github
/
openvpn-gui
mirror of https://github.com/OpenVPN/openvpn-gui
1
0
Fork 0
Code Issues Releases Wiki Activity

Web-based extra authentication 

This adds support for web-based extra authentication, which may be
used by OpenVPN Cloud. When enabled and client sends IV_SSO=openurl,
server pushes Info command OPEN_URL:<url>. The client opens that URL and
user authenticates.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
pull/431/head
Lev Stipakov 2021-05-31 23:13:10 +03:00 committed by Selva Nair
parent e14287e93e
commit bb00d95f86
5 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
main.c
View File

@ -186,6 +186,7 @@ int WINAPI _tWinMain (HINSTANCE hThisInstance,
{ needstr_, OnNeedStr }, { needstr_, OnNeedStr },
{ echo_, OnEcho }, { echo_, OnEcho },
{ bytecount_,OnByteCount }, { bytecount_,OnByteCount },
{ infomsg_, OnInfoMsg },
{ 0, NULL } { 0, NULL }
}; };
InitManagement(handler); InitManagement(handler);

5
manage.c
View File

@ -332,6 +332,11 @@ OnManagement(SOCKET sk, LPARAM lParam)
if (rtmsg_handler[bytecount_]) if (rtmsg_handler[bytecount_])
rtmsg_handler[bytecount_](c, pos + 10); rtmsg_handler[bytecount_](c, pos + 10);
} }
else if (strncmp(pos, "INFOMSG:", 8) == 0)
{
if (rtmsg_handler[infomsg_])
rtmsg_handler[infomsg_](c, pos + 8);
}
} }
else if (c->manage.cmd_queue) else if (c->manage.cmd_queue)
{ {

1
manage.h
View File

@ -37,6 +37,7 @@ typedef enum {
needok_, needok_,
needstr_, needstr_,
pkcs11_id_count_, pkcs11_id_count_,
infomsg_,
mgmt_rtmsg_type_max mgmt_rtmsg_type_max
} mgmt_rtmsg_type; } mgmt_rtmsg_type;

21
openvpn.c
View File

@ -1281,6 +1281,25 @@ void OnByteCount(connection_t *c, char *msg)
LoadLocalizedString(IDS_NFO_BYTECOUNT, in, out)); LoadLocalizedString(IDS_NFO_BYTECOUNT, in, out));
} }
/*
* Handle INFOMSG from OpenVPN. At the moment in only handles
* "OPEN_URL:<url>" message used by web-based extra authentication.
*/
void OnInfoMsg(connection_t* c, char* msg)
{
PrintDebug(L"OnInfoMsg with msg = %S", msg);
if (strbegins(msg, "OPEN_URL:"))
{
wchar_t* url = Widen(msg + 9);
if (!open_url(url))
{
WriteStatusLog(c, L"GUI> ", L"Error: failed to open url from info msg", false);
}
free(url);
}
}
/* /*
* Break a long line into shorter segments * Break a long line into shorter segments
*/ */
@ -1986,7 +2005,7 @@ StartOpenVPN(connection_t *c)
/* Construct command line -- put log first */ /* Construct command line -- put log first */
_sntprintf_0(cmdline, _T("openvpn --log%s \"%s\" --config \"%s\" " _sntprintf_0(cmdline, _T("openvpn --log%s \"%s\" --config \"%s\" "
"--setenv IV_GUI_VER \"%S\" --service %s 0 --auth-retry interact " "--setenv IV_GUI_VER \"%S\" --setenv IV_SSO openurl --service %s 0 --auth-retry interact "
"--management %S %hd stdin --management-query-passwords %s" "--management %S %hd stdin --management-query-passwords %s"
"--management-hold"), "--management-hold"),
(o.log_append ? _T("-append") : _T("")), c->log_path, (o.log_append ? _T("-append") : _T("")), c->log_path,

1
openvpn.h
View File

@ -40,6 +40,7 @@ void OnNeedOk(connection_t *, char *);
void OnNeedStr(connection_t *, char *); void OnNeedStr(connection_t *, char *);
void OnEcho(connection_t *, char *); void OnEcho(connection_t *, char *);
void OnByteCount(connection_t *, char *); void OnByteCount(connection_t *, char *);
void OnInfoMsg(connection_t*, char*);
void ResetSavePasswords(connection_t *); void ResetSavePasswords(connection_t *);