2 * OpenConnect (SSL + DTLS) VPN client
4 * Copyright © 2008-2011 Intel Corporation.
6 * Authors: David Woodhouse <dwmw2@infradead.org>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * version 2.1, as published by the Free Software Foundation.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to:
20 * Free Software Foundation, Inc.
21 * 51 Franklin Street, Fifth Floor,
22 * Boston, MA 02110-1301 USA
25 #include "openconnect-internal.h"
27 struct openconnect_info *openconnect_vpninfo_new_with_cbdata (char *useragent,
28 openconnect_validate_peer_cert_vfn validate_peer_cert,
29 openconnect_write_new_config_vfn write_new_config,
30 openconnect_process_auth_form_vfn process_auth_form,
31 openconnect_progress_vfn progress,
34 struct openconnect_info *vpninfo = calloc (sizeof(*vpninfo), 1);
38 vpninfo->cert_expire_warning = 60 * 86400;
39 vpninfo->useragent = openconnect_create_useragent (useragent);
40 vpninfo->validate_peer_cert = validate_peer_cert;
41 vpninfo->write_new_config = write_new_config;
42 vpninfo->process_auth_form = process_auth_form;
43 vpninfo->progress = progress;
44 vpninfo->cbdata = privdata?:vpninfo;
47 bindtextdomain("openconnect", LOCALEDIR);
53 struct openconnect_info *openconnect_vpninfo_new (char *useragent,
54 openconnect_validate_peer_cert_fn validate_peer_cert,
55 openconnect_write_new_config_fn write_new_config,
56 openconnect_process_auth_form_fn process_auth_form,
57 openconnect_progress_fn progress)
59 return openconnect_vpninfo_new_with_cbdata (useragent,
60 (void *)validate_peer_cert,
61 (void *)write_new_config,
62 (void *)process_auth_form,
63 (void *)progress, NULL);
66 static void free_optlist (struct vpn_option *opt)
68 struct vpn_option *next;
70 for (; opt; opt = next) {
78 void openconnect_vpninfo_free (struct openconnect_info *vpninfo)
80 openconnect_reset_ssl(vpninfo);
81 free_optlist(vpninfo->cookies);
82 free_optlist(vpninfo->cstp_options);
83 free_optlist(vpninfo->dtls_options);
84 free(vpninfo->hostname);
85 free(vpninfo->urlpath);
86 free(vpninfo->redirect_url);
87 free(vpninfo->proxy_type);
89 free(vpninfo->csd_scriptname);
90 free(vpninfo->csd_stuburl);
91 /* These are const in openconnect itself, but for consistency of
92 the library API we do take ownership of the strings we're given,
93 and thus we have to free them too. */
94 free((void *)vpninfo->cafile);
95 if (vpninfo->cert != vpninfo->sslkey)
96 free((void *)vpninfo->sslkey);
97 free((void *)vpninfo->cert);
98 /* No need to free deflate streams; they weren't initialised */
102 char *openconnect_get_hostname (struct openconnect_info *vpninfo)
104 return vpninfo->hostname;
107 void openconnect_set_hostname (struct openconnect_info *vpninfo, char *hostname)
109 vpninfo->hostname = hostname;
112 char *openconnect_get_urlpath (struct openconnect_info *vpninfo)
114 return vpninfo->urlpath;
117 void openconnect_set_urlpath (struct openconnect_info *vpninfo, char *urlpath)
119 vpninfo->urlpath = urlpath;
122 void openconnect_set_xmlsha1 (struct openconnect_info *vpninfo, char *xmlsha1, int size)
124 if (size != sizeof (vpninfo->xmlsha1))
127 memcpy (&vpninfo->xmlsha1, xmlsha1, size);
130 void openconnect_set_cafile (struct openconnect_info *vpninfo, char *cafile)
132 vpninfo->cafile = cafile;
135 void openconnect_setup_csd (struct openconnect_info *vpninfo, uid_t uid, int silent, char *wrapper)
137 vpninfo->uid_csd = uid;
138 vpninfo->uid_csd_given = silent?2:1;
139 vpninfo->csd_wrapper = wrapper;
142 void openconnect_set_client_cert (struct openconnect_info *vpninfo, char *cert, char *sslkey)
144 vpninfo->cert = cert;
146 vpninfo->sslkey = sslkey;
148 vpninfo->sslkey = cert;
151 struct x509_st *openconnect_get_peer_cert (struct openconnect_info *vpninfo)
153 return SSL_get_peer_certificate(vpninfo->https_ssl);
156 int openconnect_get_port (struct openconnect_info *vpninfo)
158 return vpninfo->port;
161 char *openconnect_get_cookie (struct openconnect_info *vpninfo)
163 return vpninfo->cookie;
166 void openconnect_clear_cookie (struct openconnect_info *vpninfo)
169 memset(vpninfo->cookie, 0, strlen(vpninfo->cookie));
172 void openconnect_reset_ssl (struct openconnect_info *vpninfo)
174 if (vpninfo->https_ssl) {
175 openconnect_close_https(vpninfo);
177 if (vpninfo->peer_addr) {
178 free(vpninfo->peer_addr);
179 vpninfo->peer_addr = NULL;
181 if (vpninfo->https_ctx) {
182 SSL_CTX_free(vpninfo->https_ctx);
183 vpninfo->https_ctx = NULL;
187 int openconnect_parse_url (struct openconnect_info *vpninfo, char *url)
189 if (vpninfo->peer_addr) {
190 free(vpninfo->peer_addr);
191 vpninfo->peer_addr = NULL;
194 return internal_parse_url (url, NULL, &vpninfo->hostname,
195 &vpninfo->port, &vpninfo->urlpath, 443);
198 void openconnect_set_cert_expiry_warning (struct openconnect_info *vpninfo,
201 vpninfo->cert_expire_warning = seconds;
204 const char *openconnect_get_version (void)
206 return openconnect_version;