user-profile is now allowed in per-user configuration

TODO

@@ -1,7 +1,5 @@
 Short term items:
 
-* Add user-profile to the group configured options.
-
 * Think for ways for ocserv to co-exist on the same system with
   an HTTPS server (while sharing the same port). A possible way is
   through sniproxy -for low-traffic sites.

src/ipc.proto

@@ -47,7 +47,7 @@ message auth_reply_msg
 	repeated string dns = 22;
 	repeated string nbns = 23;
 	optional bool no_udp = 24 [default = false];
-
+	optional string xml_config_file = 26;
 }
 
 /* RESUME_FETCH_REQ + RESUME_DELETE_REQ */

src/main-auth.c

@@ -106,6 +106,10 @@ int send_cookie_auth_reply(main_server_st* s, struct proc_st* proc,
 			msg.no_udp = proc->config.no_udp;
 		}
 
+		if (proc->config.xml_config_file != NULL) {
+			msg.xml_config_file = proc->config.xml_config_file;
+		}
+
 		msg.n_dns = proc->config.dns_size;
 		for (i=0;i<proc->config.dns_size;i++) {
 			mslog(s, proc, LOG_DEBUG, "sending dns '%s'", proc->config.dns[i]);

src/ocserv-args.def

@@ -391,7 +391,7 @@ route = 192.168.5.0/255.255.255.0
 # or the groupname.
 # The options allowed in the configuration files are dns, nbns,
 #  ipv?-network, ipv4-netmask, ipv6-prefix, rx/tx-per-sec, iroute, route,
-#  net-priority, deny-roaming, no-udp and cgroup.
+#  net-priority, deny-roaming, no-udp, user-profile, and cgroup.
 #
 # Note that the 'iroute' option allows to add routes on the server
 # based on a user or group. The syntax depends on the input accepted

src/sup-config/file.c

@@ -55,10 +55,11 @@ static struct cfg_options available_options[] = {
 	{ .name = "ipv6-network", .type = OPTION_STRING },
 	{ .name = "ipv4-netmask", .type = OPTION_STRING },
 	{ .name = "ipv6-prefix", .type = OPTION_NUMERIC },
-	{ .name = "rx-data-per-sec", .type = OPTION_NUMERIC, },
+	{ .name = "rx-data-per-sec", .type = OPTION_NUMERIC },
-	{ .name = "tx-data-per-sec", .type = OPTION_NUMERIC, },
+	{ .name = "tx-data-per-sec", .type = OPTION_NUMERIC },
-	{ .name = "net-priority", .type = OPTION_STRING, },
+	{ .name = "net-priority", .type = OPTION_STRING },
-	{ .name = "cgroup", .type = OPTION_STRING, },
+	{ .name = "cgroup", .type = OPTION_STRING },
+	{ .name = "user-profile", .type = OPTION_STRING },
 };
 
 #define READ_RAW_MULTI_LINE(name, s_name, num) { \
@@ -213,6 +214,8 @@ struct group_cfg_st *sconfig = &proc->config;
 	 * to allow having zero as uninitialized. */
 	READ_RAW_PRIO_TOS("net-priority", sconfig->net_priority);
 
+	READ_RAW_STRING("user-profile", sconfig->xml_config_file);
+
 	optionUnloadNested(pov);
 	
 	return 0;

src/vpn.h

@@ -143,6 +143,8 @@ struct group_cfg_st {
 	
 	char *cgroup;
 
+	char *xml_config_file;
+
 	size_t rx_per_sec;
 	size_t tx_per_sec;
 

src/worker-auth.c

@@ -568,6 +568,11 @@ static int recv_cookie_auth_reply(worker_st * ws)
 			if (msg->has_no_udp && msg->no_udp != 0)
 				ws->config->udp_port = 0;
 
+			if (msg->xml_config_file) {
+				talloc_free(ws->config->xml_config_file);
+				ws->config->xml_config_file = talloc_strdup(ws, msg->xml_config_file);
+			}
+
 			/* routes */
 			ws->routes = talloc_size(ws, msg->n_routes*sizeof(char*));
 			if (ws->routes != NULL) {