,
- const int type,
- const char *argv[],
- const char *envp[],
- void *per_client_context,
+openvpn_plugin_func_v2(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[], void *per_client_context,
struct openvpn_plugin_string_list **return_list)
{
- struct plugin_context *context = (struct plugin_context *) handle;
- struct plugin_per_client_context *pcc = (struct plugin_per_client_context *) per_client_context;
+ struct plugin_context *context = (struct plugin_context *)handle;
+ struct plugin_per_client_context *pcc = (struct plugin_per_client_context *)per_client_context;
/* for most functions, we just "don't do anything" but log the
* event received (so one can follow it in the log and understand
@@ -564,13 +559,11 @@
case OPENVPN_PLUGIN_CLIENT_CONNECT_V2:
plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_CONNECT_V2");
- return openvpn_plugin_client_connect_v2(context, pcc, envp,
- return_list);
+ return openvpn_plugin_client_connect_v2(context, pcc, envp, return_list);
case OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2:
plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2");
- return openvpn_plugin_client_connect_defer_v2(context, pcc,
- return_list);
+ return openvpn_plugin_client_connect_defer_v2(context, pcc, return_list);
case OPENVPN_PLUGIN_CLIENT_DISCONNECT:
plugin_log(PLOG_NOTE, MODULE, "OPENVPN_PLUGIN_CLIENT_DISCONNECT");
@@ -607,7 +600,7 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
printf("FUNC: openvpn_plugin_close_v1\n");
free(context);
}
diff --git a/sample/sample-plugins/defer/multi-auth.c b/sample/sample-plugins/defer/multi-auth.c
index 9a2cb13..3c9c9c6 100644
--- a/sample/sample-plugins/defer/multi-auth.c
+++ b/sample/sample-plugins/defer/multi-auth.c
@@ -62,7 +62,8 @@
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
int test_deferred_auth;
char *authid;
char *test_valid_user;
@@ -103,11 +104,12 @@
* structver '5' here to indicate a desire for modern openvpn, rather
* than a need for any particular feature found in structver beyond '1'.
*/
-#define OPENVPN_PLUGIN_VERSION_MIN 3
+#define OPENVPN_PLUGIN_VERSION_MIN 3
#define OPENVPN_PLUGIN_STRUCTVER_MIN 5
-struct plugin_per_client_context {
+struct plugin_per_client_context
+{
int n_calls;
bool generated_pf_file;
};
@@ -175,13 +177,13 @@
/* use v3 functions so we can use openvpn's logging and base64 etc. */
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
if (v3structver < OPENVPN_PLUGIN_STRUCTVER_MIN)
{
- fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", MODULE);
+ fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n",
+ MODULE);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -194,7 +196,7 @@
* Allocate our context
*/
struct plugin_context *context = NULL;
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (!context)
{
goto error;
@@ -238,7 +240,7 @@
* Which callbacks to intercept.
*/
ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY);
- ret->handle = (openvpn_plugin_handle_t *) context;
+ ret->handle = (openvpn_plugin_handle_t *)context;
plog(context, PLOG_NOTE, "initialization succeeded");
return OPENVPN_PLUGIN_FUNC_SUCCESS;
@@ -253,29 +255,22 @@
}
static bool
-do_auth_user_pass(struct plugin_context *context,
- const char *username, const char *password)
+do_auth_user_pass(struct plugin_context *context, const char *username, const char *password)
{
- plog(context, PLOG_NOTE,
- "expect_user=%s, received_user=%s, expect_passw=%s, received_passw=%s",
- np(context->test_valid_user),
- np(username),
- np(context->test_valid_pass),
- np(password));
+ plog(context, PLOG_NOTE, "expect_user=%s, received_user=%s, expect_passw=%s, received_passw=%s",
+ np(context->test_valid_user), np(username), np(context->test_valid_pass), np(password));
if (context->test_valid_user && context->test_valid_pass)
{
if ((strcmp(context->test_valid_user, username) != 0)
|| (strcmp(context->test_valid_pass, password) != 0))
{
- plog(context, PLOG_ERR,
- "User/Password auth result: FAIL");
+ plog(context, PLOG_ERR, "User/Password auth result: FAIL");
return false;
}
else
{
- plog(context, PLOG_NOTE,
- "User/Password auth result: PASS");
+ plog(context, PLOG_NOTE, "User/Password auth result: PASS");
return true;
}
}
@@ -284,8 +279,7 @@
static int
-auth_user_pass_verify(struct plugin_context *context,
- struct plugin_per_client_context *pcc,
+auth_user_pass_verify(struct plugin_context *context, struct plugin_per_client_context *pcc,
const char *argv[], const char *envp[])
{
/* get username/password from envp string array */
@@ -295,8 +289,8 @@
if (!context->test_deferred_auth)
{
plog(context, PLOG_NOTE, "Direct authentication");
- return do_auth_user_pass(context, username, password) ?
- OPENVPN_PLUGIN_FUNC_SUCCESS : OPENVPN_PLUGIN_FUNC_ERROR;
+ return do_auth_user_pass(context, username, password) ? OPENVPN_PLUGIN_FUNC_SUCCESS
+ : OPENVPN_PLUGIN_FUNC_ERROR;
}
/* get auth_control_file filename from envp string array*/
@@ -317,11 +311,11 @@
/* fork, sleep, succeed (no "real" auth done = always succeed) */
pid_t p1 = fork();
- if (p1 < 0) /* Fork failed */
+ if (p1 < 0) /* Fork failed */
{
return OPENVPN_PLUGIN_FUNC_ERROR;
}
- if (p1 > 0) /* parent process */
+ if (p1 > 0) /* parent process */
{
waitpid(p1, NULL, 0);
return OPENVPN_PLUGIN_FUNC_DEFERRED;
@@ -331,11 +325,11 @@
pid_t p2 = fork();
if (p2 < 0)
{
- plog(context, PLOG_ERR|PLOG_ERRNO, "BACKGROUND: fork(2) failed");
+ plog(context, PLOG_ERR | PLOG_ERRNO, "BACKGROUND: fork(2) failed");
exit(1);
}
- if (p2 != 0) /* new parent: exit right away */
+ if (p2 != 0) /* new parent: exit right away */
{
exit(0);
}
@@ -347,7 +341,7 @@
*/
/* do mighty complicated work that will really take time here... */
- useconds_t wait_time = (useconds_t)context->test_deferred_auth*1000;
+ useconds_t wait_time = (useconds_t)context->test_deferred_auth * 1000;
plog(context, PLOG_NOTE, "in async/deferred handler, usleep(%u)", wait_time);
usleep(wait_time);
@@ -355,8 +349,7 @@
int fd = open(auth_control_file, O_WRONLY);
if (fd < 0)
{
- plog(context, PLOG_ERR|PLOG_ERRNO,
- "open('%s') failed", auth_control_file);
+ plog(context, PLOG_ERR | PLOG_ERRNO, "open('%s') failed", auth_control_file);
exit(1);
}
@@ -368,7 +361,7 @@
if (write(fd, result, 1) != 1)
{
- plog(context, PLOG_ERR|PLOG_ERRNO, "write to '%s' failed", auth_control_file );
+ plog(context, PLOG_ERR | PLOG_ERRNO, "write to '%s' failed", auth_control_file);
}
close(fd);
@@ -377,19 +370,20 @@
OPENVPN_EXPORT int
-openvpn_plugin_func_v3(const int v3structver,
- struct openvpn_plugin_args_func_in const *args,
+openvpn_plugin_func_v3(const int v3structver, struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *ret)
{
if (v3structver < OPENVPN_PLUGIN_STRUCTVER_MIN)
{
- fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n", MODULE);
+ fprintf(stderr, "%s: this plugin is incompatible with the running version of OpenVPN\n",
+ MODULE);
return OPENVPN_PLUGIN_FUNC_ERROR;
}
const char **argv = args->argv;
const char **envp = args->envp;
- struct plugin_context *context = (struct plugin_context *) args->handle;
- struct plugin_per_client_context *pcc = (struct plugin_per_client_context *) args->per_client_context;
+ struct plugin_context *context = (struct plugin_context *)args->handle;
+ struct plugin_per_client_context *pcc =
+ (struct plugin_per_client_context *)args->per_client_context;
switch (args->type)
{
case OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY:
@@ -405,7 +399,7 @@
OPENVPN_EXPORT void *
openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_constructor_v1");
return calloc(1, sizeof(struct plugin_per_client_context));
}
@@ -413,7 +407,7 @@
OPENVPN_EXPORT void
openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *per_client_context)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_destructor_v1");
free(per_client_context);
}
@@ -421,7 +415,7 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_close_v1");
free(context);
}
diff --git a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
index b73144f..e7556a1 100644
--- a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
+++ b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
@@ -37,22 +37,25 @@
#define MAXPATH 1024
#endif
-#define ovpn_err(fmt, ...) \
- plugin->log(PLOG_ERR, "SSO", fmt, ## __VA_ARGS__)
-#define ovpn_dbg(fmt, ...) \
- plugin->log(PLOG_DEBUG, "SSO", fmt, ## __VA_ARGS__)
-#define ovpn_note(fmt, ...) \
- plugin->log(PLOG_NOTE, "SSO", fmt, ## __VA_ARGS__)
+#define ovpn_err(fmt, ...) plugin->log(PLOG_ERR, "SSO", fmt, ##__VA_ARGS__)
+#define ovpn_dbg(fmt, ...) plugin->log(PLOG_DEBUG, "SSO", fmt, ##__VA_ARGS__)
+#define ovpn_note(fmt, ...) plugin->log(PLOG_NOTE, "SSO", fmt, ##__VA_ARGS__)
-enum endpoint { CLIENT = 1, SERVER = 2 };
+enum endpoint
+{
+ CLIENT = 1,
+ SERVER = 2
+};
-struct plugin {
+struct plugin
+{
plugin_log_t log;
enum endpoint type;
int mask;
};
-struct session {
+struct session
+{
char user[48];
char key[48];
};
@@ -85,8 +88,7 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int version,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int version, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *rv)
{
struct plugin *plugin = calloc(1, sizeof(*plugin));
@@ -98,9 +100,9 @@
}
plugin->type = get_env("remote_1", args->envp) ? CLIENT : SERVER;
- plugin->log = args->callbacks->plugin_log;
+ plugin->log = args->callbacks->plugin_log;
- plugin->mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ plugin->mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
plugin->mask |= OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY);
ovpn_note("vpn endpoint type=%s", plugin->type == CLIENT ? "client" : "server");
@@ -163,8 +165,8 @@
static int
tls_verify(struct openvpn_plugin_args_func_in const *args)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
/* we store cert subject for the server end point only */
if (plugin->type != SERVER)
@@ -199,8 +201,8 @@
static void
server_store(struct openvpn_plugin_args_func_in const *args)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
char file[MAXPATH];
snprintf(file, sizeof(file) - 1, "/tmp/openvpn_sso_%s", sess->key);
@@ -211,8 +213,8 @@
static void
client_store(struct openvpn_plugin_args_func_in const *args)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
char *file = "/tmp/openvpn_sso_user";
ovpn_note("app session file: %s", file);
@@ -223,8 +225,8 @@
tls_final(struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *rv)
{
- struct plugin *plugin = (struct plugin *)args->handle;
- struct session *sess = (struct session *)args->per_client_context;
+ struct plugin *plugin = (struct plugin *)args->handle;
+ struct session *sess = (struct session *)args->per_client_context;
const char *key;
if (!(key = get_env("exported_keying_material", args->envp)))
@@ -251,8 +253,7 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v3(const int version,
- struct openvpn_plugin_args_func_in const *args,
+openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *rv)
{
switch (args->type)
@@ -270,7 +271,7 @@
openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
{
struct plugin *plugin = (struct plugin *)handle;
- struct session *sess = calloc(1, sizeof(*sess));
+ struct session *sess = calloc(1, sizeof(*sess));
ovpn_note("app session created");
@@ -281,7 +282,7 @@
openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void *ctx)
{
struct plugin *plugin = (struct plugin *)handle;
- struct session *sess = (struct session *)ctx;
+ struct session *sess = (struct session *)ctx;
ovpn_note("app session key: %s", sess->key);
ovpn_note("app session destroyed");
diff --git a/sample/sample-plugins/log/log.c b/sample/sample-plugins/log/log.c
index 63d714f..70fa60d 100644
--- a/sample/sample-plugins/log/log.c
+++ b/sample/sample-plugins/log/log.c
@@ -36,7 +36,8 @@
/*
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
const char *username;
const char *password;
};
@@ -75,7 +76,7 @@
/*
* Allocate our context
*/
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (context == NULL)
{
printf("PLUGIN: allocating memory for context failed\n");
@@ -91,19 +92,17 @@
/*
* Which callbacks to intercept.
*/
- *type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP) | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
- return (openvpn_plugin_handle_t) context;
+ return (openvpn_plugin_handle_t)context;
}
void
@@ -171,9 +170,10 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
+openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[])
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
show(type, argv, envp);
@@ -184,8 +184,8 @@
const char *username = get_env("username", envp);
const char *password = get_env("password", envp);
- if (username && !strcmp(username, context->username)
- && password && !strcmp(password, context->password))
+ if (username && !strcmp(username, context->username) && password
+ && !strcmp(password, context->password))
{
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -203,6 +203,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/sample/sample-plugins/log/log_v3.c b/sample/sample-plugins/log/log_v3.c
index 02cdda8..cef22cf 100644
--- a/sample/sample-plugins/log/log_v3.c
+++ b/sample/sample-plugins/log/log_v3.c
@@ -39,7 +39,8 @@
/*
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
const char *username;
const char *password;
};
@@ -71,8 +72,7 @@
}
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
struct plugin_context *context = NULL;
@@ -80,7 +80,8 @@
/* Check that we are API compatible */
if (v3structver != OPENVPN_PLUGINv3_STRUCTVER)
{
- printf("log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
+ printf(
+ "log_v3: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
@@ -91,26 +92,24 @@
}
/* Print some version information about the OpenVPN process using this plug-in */
- printf("log_v3: OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n",
- args->ovpn_version, args->ovpn_version_major,
- args->ovpn_version_minor, args->ovpn_version_patch);
+ printf("log_v3: OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n", args->ovpn_version,
+ args->ovpn_version_major, args->ovpn_version_minor, args->ovpn_version_patch);
/* Which callbacks to intercept. */
- ret->type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
+ ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_DOWN)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_ROUTE_UP)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_IPCHANGE)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
/* Allocate our context */
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (context == NULL)
{
printf("PLUGIN: allocating memory for context failed\n");
@@ -122,7 +121,7 @@
context->password = "bar";
/* Point the global context handle to our newly created context */
- ret->handle = (void *) context;
+ ret->handle = (void *)context;
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -243,13 +242,11 @@
}
-
OPENVPN_EXPORT int
-openvpn_plugin_func_v3(const int version,
- struct openvpn_plugin_args_func_in const *args,
+openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in const *args,
struct openvpn_plugin_args_func_return *retptr)
{
- struct plugin_context *context = (struct plugin_context *) args->handle;
+ struct plugin_context *context = (struct plugin_context *)args->handle;
printf("\nopenvpn_plugin_func_v3() :::::>> ");
show(args->type, args->argv, args->envp);
@@ -270,8 +267,8 @@
const char *username = get_env("username", args->envp);
const char *password = get_env("password", args->envp);
- if (username && !strcmp(username, context->username)
- && password && !strcmp(password, context->password))
+ if (username && !strcmp(username, context->username) && password
+ && !strcmp(password, context->password))
{
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -289,6 +286,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/sample/sample-plugins/simple/base64.c b/sample/sample-plugins/simple/base64.c
index b6c0c97..8a1dedd 100644
--- a/sample/sample-plugins/simple/base64.c
+++ b/sample/sample-plugins/simple/base64.c
@@ -98,21 +98,20 @@
*
*/
OPENVPN_EXPORT int
-openvpn_plugin_open_v3(const int v3structver,
- struct openvpn_plugin_args_open_in const *args,
+openvpn_plugin_open_v3(const int v3structver, struct openvpn_plugin_args_open_in const *args,
struct openvpn_plugin_args_open_return *ret)
{
/* Check that we are API compatible */
if (v3structver != OPENVPN_PLUGINv3_STRUCTVER)
{
- printf("base64.c: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
+ printf(
+ "base64.c: ** ERROR ** Incompatible plug-in interface between this plug-in and OpenVPN\n");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
/* Which callbacks to intercept. */
- ret->type_mask =
- OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
- |OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2);
+ ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY)
+ | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT_V2);
/* we don't need a plug-in context in this example, but OpenVPN expects "something" */
ret->handle = calloc(1, 1);
@@ -125,8 +124,8 @@
/* Print some version information about the OpenVPN process using this plug-in */
ovpn_log(PLOG_NOTE, PLUGIN_NAME, "OpenVPN %s (Major: %i, Minor: %i, Patch: %s)\n",
- args->ovpn_version, args->ovpn_version_major,
- args->ovpn_version_minor, args->ovpn_version_patch);
+ args->ovpn_version, args->ovpn_version_major, args->ovpn_version_minor,
+ args->ovpn_version_patch);
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -154,10 +153,10 @@
*/
OPENVPN_EXPORT int
-openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
+openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[])
{
- if (type != OPENVPN_PLUGIN_TLS_VERIFY
- && type != OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
+ if (type != OPENVPN_PLUGIN_TLS_VERIFY && type != OPENVPN_PLUGIN_CLIENT_CONNECT_V2)
{
ovpn_log(PLOG_ERR, PLUGIN_NAME, "Unsupported plug-in hook call attempted");
return OPENVPN_PLUGIN_FUNC_ERROR;
@@ -174,14 +173,13 @@
/* test the BASE64 encode function */
char *buf = NULL;
int r = ovpn_base64_encode(clcert_cn, (int)strlen(clcert_cn), &buf);
- ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 encoded '%s' (return value %i): '%s'",
- clcert_cn, r, buf);
+ ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 encoded '%s' (return value %i): '%s'", clcert_cn, r,
+ buf);
/* test the BASE64 decode function */
- char buf2[256] = {0};
+ char buf2[256] = { 0 };
r = ovpn_base64_decode(buf, &buf2, 255);
- ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 decoded '%s' (return value %i): '%s'",
- buf, r, buf2);
+ ovpn_log(PLOG_NOTE, PLUGIN_NAME, "BASE64 decoded '%s' (return value %i): '%s'", buf, r, buf2);
/* Verify the result, and free the buffer allocated by ovpn_base64_encode() */
r = strcmp(clcert_cn, buf2);
@@ -201,6 +199,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/sample/sample-plugins/simple/simple.c b/sample/sample-plugins/simple/simple.c
index ed5bce5..8b2b793 100644
--- a/sample/sample-plugins/simple/simple.c
+++ b/sample/sample-plugins/simple/simple.c
@@ -38,7 +38,8 @@
/*
* Our context, where we keep our state.
*/
-struct plugin_context {
+struct plugin_context
+{
const char *username;
const char *password;
};
@@ -77,7 +78,7 @@
/*
* Allocate our context
*/
- context = (struct plugin_context *) calloc(1, sizeof(struct plugin_context));
+ context = (struct plugin_context *)calloc(1, sizeof(struct plugin_context));
if (context == NULL)
{
printf("PLUGIN: allocating memory for context failed\n");
@@ -96,21 +97,22 @@
*/
*type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY);
- return (openvpn_plugin_handle_t) context;
+ return (openvpn_plugin_handle_t)context;
}
OPENVPN_EXPORT int
-openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
+openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const char *argv[],
+ const char *envp[])
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
/* get username/password from envp string array */
const char *username = get_env("username", envp);
const char *password = get_env("password", envp);
/* check entered username/password against what we require */
- if (username && !strcmp(username, context->username)
- && password && !strcmp(password, context->password))
+ if (username && !strcmp(username, context->username) && password
+ && !strcmp(password, context->password))
{
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
@@ -123,6 +125,6 @@
OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *) handle;
+ struct plugin_context *context = (struct plugin_context *)handle;
free(context);
}
diff --git a/src/compat/compat-basename.c b/src/compat/compat-basename.c
index 18944f6..24f5af7 100644
--- a/src/compat/compat-basename.c
+++ b/src/compat/compat-basename.c
@@ -41,7 +41,7 @@
/* If NULL, check for \ instead ... might be Windows a path */
p = strrchr(filename, '\\');
}
- return p ? p + 1 : (char *) filename;
+ return p ? p + 1 : (char *)filename;
}
#endif /* HAVE_BASENAME */
diff --git a/src/compat/compat-dirname.c b/src/compat/compat-dirname.c
index 17de8ad..a432bae 100644
--- a/src/compat/compat-dirname.c
+++ b/src/compat/compat-dirname.c
@@ -89,7 +89,7 @@
/* The '/' is the last character, we have to look further. */
if (runp != path)
{
- last_slash = (char *) __memrchr(path, separator, runp - path);
+ last_slash = (char *)__memrchr(path, separator, runp - path);
}
}
@@ -134,7 +134,7 @@
/* This assignment is ill-designed but the XPG specs require to
* return a string containing "." in any case no directory part is
* found and so a static and constant string is required. */
- path = (char *) dot;
+ path = (char *)dot;
}
return path;
diff --git a/src/compat/compat-gettimeofday.c b/src/compat/compat-gettimeofday.c
index de53cb5..29ded6c 100644
--- a/src/compat/compat-gettimeofday.c
+++ b/src/compat/compat-gettimeofday.c
@@ -48,7 +48,7 @@
{
const time_t t = time(NULL);
const DWORD gtc = GetTickCount();
- gtc_base = t - gtc/1000;
+ gtc_base = t - gtc / 1000;
gtc_last = gtc;
}
@@ -112,7 +112,7 @@
return 0;
}
-#else /* ifdef _WIN32 */
+#else /* ifdef _WIN32 */
#include <time.h>
diff --git a/src/openvpn/argv.c b/src/openvpn/argv.c
index 34266d4..903fc0a 100644
--- a/src/openvpn/argv.c
+++ b/src/openvpn/argv.c
@@ -284,8 +284,7 @@
* free()d to avoid memory leaks.
*/
static char *
-argv_prep_format(const char *format, const char delim, size_t *count,
- struct gc_arena *gc)
+argv_prep_format(const char *format, const char delim, size_t *count, struct gc_arena *gc)
{
if (format == NULL)
{
@@ -311,7 +310,7 @@
* the string is empty; the resulting format string
* will never start with a delimiter.
*/
- if (j > 0) /* Has anything been written to the output string? */
+ if (j > 0) /* Has anything been written to the output string? */
{
f[j++] = delim;
}
@@ -347,7 +346,7 @@
static bool
argv_printf_arglist(struct argv *argres, const char *format, va_list arglist)
{
- const char delim = 0x1D; /* ASCII Group Separator (GS) */
+ const char delim = 0x1D; /* ASCII Group Separator (GS) */
bool res = false;
/*
@@ -484,8 +483,8 @@
argv_reset(argres);
char *parms[MAX_PARMS + 1] = { 0 };
- int nparms = parse_line(cmdstr, parms, MAX_PARMS, "SCRIPT-ARGV", 0,
- D_ARGV_PARSE_CMD, &argres->gc);
+ int nparms =
+ parse_line(cmdstr, parms, MAX_PARMS, "SCRIPT-ARGV", 0, D_ARGV_PARSE_CMD, &argres->gc);
if (nparms)
{
int i;
diff --git a/src/openvpn/argv.h b/src/openvpn/argv.h
index f694760..056fe31 100644
--- a/src/openvpn/argv.h
+++ b/src/openvpn/argv.h
@@ -31,7 +31,8 @@
#include "buffer.h"
-struct argv {
+struct argv
+{
struct gc_arena gc;
size_t capacity;
size_t argc;
@@ -55,21 +56,21 @@
bool argv_printf(struct argv *a, const char *format, ...)
#ifdef __GNUC__
#if __USE_MINGW_ANSI_STDIO
-__attribute__ ((format(gnu_printf, 2, 3)))
+ __attribute__((format(gnu_printf, 2, 3)))
#else
-__attribute__ ((format(__printf__, 2, 3)))
+ __attribute__((format(__printf__, 2, 3)))
#endif
#endif
-;
+ ;
bool argv_printf_cat(struct argv *a, const char *format, ...)
#ifdef __GNUC__
#if __USE_MINGW_ANSI_STDIO
-__attribute__ ((format(gnu_printf, 2, 3)))
+ __attribute__((format(gnu_printf, 2, 3)))
#else
-__attribute__ ((format(__printf__, 2, 3)))
+ __attribute__((format(__printf__, 2, 3)))
#endif
#endif
-;
+ ;
#endif /* ifndef ARGV_H */
diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c
index 3cf55e8..a694e81 100644
--- a/src/openvpn/auth_token.c
+++ b/src/openvpn/auth_token.c
@@ -18,7 +18,7 @@
const char *auth_token_pem_name = "OpenVPN auth-token server key";
-#define AUTH_TOKEN_SESSION_ID_LEN 12
+#define AUTH_TOKEN_SESSION_ID_LEN 12
#define AUTH_TOKEN_SESSION_ID_BASE64_LEN (AUTH_TOKEN_SESSION_ID_LEN * 8 / 6)
#if AUTH_TOKEN_SESSION_ID_LEN % 3
@@ -53,7 +53,7 @@
}
else if (auth_token_state_flags & AUTH_TOKEN_HMAC_OK)
{
- switch (auth_token_state_flags & (AUTH_TOKEN_VALID_EMPTYUSER|AUTH_TOKEN_EXPIRED))
+ switch (auth_token_state_flags & (AUTH_TOKEN_VALID_EMPTYUSER | AUTH_TOKEN_EXPIRED))
{
case 0:
state = "Authenticated";
@@ -107,9 +107,9 @@
* in the encoding
*/
- char session_id[AUTH_TOKEN_SESSION_ID_LEN*2] = {0};
+ char session_id[AUTH_TOKEN_SESSION_ID_LEN * 2] = { 0 };
memcpy(session_id, session_id_source + strlen(SESSION_ID_PREFIX),
- AUTH_TOKEN_SESSION_ID_LEN*8/6);
+ AUTH_TOKEN_SESSION_ID_LEN * 8 / 6);
setenv_str(session->opt->es, "session_id", session_id);
}
@@ -121,8 +121,7 @@
}
void
-auth_token_init_secret(struct key_ctx *key_ctx, const char *key_file,
- bool key_inline)
+auth_token_init_secret(struct key_ctx *key_ctx, const char *key_file, bool key_inline)
{
struct key_type kt = auth_token_kt();
@@ -131,14 +130,12 @@
bool key_loaded = false;
if (key_file)
{
- key_loaded = read_pem_key_file(&server_secret_key,
- auth_token_pem_name,
- key_file, key_inline);
+ key_loaded =
+ read_pem_key_file(&server_secret_key, auth_token_pem_name, key_file, key_inline);
}
else
{
- key_loaded = generate_ephemeral_key(&server_secret_key,
- auth_token_pem_name);
+ key_loaded = generate_ephemeral_key(&server_secret_key, auth_token_pem_name);
}
if (!key_loaded)
@@ -169,7 +166,7 @@
int64_t initial_timestamp = timestamp;
hmac_ctx_t *ctx = multi->opt.auth_token_key.hmac;
- ASSERT(hmac_ctx_size(ctx) == 256/8);
+ ASSERT(hmac_ctx_size(ctx) == 256 / 8);
uint8_t sessid[AUTH_TOKEN_SESSION_ID_LEN];
@@ -185,7 +182,7 @@
char *initial_token_copy = string_alloc(multi->auth_token_initial, &gc);
char *old_sessid = initial_token_copy + strlen(SESSION_ID_PREFIX);
- char *old_tstamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN*8/6;
+ char *old_tstamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN * 8 / 6;
/*
* We null terminate the old token just after the session ID to let
@@ -197,12 +194,13 @@
memcpy(&initial_timestamp, &old_tstamp_decode, sizeof(initial_timestamp));
old_tstamp_initial[0] = '\0';
- ASSERT(openvpn_base64_decode(old_sessid, sessid, AUTH_TOKEN_SESSION_ID_LEN) == AUTH_TOKEN_SESSION_ID_LEN);
+ ASSERT(openvpn_base64_decode(old_sessid, sessid, AUTH_TOKEN_SESSION_ID_LEN)
+ == AUTH_TOKEN_SESSION_ID_LEN);
}
else if (!rand_bytes(sessid, AUTH_TOKEN_SESSION_ID_LEN))
{
- msg( M_FATAL, "Failed to get enough randomness for "
- "authentication token");
+ msg(M_FATAL, "Failed to get enough randomness for "
+ "authentication token");
}
/* Calculate the HMAC */
@@ -210,7 +208,7 @@
* with \0 in them is asking for troubles in so many ways anyway that we
* ignore that corner case here
*/
- uint8_t hmac_output[256/8];
+ uint8_t hmac_output[256 / 8];
hmac_ctx_reset(ctx);
@@ -222,20 +220,20 @@
struct key_state *ks = &multi->session[TM_ACTIVE].key[KS_PRIMARY];
if (ks->auth_token_state_flags & AUTH_TOKEN_VALID_EMPTYUSER)
{
- hmac_ctx_update(ctx, (const uint8_t *) "", 0);
+ hmac_ctx_update(ctx, (const uint8_t *)"...
[truncated message content] |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X