mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 04:02:15 +02:00
Renamed VPN_CONNECTION_PROFILES -> VPN_BINDING_PROFILES for clarity
VPN Binding Profiles (previously committed as VPN Connection Profiles) contain information on an active VPN client session such as local VPN IPs, gateway, and DNS resolver addresses that can be directly used by higher-layer HTTP/REST-API clients to (a) ensure that sessions are routed over the VPN, and (b) privately use the VPN-server-pushed DNS resolvers without publishing them in /etc/resolv.conf. Signed-off-by: James Yonan <james@openvpn.net>
This commit is contained in:
parent
c48b3d8000
commit
b2df3ca663
@ -48,10 +48,10 @@ namespace openvpn {
|
||||
http_config_ = http_config();
|
||||
}
|
||||
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
HTTPContext(RandomAPI::Ptr rng,
|
||||
const int debug_level,
|
||||
const OptionList& opt) // for VPN connection profile
|
||||
const OptionList& opt) // for VPN binding profile
|
||||
: HTTPContext(rng, debug_level)
|
||||
{
|
||||
via_vpn_ = WS::ViaVPN::client_new_if_enabled(opt);
|
||||
@ -63,7 +63,7 @@ namespace openvpn {
|
||||
WS::ClientSet::TransactionSet::Ptr ts = new WS::ClientSet::TransactionSet;
|
||||
ts->host.host = std::move(host);
|
||||
ts->host.port = "443";
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
ts->host.via_vpn = via_vpn_;
|
||||
#endif
|
||||
ts->http_config = http_config_;
|
||||
@ -121,7 +121,7 @@ namespace openvpn {
|
||||
DigestFactory::Ptr digest_factory_;
|
||||
RandomAPI::Ptr rng_;
|
||||
WS::Client::Config::Ptr http_config_;
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
WS::ViaVPN::Ptr via_vpn_;
|
||||
#endif
|
||||
int debug_level_;
|
||||
|
@ -102,8 +102,8 @@ namespace openvpn {
|
||||
Nominal,
|
||||
AllowDefault,
|
||||
AllowEmpty,
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
AllowVPNClientConnectionProfile,
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
AllowVPNBindingProfile,
|
||||
#endif
|
||||
};
|
||||
|
||||
@ -161,11 +161,11 @@ namespace openvpn {
|
||||
}
|
||||
|
||||
// Modify protocol based on IP version of given address.
|
||||
// AllowVPNClientConnectionProfile tells us to support
|
||||
// AllowVPNBindingProfile tells us to support
|
||||
// special address case for WS::ViaVPN, where address
|
||||
// begins with '@' followed by a client connection
|
||||
// profile filename.
|
||||
if (!local && !is_vpn_client_connection_profile(load_mode, e))
|
||||
if (!local && !is_vpn_binding_profile(load_mode, e))
|
||||
{
|
||||
const std::string title = e.directive + " addr";
|
||||
const IP::Addr addr = IP::Addr(e.addr, title.c_str());
|
||||
@ -323,11 +323,11 @@ namespace openvpn {
|
||||
}
|
||||
|
||||
private:
|
||||
static bool is_vpn_client_connection_profile(const LoadMode load_mode,
|
||||
static bool is_vpn_binding_profile(const LoadMode load_mode,
|
||||
const Item& e)
|
||||
{
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
return load_mode == AllowVPNClientConnectionProfile
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
return load_mode == AllowVPNBindingProfile
|
||||
&& !e.addr.empty()
|
||||
&& e.addr[0] == '@';
|
||||
#else
|
||||
|
@ -74,9 +74,9 @@
|
||||
#include <openvpn/ws/httpcreds.hpp>
|
||||
#include <openvpn/ws/websocket.hpp>
|
||||
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
#ifdef USE_ASYNC_RESOLVE
|
||||
#error VPN_CONNECTION_PROFILES and USE_ASYNC_RESOLVE cannot be used together
|
||||
#error VPN_BINDING_PROFILES and USE_ASYNC_RESOLVE cannot be used together
|
||||
#endif
|
||||
#include <openvpn/ws/httpvpn.hpp>
|
||||
#include <openvpn/dns/dnscli.hpp>
|
||||
@ -231,8 +231,8 @@ namespace openvpn {
|
||||
std::string local_addr_alt; // alt local addr for different IP version (optional)
|
||||
std::string local_port; // bind to local port (optional)
|
||||
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
// use a VPN client connection profile to obtain hint
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
// use a VPN binding profile to obtain hint
|
||||
// and local_addr and possibly DNS resolvers as well
|
||||
ViaVPN::Ptr via_vpn;
|
||||
#endif
|
||||
@ -451,7 +451,7 @@ namespace openvpn {
|
||||
#else
|
||||
resolver.cancel();
|
||||
#endif
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
if (alt_resolve)
|
||||
alt_resolve->stop();
|
||||
#endif
|
||||
@ -670,8 +670,8 @@ namespace openvpn {
|
||||
// get new Host object
|
||||
host = http_host();
|
||||
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
// support VPN client connection profile
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
// support VPN binding profile
|
||||
Json::Value via_vpn_conf;
|
||||
if (host.via_vpn)
|
||||
via_vpn_conf = host.via_vpn->client_update_host(host);
|
||||
@ -755,7 +755,7 @@ namespace openvpn {
|
||||
#ifdef USE_ASYNC_RESOLVE
|
||||
async_resolve_name(host.host_transport(), host.port);
|
||||
#else
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
if (via_vpn_conf)
|
||||
{
|
||||
DNSClient::ResolverList::Ptr resolver_list(new DNSClient::ResolverList(via_vpn_conf));
|
||||
@ -1365,7 +1365,7 @@ namespace openvpn {
|
||||
#ifndef USE_ASYNC_RESOLVE
|
||||
openvpn_io::ip::tcp::resolver resolver;
|
||||
#endif
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
DNSClient::Context::Ptr alt_resolve;
|
||||
#endif
|
||||
Host host;
|
||||
|
@ -57,7 +57,7 @@
|
||||
#include <openvpn/ws/websocket.hpp>
|
||||
#include <openvpn/server/listenlist.hpp>
|
||||
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
#include <openvpn/ws/httpvpn.hpp>
|
||||
#endif
|
||||
|
||||
@ -833,7 +833,7 @@ namespace openvpn {
|
||||
Acceptor::TCP::Ptr a(new Acceptor::TCP(io_context));
|
||||
|
||||
// parse address/port of local endpoint
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
const IP::Addr ip_addr = ViaVPN::server_local_addr(listen_item, via_vpn_gw(listen_item.proto));
|
||||
#else
|
||||
const IP::Addr ip_addr(listen_item.addr, listen_item.directive);
|
||||
@ -1093,7 +1093,7 @@ namespace openvpn {
|
||||
return true;
|
||||
}
|
||||
|
||||
#ifdef VPN_CONNECTION_PROFILES
|
||||
#ifdef VPN_BINDING_PROFILES
|
||||
static ViaVPN::GatewayType via_vpn_gw(const Protocol& proto)
|
||||
{
|
||||
switch (proto())
|
||||
|
Loading…
Reference in New Issue
Block a user