2 * OpenConnect (SSL + DTLS) VPN client
4 * Copyright © 2008-2012 Intel Corporation.
6 * Authors: David Woodhouse <dwmw2@infradead.org>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * version 2.1, as published by the Free Software Foundation.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to:
20 * Free Software Foundation, Inc.
21 * 51 Franklin Street, Fifth Floor,
22 * Boston, MA 02110-1301 USA
29 #include "openconnect-internal.h"
31 struct openconnect_info *openconnect_vpninfo_new_with_cbdata (char *useragent,
32 openconnect_validate_peer_cert_vfn validate_peer_cert,
33 openconnect_write_new_config_vfn write_new_config,
34 openconnect_process_auth_form_vfn process_auth_form,
35 openconnect_progress_vfn progress,
38 struct openconnect_info *vpninfo = calloc (sizeof(*vpninfo), 1);
42 vpninfo->cert_expire_warning = 60 * 86400;
43 vpninfo->useragent = openconnect_create_useragent (useragent);
44 vpninfo->validate_peer_cert = validate_peer_cert;
45 vpninfo->write_new_config = write_new_config;
46 vpninfo->process_auth_form = process_auth_form;
47 vpninfo->progress = progress;
48 vpninfo->cbdata = privdata?:vpninfo;
49 vpninfo->cancel_fd = -1;
52 bindtextdomain("openconnect", LOCALEDIR);
58 struct openconnect_info *openconnect_vpninfo_new (char *useragent,
59 openconnect_validate_peer_cert_fn validate_peer_cert,
60 openconnect_write_new_config_fn write_new_config,
61 openconnect_process_auth_form_fn process_auth_form,
62 openconnect_progress_fn progress)
64 return openconnect_vpninfo_new_with_cbdata (useragent,
65 (void *)validate_peer_cert,
66 (void *)write_new_config,
67 (void *)process_auth_form,
68 (void *)progress, NULL);
71 static void free_optlist (struct vpn_option *opt)
73 struct vpn_option *next;
75 for (; opt; opt = next) {
83 void openconnect_vpninfo_free (struct openconnect_info *vpninfo)
85 openconnect_reset_ssl(vpninfo);
86 free_optlist(vpninfo->cookies);
87 free_optlist(vpninfo->cstp_options);
88 free_optlist(vpninfo->dtls_options);
89 free(vpninfo->hostname);
90 free(vpninfo->urlpath);
91 free(vpninfo->redirect_url);
92 free(vpninfo->proxy_type);
94 free(vpninfo->csd_scriptname);
95 free(vpninfo->csd_stuburl);
96 /* These are const in openconnect itself, but for consistency of
97 the library API we do take ownership of the strings we're given,
98 and thus we have to free them too. */
99 free((void *)vpninfo->cafile);
100 if (vpninfo->cert != vpninfo->sslkey)
101 free((void *)vpninfo->sslkey);
102 free((void *)vpninfo->cert);
103 if (vpninfo->peer_cert)
104 X509_free(vpninfo->peer_cert);
105 /* No need to free deflate streams; they weren't initialised */
109 char *openconnect_get_hostname (struct openconnect_info *vpninfo)
111 return vpninfo->hostname;
114 void openconnect_set_hostname (struct openconnect_info *vpninfo, char *hostname)
116 vpninfo->hostname = hostname;
119 char *openconnect_get_urlpath (struct openconnect_info *vpninfo)
121 return vpninfo->urlpath;
124 void openconnect_set_urlpath (struct openconnect_info *vpninfo, char *urlpath)
126 vpninfo->urlpath = urlpath;
129 void openconnect_set_xmlsha1 (struct openconnect_info *vpninfo, char *xmlsha1, int size)
131 if (size != sizeof (vpninfo->xmlsha1))
134 memcpy (&vpninfo->xmlsha1, xmlsha1, size);
137 void openconnect_set_cafile (struct openconnect_info *vpninfo, char *cafile)
139 vpninfo->cafile = cafile;
142 void openconnect_setup_csd (struct openconnect_info *vpninfo, uid_t uid, int silent, char *wrapper)
144 vpninfo->uid_csd = uid;
145 vpninfo->uid_csd_given = silent?2:1;
146 vpninfo->csd_wrapper = wrapper;
149 void openconnect_set_client_cert (struct openconnect_info *vpninfo, char *cert, char *sslkey)
151 vpninfo->cert = cert;
153 vpninfo->sslkey = sslkey;
155 vpninfo->sslkey = cert;
158 OPENCONNECT_X509 *openconnect_get_peer_cert (struct openconnect_info *vpninfo)
160 return vpninfo->peer_cert;
163 int openconnect_get_port (struct openconnect_info *vpninfo)
165 return vpninfo->port;
168 char *openconnect_get_cookie (struct openconnect_info *vpninfo)
170 return vpninfo->cookie;
173 void openconnect_clear_cookie (struct openconnect_info *vpninfo)
176 memset(vpninfo->cookie, 0, strlen(vpninfo->cookie));
179 void openconnect_reset_ssl (struct openconnect_info *vpninfo)
181 openconnect_close_https(vpninfo);
182 if (vpninfo->peer_addr) {
183 free(vpninfo->peer_addr);
184 vpninfo->peer_addr = NULL;
186 if (vpninfo->https_ctx) {
187 SSL_CTX_free(vpninfo->https_ctx);
188 vpninfo->https_ctx = NULL;
192 int openconnect_parse_url (struct openconnect_info *vpninfo, char *url)
197 if (vpninfo->peer_addr) {
198 free(vpninfo->peer_addr);
199 vpninfo->peer_addr = NULL;
202 free(vpninfo->hostname);
203 vpninfo->hostname = NULL;
204 free(vpninfo->urlpath);
205 vpninfo->urlpath = NULL;
207 ret = internal_parse_url (url, &scheme, &vpninfo->hostname,
208 &vpninfo->port, &vpninfo->urlpath, 443);
211 vpn_progress(vpninfo, PRG_ERR,
212 _("Failed to parse server URL '%s'\n"),
216 if (scheme && strcmp(scheme, "https")) {
217 vpn_progress(vpninfo, PRG_ERR,
218 _("Only https:// permitted for server URL\n"));
225 void openconnect_set_cert_expiry_warning (struct openconnect_info *vpninfo,
228 vpninfo->cert_expire_warning = seconds;
231 void openconnect_set_cancel_fd (struct openconnect_info *vpninfo, int fd)
233 vpninfo->cancel_fd = fd;
236 const char *openconnect_get_version (void)
238 return openconnect_version_str;