From 40c9a094a717c96ddc24764bb547f3c2c5590e66 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Tue, 5 Feb 2013 21:21:40 +0100 Subject: [PATCH] store hostname of the user, and pass it to scripts. --- src/cookies.h | 1 + src/ipc.h | 1 + src/main-auth.c | 4 ++++ src/main-script.c | 4 ++-- src/main.h | 1 + src/ocserv-args.c | 2 +- src/ocserv-args.def | 5 +++-- src/ocserv-args.h | 2 +- src/sample.config | 3 ++- src/worker-auth.c | 4 ++++ 10 files changed, 20 insertions(+), 7 deletions(-) diff --git a/src/cookies.h b/src/cookies.h index 420ce85a..369dfd84 100644 --- a/src/cookies.h +++ b/src/cookies.h @@ -5,6 +5,7 @@ struct __attribute__ ((__packed__)) stored_cookie_st { char username[MAX_USERNAME_SIZE]; + char hostname[MAX_USERNAME_SIZE]; uint8_t session_id[GNUTLS_MAX_SESSION_ID]; time_t expiration; }; diff --git a/src/ipc.h b/src/ipc.h index dc92c19d..9182f130 100644 --- a/src/ipc.h +++ b/src/ipc.h @@ -45,6 +45,7 @@ struct __attribute__ ((__packed__)) cmd_auth_req_st { char pass[MAX_PASSWORD_SIZE]; uint8_t tls_auth_ok; char cert_user[MAX_USERNAME_SIZE]; + char hostname[MAX_HOSTNAME_SIZE]; }; /* AUTH_REP */ diff --git a/src/main-auth.c b/src/main-auth.c index 63451d84..e177c977 100644 --- a/src/main-auth.c +++ b/src/main-auth.c @@ -139,6 +139,7 @@ struct stored_cookie_st sc; sc.expiration = time(0) + s->config->cookie_validity; memcpy(sc.username, proc->username, sizeof(sc.username)); + memcpy(sc.hostname, proc->hostname, sizeof(sc.hostname)); memcpy(sc.session_id, proc->session_id, sizeof(sc.session_id)); ret = store_cookie(s->config, proc->cookie, sizeof(proc->cookie), &sc); @@ -179,6 +180,9 @@ unsigned username_set = 0; } if (ret == 0) { /* open tun */ + if (req->hostname[0] != 0) + memcpy(proc->hostname, req->hostname, MAX_HOSTNAME_SIZE); + ret = open_tun(s->config, s->tun, lease); if (ret < 0) ret = -1; /* sorry */ diff --git a/src/main-script.c b/src/main-script.c index 32618fdb..589a4a37 100644 --- a/src/main-script.c +++ b/src/main-script.c @@ -79,7 +79,7 @@ int ret; } ret = execlp(s->config->disconnect_script, s->config->disconnect_script, - proc->username, proc->lease->name, real, local, remote, NULL); + proc->username, proc->hostname, proc->lease->name, real, local, remote, NULL); if (ret == -1) exit(1); @@ -126,7 +126,7 @@ int ret, status; } ret = execlp(s->config->connect_script, s->config->connect_script, - proc->username, lease->name, real, local, remote, NULL); + proc->username, proc->hostname, lease->name, real, local, remote, NULL); if (ret == -1) exit(1); diff --git a/src/main.h b/src/main.h index 811bccbe..83f7367d 100644 --- a/src/main.h +++ b/src/main.h @@ -23,6 +23,7 @@ struct proc_list_st { struct sockaddr_storage remote_addr; /* peer address */ socklen_t remote_addr_len; char username[MAX_USERNAME_SIZE]; /* the owner */ + char hostname[MAX_HOSTNAME_SIZE]; /* the requested hostname */ uint8_t cookie[COOKIE_SIZE]; /* the cookie associated with the session */ uint8_t session_id[GNUTLS_MAX_SESSION_ID]; diff --git a/src/ocserv-args.c b/src/ocserv-args.c index d478b759..80418b42 100644 --- a/src/ocserv-args.c +++ b/src/ocserv-args.c @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (ocserv-args.c) * - * It has been AutoGen-ed February 5, 2013 at 09:03:24 PM by AutoGen 5.16 + * It has been AutoGen-ed February 5, 2013 at 09:21:04 PM by AutoGen 5.16 * From the definitions ocserv-args.def * and the template file options * diff --git a/src/ocserv-args.def b/src/ocserv-args.def index 85201358..7925d3d6 100644 --- a/src/ocserv-args.def +++ b/src/ocserv-args.def @@ -99,7 +99,8 @@ auth-timeout = 40 cookie-validity = 14400 # Script to call when a client connects and obtains an IP -# Parameters: username device IP-REAL IP-LOCAL IP-REMOTE +# Parameters: username hostname device IP-REAL IP-LOCAL IP-REMOTE +# hostname is the hostname selected by the client # IP-REAL is the remote IP of the client, # IP-LOCAL is the local IP in the P-t-P connection and IP-REMOTE # is the VPN client IP. @@ -129,7 +130,7 @@ ipv4-dns = local # Leave empty to assign the default MTU of the device # mtu = -route = 192.168.2.0/255.255.255.0 +route = 192.168.1.0/255.255.255.0 route = 192.168.5.0/255.255.255.0 @end example diff --git a/src/ocserv-args.h b/src/ocserv-args.h index 2f05c89e..7fcbdc79 100644 --- a/src/ocserv-args.h +++ b/src/ocserv-args.h @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (ocserv-args.h) * - * It has been AutoGen-ed February 5, 2013 at 09:03:24 PM by AutoGen 5.16 + * It has been AutoGen-ed February 5, 2013 at 09:21:04 PM by AutoGen 5.16 * From the definitions ocserv-args.def * and the template file options * diff --git a/src/sample.config b/src/sample.config index e1ea4ade..ade5fdbc 100644 --- a/src/sample.config +++ b/src/sample.config @@ -59,7 +59,8 @@ run-as-group = nogroup device = vpns # Script to call when a client connects and obtains an IP -# Parameters: username device IP-REAL IP-LOCAL IP-REMOTE +# Parameters: username hostname device IP-REAL IP-LOCAL IP-REMOTE +# hostname is the hostname selected by the client # IP-REAL is the remote IP of the client, # IP-LOCAL is the local IP in the P-t-P connection and IP-REMOTE # is the VPN client IP. diff --git a/src/worker-auth.c b/src/worker-auth.c index 24b371fa..1a56413a 100644 --- a/src/worker-auth.c +++ b/src/worker-auth.c @@ -343,6 +343,10 @@ struct cmd_auth_req_st areq; snprintf(areq.user, sizeof(areq.user), "%s", username); snprintf(areq.pass, sizeof(areq.pass), "%s", password); } + + if (req->hostname[0] != 0) { + memcpy(areq.hostname, req->hostname, sizeof(areq.hostname)); + } ret = auth_user(ws, &areq); if (ret < 0) {