1 /* 2 * Copyright (C) 2015 Adrien Vergé 3 * 4 * This program is free software: you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, either version 3 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <http://www.gnu.org/licenses/>. 16 * 17 * In addition, as a special exception, the copyright holders give permission 18 * to link the code of portions of this program with the OpenSSL library under 19 * certain conditions as described in each individual source file, and 20 * distribute linked combinations including the two. 21 * You must obey the GNU General Public License in all respects for all of the 22 * code used other than OpenSSL. If you modify file(s) with this exception, 23 * you may extend this exception to your version of the file(s), but you are 24 * not obligated to do so. If you do not wish to do so, delete this exception 25 * statement from your version. If you delete this exception statement from 26 * all source files in the program, then also delete it here. 27 */ 28 29 #ifndef OPENFORTIVPN_TUNNEL_H 30 #define OPENFORTIVPN_TUNNEL_H 31 32 #include "config.h" 33 #include "io.h" 34 #include "ipv4.h" 35 36 #include <openssl/ssl.h> 37 #include <openssl/x509v3.h> 38 39 #include <sys/types.h> 40 41 #ifdef __clang__ 42 /* 43 * Get rid of Mac OS X 10.7 and greater deprecation warnings 44 * see for instance https://wiki.openssl.org/index.php/Hostname_validation 45 * this pragma selectively suppresses this type of warnings in clang 46 */ 47 #pragma clang diagnostic ignored "-Wdeprecated-declarations" 48 #endif 49 50 enum tunnel_state { 51 STATE_DOWN, 52 STATE_CONNECTING, 53 STATE_UP, 54 STATE_DISCONNECTING 55 }; 56 57 struct tunnel { 58 struct vpn_config *config; 59 60 enum tunnel_state state; 61 char cookie[COOKIE_SIZE + 1]; 62 63 struct ppp_packet_pool ssl_to_pty_pool; 64 struct ppp_packet_pool pty_to_ssl_pool; 65 66 pid_t pppd_pid; 67 pid_t pppd_pty; 68 char ppp_iface[ROUTE_IFACE_LEN]; 69 70 int ssl_socket; 71 SSL_CTX *ssl_context; 72 SSL *ssl_handle; 73 74 struct ipv4_config ipv4; 75 76 int (*on_ppp_if_up)(struct tunnel *tunnel); 77 int (*on_ppp_if_down)(struct tunnel *tunnel); 78 }; 79 80 struct token { 81 const char *uri; 82 X509 *cert; 83 }; 84 85 int ppp_interface_is_up(struct tunnel *tunnel); 86 87 int ssl_connect(struct tunnel *tunnel); 88 89 int run_tunnel(struct vpn_config *config); 90 91 #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) 92 93 #endif 94