You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
112 lines
2.8 KiB
112 lines
2.8 KiB
/* Copyright 2015-2016 Alex 'AdUser' Z (ad_user@runbox.com) |
|
* |
|
* This program is free software; you can redistribute it and/or modify |
|
* it under the terms of the GNU General Public License version 2 as |
|
* published by the Free Software Foundation. |
|
*/ |
|
#include <string.h> |
|
#include <stdio.h> |
|
#include <stdlib.h> |
|
|
|
#include <openvpn/openvpn-plugin.h> |
|
|
|
#include "config.h" |
|
#include "ldapauth.h" |
|
|
|
/* static const char *OAL_NAME = "openvpn-ldap-auth"; */ |
|
|
|
/** |
|
* Given an environmental variable name, search |
|
* the envp array for its value, returning it |
|
* if found or NULL otherwise. |
|
*/ |
|
static const char * |
|
get_env (const char *name, const char *envp[]) { |
|
const int namelen = strlen(name); |
|
const char *cp; |
|
short int i; |
|
|
|
if (!envp) |
|
return NULL; |
|
|
|
for (i = 0; envp[i]; i++) { |
|
if (strncmp(envp[i], name, namelen) == 0) { |
|
cp = envp[i] + namelen; |
|
if (*cp == '=') |
|
return cp + 1; |
|
} |
|
} |
|
|
|
return NULL; |
|
} |
|
|
|
OPENVPN_EXPORT int |
|
openvpn_plugin_min_version_required_v1(void) { return 1; } |
|
|
|
OPENVPN_EXPORT openvpn_plugin_handle_t |
|
openvpn_plugin_open_v1 (unsigned int *type_mask, |
|
const char *argv[], |
|
const char *envp[]) |
|
{ |
|
oal_config_t *config; |
|
|
|
if (!argv[1]) { |
|
fprintf(stderr, "no config provided"); |
|
return NULL; |
|
} |
|
|
|
config = (oal_config_t *) calloc (1, sizeof (oal_config_t)); |
|
|
|
if (parse_config(config, argv[1]) != 0) { |
|
fprintf(stderr, "config parser failed: %s", config->error); |
|
return NULL; |
|
} |
|
|
|
if (check_config(config) != 0) { |
|
fprintf(stderr, "config check failed: %s", config->error); |
|
return NULL; |
|
} |
|
|
|
*type_mask = OPENVPN_PLUGIN_MASK (OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY); |
|
return (openvpn_plugin_handle_t) config; |
|
} |
|
|
|
OPENVPN_EXPORT int |
|
openvpn_plugin_func_v1 (openvpn_plugin_handle_t handle, |
|
const int type, |
|
const char *argv[], |
|
const char *envp[]) |
|
{ |
|
oal_config_t *config = (oal_config_t *) handle; |
|
short int rc = 0; |
|
|
|
/* get username/password from envp string array */ |
|
const char *username = get_env("username", envp); |
|
const char *password = get_env("password", envp); |
|
|
|
if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY) { |
|
/* check entered username/password against what we require */ |
|
rc = oal_check_cred(config, username, password); |
|
switch (rc) { |
|
case 1 : return OPENVPN_PLUGIN_FUNC_SUCCESS; break; |
|
case 0 : return OPENVPN_PLUGIN_FUNC_ERROR; break; |
|
default : |
|
fprintf(stderr, "auth error: %s", config->error); |
|
break; |
|
} |
|
} |
|
|
|
return OPENVPN_PLUGIN_FUNC_ERROR; /* never reached */ |
|
} |
|
|
|
OPENVPN_EXPORT void |
|
openvpn_plugin_close_v1 (openvpn_plugin_handle_t handle) |
|
{ |
|
oal_config_t *config = (oal_config_t *) handle; |
|
free(config->bindurls); |
|
free(config->binddn); |
|
free(config->bindpass); |
|
free(config->basedn); |
|
free(config->userfilter); |
|
free(config); |
|
}
|
|
|