1 /*
2  *  OpenVPN -- An application to securely tunnel IP networks
3  *             over a single TCP/UDP port, with support for SSL/TLS-based
4  *             session authentication and key exchange,
5  *             packet encryption, packet authentication, and
6  *             packet compression.
7  *
8  *  Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  *  This program is free software; you can redistribute it and/or modify
11  *  it under the terms of the GNU General Public License version 2
12  *  as published by the Free Software Foundation.
13  *
14  *  This program is distributed in the hope that it will be useful,
15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  *  GNU General Public License for more details.
18  *
19  *  You should have received a copy of the GNU General Public License along
20  *  with this program; if not, write to the Free Software Foundation, Inc.,
21  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifndef PUSH_H
25 #define PUSH_H
26 
27 #include "forward.h"
28 
29 #define PUSH_MSG_ERROR            0
30 #define PUSH_MSG_REQUEST          1
31 #define PUSH_MSG_REPLY            2
32 #define PUSH_MSG_REQUEST_DEFERRED 3
33 #define PUSH_MSG_AUTH_FAILURE     4
34 #define PUSH_MSG_CONTINUATION     5
35 #define PUSH_MSG_ALREADY_REPLIED  6
36 
37 int process_incoming_push_request(struct context *c);
38 
39 int process_incoming_push_msg(struct context *c,
40                               const struct buffer *buffer,
41                               bool honor_received_options,
42                               unsigned int permission_mask,
43                               unsigned int *option_types_found);
44 
45 bool send_push_request(struct context *c);
46 
47 void receive_auth_failed(struct context *c, const struct buffer *buffer);
48 
49 void server_pushed_signal(struct context *c, const struct buffer *buffer, const bool restart, const int adv);
50 
51 void server_pushed_info(struct context *c, const struct buffer *buffer,
52                         const int adv);
53 
54 void receive_cr_response(struct context *c, const struct buffer *buffer);
55 
56 void incoming_push_message(struct context *c, const struct buffer *buffer);
57 
58 void clone_push_list(struct options *o);
59 
60 void push_option(struct options *o, const char *opt, int msglevel);
61 
62 void push_options(struct options *o, char **p, int msglevel,
63                   struct gc_arena *gc);
64 
65 void push_reset(struct options *o);
66 
67 void push_remove_option(struct options *o, const char *p);
68 
69 void remove_iroutes_from_push_route_list(struct options *o);
70 
71 void send_auth_failed(struct context *c, const char *client_reason);
72 
73 /**
74  * Sends the auth pending control messages to a client. See
75  * doc/management-notes.txt under client-pending-auth for
76  * more details on message format
77  */
78 bool
79 send_auth_pending_messages(struct tls_multi *tls_multi, const char *extra,
80                            unsigned int timeout);
81 
82 void send_restart(struct context *c, const char *kill_msg);
83 
84 /**
85  * Sends a push reply message only containin the auth-token to update
86  * the auth-token on the client
87  *
88  * @param multi  - The tls_multi structure belonging to the instance to push to
89  */
90 void send_push_reply_auth_token(struct tls_multi *multi);
91 
92 /**
93  * Parses an AUTH_PENDING message and if in pull mode extends the timeout
94  *
95  * @param c             The context struct
96  * @param buffer        Buffer containing the control message with AUTH_PENDING
97  */
98 void
99 receive_auth_pending(struct context *c, const struct buffer *buffer);
100 
101 #endif /* ifndef PUSH_H */
102