mirror/openvpn
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-20 03:52:28 +02:00
Code
fa79609614
openvpn/doc
History
Arne Schwabe fa79609614 Check PRF availability on initialisation and add --force-tls-key-material-export 
We now warn a user if the TLS 1.0 PRF is not supported by the cryptographic
library of the system. Also add the option --force-tls-key-material-export
that automatically rejects clients that do not support TLS Keying Material
Export and automatically enable it when TLS 1.0 PRF support is not available.

Change-Id: I04f8c7c413e7cb62c726262feee6ca89c7e86c70
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20240104140214.32196-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27924.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2024-01-04 15:26:48 +01:00
..
doxygen dist: Include all documentation in distribution 2023-06-21 14:35:19 +02:00
man-sections Check PRF availability on initialisation and add --force-tls-key-material-export 2024-01-04 15:26:48 +01:00
tests sample-plugin: New plugin for testing multiple auth plugins 2022-03-15 16:29:22 +01:00
android.txt Update android.txt to reflect more recent changes. 2022-09-12 09:10:23 +02:00
CMakeLists.txt CMake: Support doc builds on Windows machines that do not have .py file association 2023-07-06 13:52:24 +02:00
gui-notes.txt Document common uses of 'echo' directive, re-enable logging for 'echo'. 2021-01-20 20:18:07 +01:00
interactive-service-notes.rst Add Interactive Service developer documentation 2018-06-09 20:14:26 +02:00
keying-material-exporter.txt Fix various spelling mistakes 2019-02-06 19:07:34 +01:00
Makefile.am CMake: Add complete MinGW and MSVC build 2023-06-27 18:07:03 +02:00
management-notes.txt Make sending plain text control message session aware 2023-03-20 17:15:38 +01:00
openvpn-examples.5.rst Add detailed man page section to setup a OpenVPN setup with peer-fingerprint 2021-08-01 19:47:44 +02:00
openvpn.8.rst Update the last sections in the man page to a be a bit less outdated 2023-02-14 14:03:45 +01:00
README.man doc/man: convert openvpn.8 to split-up .rst files 2020-07-17 11:23:18 +02:00
README.plugins build: integrate plugins build into core build 2012-06-26 11:29:02 +02:00
tls-crypt-v2.txt Implement HMAC based session id for tls-crypt v2 2022-05-06 14:16:05 +02:00

README.plugins 

OpenVPN Plugins
---------------

Starting with OpenVPN 2.0-beta17, compiled plugin modules are
supported on any *nix OS which includes libdl or on Windows.
One or more modules may be loaded into OpenVPN using
the --plugin directive, and each plugin module is capable of
intercepting any of the script callbacks which OpenVPN supports:

(1) up
(2) down
(3) route-up
(4) ipchange
(5) tls-verify
(6) auth-user-pass-verify
(7) client-connect
(8) client-disconnect
(9) learn-address

See the openvpn-plugin.h file in the top-level directory of the
OpenVPN source distribution for more detailed information
on the plugin interface.

Included Plugins
----------------

auth-pam -- Authenticate using PAM and a split privilege
            execution model which functions even if
            root privileges or the execution environment
            have been altered with --user/--group/--chroot.
            Tested on Linux only.

down-root -- Enable the running of down scripts with root privileges
             even if --user/--group/--chroot have been used
             to drop root privileges or change the execution
             environment.  Not applicable on Windows.

examples -- A simple example that demonstrates a portable
            plugin, i.e. one which can be built for *nix
            or Windows from the same source.

Building Plugins
----------------

cd to the top-level directory of a plugin, and use the
"make" command to build it.  The examples plugin is
built using a build script, not a makefile.