1 /*
2  *  Copyright (C) 2015 Adrien Vergé
3  *
4  *  This program is free software: you can redistribute it and/or modify
5  *  it under the terms of the GNU General Public License as published by
6  *  the Free Software Foundation, either version 3 of the License, or
7  *  (at your option) any later version.
8  *
9  *  This program is distributed in the hope that it will be useful,
10  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
11  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  *  GNU General Public License for more details.
13  *
14  *  You should have received a copy of the GNU General Public License
15  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
16  *
17  *  In addition, as a special exception, the copyright holders give permission
18  *  to link the code of portions of this program with the OpenSSL library under
19  *  certain conditions as described in each individual source file, and
20  *  distribute linked combinations including the two.
21  *  You must obey the GNU General Public License in all respects for all of the
22  *  code used other than OpenSSL.  If you modify file(s) with this exception,
23  *  you may extend this exception to your version of the file(s), but you are
24  *  not obligated to do so.  If you do not wish to do so, delete this exception
25  *  statement from your version.  If you delete this exception statement from
26  *  all source files in the program, then also delete it here.
27  */
28 
29 #ifndef OPENFORTIVPN_TUNNEL_H
30 #define OPENFORTIVPN_TUNNEL_H
31 
32 #include "config.h"
33 #include "io.h"
34 #include "ipv4.h"
35 
36 #include <openssl/ssl.h>
37 #include <openssl/x509v3.h>
38 
39 #include <sys/types.h>
40 
41 #ifdef __clang__
42 /*
43  * Get rid of Mac OS X 10.7 and greater deprecation warnings
44  * see for instance https://wiki.openssl.org/index.php/Hostname_validation
45  * this pragma selectively suppresses this type of warnings in clang
46  */
47 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
48 #endif
49 
50 enum tunnel_state {
51 	STATE_DOWN,
52 	STATE_CONNECTING,
53 	STATE_UP,
54 	STATE_DISCONNECTING
55 };
56 
57 struct tunnel {
58 	struct vpn_config *config;
59 
60 	enum tunnel_state state;
61 	char cookie[COOKIE_SIZE + 1];
62 
63 	struct ppp_packet_pool ssl_to_pty_pool;
64 	struct ppp_packet_pool pty_to_ssl_pool;
65 
66 	pid_t	pppd_pid;
67 	pid_t	pppd_pty;
68 	char	ppp_iface[ROUTE_IFACE_LEN];
69 
70 	int	ssl_socket;
71 	SSL_CTX	*ssl_context;
72 	SSL	*ssl_handle;
73 
74 	struct ipv4_config ipv4;
75 
76 	int (*on_ppp_if_up)(struct tunnel *tunnel);
77 	int (*on_ppp_if_down)(struct tunnel *tunnel);
78 };
79 
80 struct token {
81 	const char *uri;
82 	X509 *cert;
83 };
84 
85 int ppp_interface_is_up(struct tunnel *tunnel);
86 
87 int ssl_connect(struct tunnel *tunnel);
88 
89 int run_tunnel(struct vpn_config *config);
90 
91 #define ARRAY_SIZE(x)	(sizeof(x) / sizeof((x)[0]))
92 
93 #endif
94