This probably makes sense, lots of good refactorings. That said, I'd
like to know how you selected what goes to platform.c?
--
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc
irc freenode net: mattock
> + Some fixups within the platform.c functions.
> - need to check environment set on Windows.
>
> Signed-off-by: Alon Bar-Lev <alon.bar...@gmail.com>
> ---
> src/openvpn/Makefile.am | 1 +
> src/openvpn/buffer.c | 2 +-
> src/openvpn/crypto.c | 6 +-
> src/openvpn/error.c | 2 +-
> src/openvpn/init.c | 18 +-
> src/openvpn/manage.c | 16 +-
> src/openvpn/misc.c | 295 ++----------------------------------
> src/openvpn/misc.h | 106 +-------------
> src/openvpn/mstats.c | 2 +-
> src/openvpn/multi.c | 2 +-
> src/openvpn/openvpn.h | 4 +-
> src/openvpn/openvpn.vcproj | 8 +
> src/openvpn/options.c | 14 +-
> src/openvpn/packet_id.c | 2 +-
> src/openvpn/pf.c | 6 +-
> src/openvpn/platform.c | 369
> ++++++++++++++++++++++++++++++++++++++++++++
> src/openvpn/platform.h | 142 +++++++++++++++++
> src/openvpn/ps.c | 2 +-
> src/openvpn/ssl_openssl.c | 2 +-
> src/openvpn/ssl_verify.c | 8 +-
> src/openvpn/status.c | 6 +-
> src/openvpn/tun.c | 12 +-
> src/openvpn/win32.c | 27 ----
> 23 files changed, 584 insertions(+), 468 deletions(-)
> create mode 100644 src/openvpn/platform.c
> create mode 100644 src/openvpn/platform.h
>
> diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am
> index 333eebc..6ba12b8 100644
> --- a/src/openvpn/Makefile.am
> +++ b/src/openvpn/Makefile.am
> @@ -58,6 +58,7 @@ openvpn_SOURCES = \
> mbuf.c mbuf.h \
> memdbg.h \
> misc.c misc.h \
> + platform.c platform.h \
> console.c console.h \
> mroute.c mroute.h \
> mss.c mss.h \
> diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c
> index ad30223..5eee3ee 100644
> --- a/src/openvpn/buffer.c
> +++ b/src/openvpn/buffer.c
> @@ -1080,7 +1080,7 @@ buffer_list_advance (struct buffer_list *ol, int n)
> struct buffer_list *
> buffer_list_file (const char *fn, int max_line_len)
> {
> - FILE *fp = openvpn_fopen (fn, "r");
> + FILE *fp = platform_fopen (fn, "r");
> struct buffer_list *bl = NULL;
>
> if (fp)
> diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
> index 2e2e5d7..f811966 100644
> --- a/src/openvpn/crypto.c
> +++ b/src/openvpn/crypto.c
> @@ -868,7 +868,7 @@ read_key_file (struct key2 *key2, const char *file, const
> unsigned int flags)
> #endif
> {
> in = alloc_buf_gc (2048, &gc);
> - fd = openvpn_open (file, O_RDONLY, 0);
> + fd = platform_open (file, O_RDONLY, 0);
> if (fd == -1)
> msg (M_ERR, "Cannot open file key file '%s'", file);
> size = read (fd, in.data, in.capacity);
> @@ -1029,7 +1029,7 @@ read_passphrase_hash (const char *passphrase_file,
> const int min_passphrase_size = 8;
> uint8_t buf[64];
> int total_size = 0;
> - int fd = openvpn_open (passphrase_file, O_RDONLY, 0);
> + int fd = platform_open (passphrase_file, O_RDONLY, 0);
>
> if (fd == -1)
> msg (M_ERR, "Cannot open passphrase file: '%s'", passphrase_file);
> @@ -1079,7 +1079,7 @@ write_key_file (const int nkeys, const char *filename)
> const int bytes_per_line = 16;
>
> /* open key file */
> - fd = openvpn_open (filename, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR |
> S_IWUSR);
> + fd = platform_open (filename, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR |
> S_IWUSR);
>
> if (fd == -1)
> msg (M_ERR, "Cannot open shared secret file '%s' for write", filename);
> diff --git a/src/openvpn/error.c b/src/openvpn/error.c
> index 1f2dd86..d6ad639 100644
> --- a/src/openvpn/error.c
> +++ b/src/openvpn/error.c
> @@ -640,7 +640,7 @@ x_check_status (int status,
> my_errno);
>
> if (x_cs_err_delay_ms)
> - sleep_milliseconds (x_cs_err_delay_ms);
> + platform_sleep_milliseconds (x_cs_err_delay_ms);
> }
> gc_free (&gc);
> }
> diff --git a/src/openvpn/init.c b/src/openvpn/init.c
> index bba3cf8..bc7718e 100644
> --- a/src/openvpn/init.c
> +++ b/src/openvpn/init.c
> @@ -935,7 +935,7 @@ do_genkey (const struct options * options)
> "shared secret output file (--secret)");
>
> if (options->mlock) /* should we disable paging? */
> - do_mlockall (true);
> + platform_mlockall (true);
>
> nbits_written = write_key_file (2, options->shared_secret_file);
>
> @@ -1022,7 +1022,7 @@ do_uid_gid_chroot (struct context *c, bool no_delay)
> if (c->options.chroot_dir)
> {
> if (no_delay)
> - do_chroot (c->options.chroot_dir);
> + platform_chroot (c->options.chroot_dir);
> else
> msg (M_INFO, "NOTE: chroot %s", why_not);
> }
> @@ -1030,8 +1030,8 @@ do_uid_gid_chroot (struct context *c, bool no_delay)
> /* set user and/or group that we want to setuid/setgid to */
> if (no_delay)
> {
> - set_group (&c0->group_state);
> - set_user (&c0->user_state);
> + platform_group_set (&c0->platform_state_group);
> + platform_user_set (&c0->platform_state_user);
> c0->uid_gid_set = true;
> }
> else if (c0->uid_gid_specified)
> @@ -2780,8 +2780,8 @@ do_init_first_time (struct context *c)
>
> /* get user and/or group that we want to setuid/setgid to */
> c0->uid_gid_specified =
> - get_group (c->options.groupname, &c0->group_state) |
> - get_user (c->options.username, &c0->user_state);
> + platform_group_get (c->options.groupname, &c0->platform_state_group) |
> + platform_user_get (c->options.username, &c0->platform_state_user);
>
> /* get --writepid file descriptor */
> get_pid_file (c->options.writepid, &c0->pid_state);
> @@ -2791,13 +2791,13 @@ do_init_first_time (struct context *c)
>
> /* should we disable paging? */
> if (c->options.mlock && c->did_we_daemonize)
> - do_mlockall (true); /* call again in case we daemonized */
> + platform_mlockall (true); /* call again in case we daemonized */
>
> /* save process ID in a file */
> write_pid (&c0->pid_state);
>
> /* should we change scheduling priority? */
> - set_nice (c->options.nice);
> + platform_nice (c->options.nice);
> }
> }
>
> @@ -3342,7 +3342,7 @@ init_instance (struct context *c, const struct env_set
> *env, const unsigned int
>
> /* should we disable paging? */
> if (c->first_time && options->mlock)
> - do_mlockall (true);
> + platform_mlockall (true);
>
> #if P2MP
> /* get passwords if undefined */
> diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
> index 85c9aca..1dddd41 100644
> --- a/src/openvpn/manage.c
> +++ b/src/openvpn/manage.c
> @@ -1146,7 +1146,7 @@ man_dispatch_command (struct management *man, struct
> status_output *so, const ch
> }
> else if (streq (p[0], "pid"))
> {
> - msg (M_CLIENT, "SUCCESS: pid=%d", openvpn_getpid ());
> + msg (M_CLIENT, "SUCCESS: pid=%d", platform_getpid ());
> }
> #ifdef MANAGEMENT_DEF_AUTH
> else if (streq (p[0], "nclients"))
> @@ -1429,7 +1429,7 @@ man_record_peer_info (struct management *man)
> {
> const in_addr_t a = ntohl (addr.sin_addr.s_addr);
> const int p = ntohs (addr.sin_port);
> - FILE *fp = openvpn_fopen (man->settings.write_peer_info_file,
> "w");
> + FILE *fp = platform_fopen (man->settings.write_peer_info_file,
> "w");
> if (fp)
> {
> fprintf (fp, "%s\n%d\n", print_in_addr_t (a, 0, &gc), p);
> @@ -2013,17 +2013,17 @@ man_settings_init (struct man_settings *ms,
> */
> if (client_user)
> {
> - struct user_state s;
> - get_user (client_user, &s);
> - ms->client_uid = user_state_uid (&s);
> + struct platform_state_user s;
> + platform_user_get (client_user, &s);
> + ms->client_uid = platform_state_user_uid (&s);
> msg (D_MANAGEMENT, "MANAGEMENT: client_uid=%d", ms->client_uid);
> ASSERT (ms->client_uid >= 0);
> }
> if (client_group)
> {
> - struct group_state s;
> - get_group (client_group, &s);
> - ms->client_gid = group_state_gid (&s);
> + struct platform_state_group s;
> + platform_group_get (client_group, &s);
> + ms->client_gid = platform_state_group_gid (&s);
> msg (D_MANAGEMENT, "MANAGEMENT: client_gid=%d", ms->client_gid);
> ASSERT (ms->client_gid >= 0);
> }
> diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
> index 2571194..2ded9bf 100644
> --- a/src/openvpn/misc.c
> +++ b/src/openvpn/misc.c
> @@ -56,122 +56,6 @@ int script_security = SSEC_BUILT_IN; /* GLOBAL */
> /* contains SM_x value defined in misc.h */
> int script_method = SM_EXECVE; /* GLOBAL */
>
> -/* Redefine the top level directory of the filesystem
> - to restrict access to files for security */
> -void
> -do_chroot (const char *path)
> -{
> - if (path)
> - {
> -#ifdef HAVE_CHROOT
> - const char *top = "/";
> - if (chroot (path))
> - msg (M_ERR, "chroot to '%s' failed", path);
> - if (openvpn_chdir (top))
> - msg (M_ERR, "cd to '%s' failed", top);
> - msg (M_INFO, "chroot to '%s' and cd to '%s' succeeded", path, top);
> -#else
> - msg (M_FATAL, "Sorry but I can't chroot to '%s' because this operating
> system doesn't appear to support the chroot() system call", path);
> -#endif
> - }
> -}
> -
> -/* Get/Set UID of process */
> -
> -bool
> -get_user (const char *username, struct user_state *state)
> -{
> - bool ret = false;
> - CLEAR (*state);
> - if (username)
> - {
> -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> - state->pw = getpwnam (username);
> - if (!state->pw)
> - msg (M_ERR, "failed to find UID for user %s", username);
> - state->username = username;
> - ret = true;
> -#else
> - msg (M_FATAL, "cannot get UID for user %s -- platform lacks
> getpwname() or setuid() system calls", username);
> -#endif
> - }
> - return ret;
> -}
> -
> -void
> -set_user (const struct user_state *state)
> -{
> -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> - if (state->username && state->pw)
> - {
> - if (setuid (state->pw->pw_uid))
> - msg (M_ERR, "setuid('%s') failed", state->username);
> - msg (M_INFO, "UID set to %s", state->username);
> - }
> -#endif
> -}
> -
> -/* Get/Set GID of process */
> -
> -bool
> -get_group (const char *groupname, struct group_state *state)
> -{
> - bool ret = false;
> - CLEAR (*state);
> - if (groupname)
> - {
> -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> - state->gr = getgrnam (groupname);
> - if (!state->gr)
> - msg (M_ERR, "failed to find GID for group %s", groupname);
> - state->groupname = groupname;
> - ret = true;
> -#else
> - msg (M_FATAL, "cannot get GID for group %s -- platform lacks
> getgrnam() or setgid() system calls", groupname);
> -#endif
> - }
> - return ret;
> -}
> -
> -void
> -set_group (const struct group_state *state)
> -{
> -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> - if (state->groupname && state->gr)
> - {
> - if (setgid (state->gr->gr_gid))
> - msg (M_ERR, "setgid('%s') failed", state->groupname);
> - msg (M_INFO, "GID set to %s", state->groupname);
> -#ifdef HAVE_SETGROUPS
> - {
> - gid_t gr_list[1];
> - gr_list[0] = state->gr->gr_gid;
> - if (setgroups (1, gr_list))
> - msg (M_ERR, "setgroups('%s') failed", state->groupname);
> - }
> -#endif
> - }
> -#endif
> -}
> -
> -/* Change process priority */
> -void
> -set_nice (int niceval)
> -{
> - if (niceval)
> - {
> -#ifdef HAVE_NICE
> - errno = 0;
> - if (nice (niceval) < 0 && errno != 0)
> - msg (M_WARN | M_ERRNO, "WARNING: nice %d failed: %s", niceval,
> strerror(errno));
> - else
> - msg (M_INFO, "nice %d succeeded", niceval);
> -#else
> - msg (M_WARN, "WARNING: nice %d failed (function not implemented)",
> niceval);
> -#endif
> - }
> -}
> -
> /*
> * Pass tunnel endpoint and MTU parms to a user-supplied script.
> * Used to execute the up/down script/plugins.
> @@ -253,7 +137,7 @@ get_pid_file (const char* filename, struct pid_state
> *state)
> CLEAR (*state);
> if (filename)
> {
> - state->fp = openvpn_fopen (filename, "w");
> + state->fp = platform_fopen (filename, "w");
> if (!state->fp)
> msg (M_ERR, "Open error on pid file %s", filename);
> state->filename = filename;
> @@ -266,42 +150,13 @@ write_pid (const struct pid_state *state)
> {
> if (state->filename && state->fp)
> {
> - unsigned int pid = openvpn_getpid ();
> + unsigned int pid = platform_getpid ();
> fprintf(state->fp, "%u\n", pid);
> if (fclose (state->fp))
> msg (M_ERR, "Close error on pid file %s", state->filename);
> }
> }
>
> -/* Get current PID */
> -unsigned int
> -openvpn_getpid ()
> -{
> -#ifdef WIN32
> - return (unsigned int) GetCurrentProcessId ();
> -#else
> -#ifdef HAVE_GETPID
> - return (unsigned int) getpid ();
> -#else
> - return 0;
> -#endif
> -#endif
> -}
> -
> -/* Disable paging */
> -void
> -do_mlockall(bool print_msg)
> -{
> -#ifdef HAVE_MLOCKALL
> - if (mlockall (MCL_CURRENT | MCL_FUTURE))
> - msg (M_WARN | M_ERRNO, "WARNING: mlockall call failed");
> - else if (print_msg)
> - msg (M_INFO, "mlockall call succeeded");
> -#else
> - msg (M_WARN, "WARNING: mlockall call failed (function not implemented)");
> -#endif
> -}
> -
> /*
> * Set standard file descriptors to /dev/null
> */
> @@ -325,27 +180,6 @@ set_std_files_to_null (bool stdin_only)
> }
>
> /*
> - * Wrapper for chdir library function
> - */
> -int
> -openvpn_chdir (const char* dir)
> -{
> -#ifdef HAVE_CHDIR
> -#ifdef WIN32
> - int res;
> - struct gc_arena gc = gc_new ();
> - res = _wchdir (wide_string (dir, &gc));
> - gc_free (&gc);
> - return res;
> -#else
> - return chdir (dir);
> -#endif
> -#else
> - return -1;
> -#endif
> -}
> -
> -/*
> * dup inetd/xinetd socket descriptor and save
> */
>
> @@ -391,32 +225,6 @@ warn_if_group_others_accessible (const char* filename)
> }
>
> /*
> - * convert system() return into a success/failure value
> - */
> -bool
> -system_ok (int stat)
> -{
> -#ifdef WIN32
> - return stat == 0;
> -#else
> - return stat != -1 && WIFEXITED (stat) && WEXITSTATUS (stat) == 0;
> -#endif
> -}
> -
> -/*
> - * did system() call execute the given command?
> - */
> -bool
> -system_executed (int stat)
> -{
> -#ifdef WIN32
> - return stat != -1;
> -#else
> - return stat != -1 && WEXITSTATUS (stat) != 127;
> -#endif
> -}
> -
> -/*
> * Print an error message based on the status code returned by system().
> */
> const char *
> @@ -456,7 +264,7 @@ openvpn_execve_check (const struct argv *a, const struct
> env_set *es, const unsi
> const int stat = openvpn_execve (a, es, flags);
> int ret = false;
>
> - if (system_ok (stat))
> + if (platform_system_ok (stat))
> ret = true;
> else
> {
> @@ -554,7 +362,6 @@ openvpn_system (const char *command, const struct env_set
> *es, unsigned int flag
> {
> #ifdef HAVE_SYSTEM
> int ret;
> - struct gc_arena gc;
>
> perf_push (PERF_SCRIPT);
>
> @@ -573,13 +380,7 @@ openvpn_system (const char *command, const struct
> env_set *es, unsigned int flag
> /*
> * execute the command
> */
> -#ifdef WIN32
> - gc = gc_new ();
> - ret = _wsystem (wide_string (command, &gc));
> - gc_free (&gc);
> -#else
> - ret = system (command);
> -#endif
> + ret = platform_system(command);
>
> /* debugging */
> dmsg (D_SCRIPT, "SYSTEM return=%u", ret);
> @@ -599,19 +400,6 @@ openvpn_system (const char *command, const struct
> env_set *es, unsigned int flag
> #endif
> }
>
> -int
> -openvpn_access (const char *path, int mode)
> -{
> -#ifdef WIN32
> - struct gc_arena gc = gc_new ();
> - int ret = _waccess (wide_string (path, &gc), mode);
> - gc_free (&gc);
> - return ret;
> -#else
> - return access (path, mode);
> -#endif
> -}
> -
> /*
> * Run execve() inside a fork(), duping stdout. Designed to replicate the
> semantics of popen() but
> * in a safer way that doesn't require the invocation of a shell or the risks
> @@ -981,7 +769,7 @@ env_set_remove_from_environment (const struct env_set *es)
>
> static struct env_item *global_env = NULL; /* GLOBAL */
>
> -static void
> +void
> manage_env (char *str)
> {
> remove_env_item (str, true, &global_env);
> @@ -1078,27 +866,11 @@ setenv_str_ex (struct env_set *es,
> }
> else
> {
> -#if defined(WIN32)
> + char *str = construct_name_value (name_tmp, val_tmp, NULL);
> + if (platform_putenv(str))
> {
> - if (!SetEnvironmentVariableW (wide_string (name_tmp, &gc),
> - wide_string (val_tmp, &gc)))
> - msg (M_WARN | M_ERRNO, "SetEnvironmentVariable failed, name='%s',
> value='%s'",
> - name_tmp,
> - val_tmp ? val_tmp : "NULL");
> + msg (M_WARN | M_ERRNO, "putenv('%s') failed", str);
> }
> -#elif defined(HAVE_PUTENV)
> - {
> - char *str = construct_name_value (name_tmp, val_tmp, NULL);
> - int status;
> -
> - status = putenv (str);
> - /*msg (M_INFO, "PUTENV '%s'", str);*/
> - if (!status)
> - manage_env (str);
> - if (status)
> - msg (M_WARN | M_ERRNO, "putenv('%s') failed", str);
> - }
> -#endif
> }
>
> gc_free (&gc);
> @@ -1162,35 +934,6 @@ count_netmask_bits(const char *dotted_quad)
> return ((int)result);
> }
>
> -/*
> - * Go to sleep for n milliseconds.
> - */
> -void
> -sleep_milliseconds (unsigned int n)
> -{
> -#ifdef WIN32
> - Sleep (n);
> -#else
> - struct timeval tv;
> - tv.tv_sec = n / 1000;
> - tv.tv_usec = (n % 1000) * 1000;
> - select (0, NULL, NULL, NULL, &tv);
> -#endif
> -}
> -
> -/*
> - * Go to sleep indefinitely.
> - */
> -void
> -sleep_until_signal (void)
> -{
> -#ifdef WIN32
> - ASSERT (0);
> -#else
> - select (0, NULL, NULL, NULL, NULL);
> -#endif
> -}
> -
> /* return true if filename can be opened for read */
> bool
> test_file (const char *filename)
> @@ -1198,7 +941,7 @@ test_file (const char *filename)
> bool ret = false;
> if (filename)
> {
> - FILE *fp = openvpn_fopen (filename, "r");
> + FILE *fp = platform_fopen (filename, "r");
> if (fp)
> {
> fclose (fp);
> @@ -1246,7 +989,7 @@ create_temp_file (const char *directory, const char
> *prefix, struct gc_arena *gc
>
> /* Atomically create the file. Errors out if the file already
> exists. */
> - fd = openvpn_open (retfname, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR |
> S_IWUSR);
> + fd = platform_open (retfname, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR |
> S_IWUSR);
> if (fd != -1)
> {
> close (fd);
> @@ -1342,22 +1085,6 @@ gen_path (const char *directory, const char *filename,
> struct gc_arena *gc)
> return NULL;
> }
>
> -/* delete a file, return true if succeeded */
> -bool
> -delete_file (const char *filename)
> -{
> -#if defined(WIN32)
> - struct gc_arena gc = gc_new ();
> - BOOL ret = DeleteFileW (wide_string (filename, &gc));
> - gc_free (&gc);
> - return (ret != 0);
> -#elif defined(HAVE_UNLINK)
> - return (unlink (filename) == 0);
> -#else
> - return false;
> -#endif
> -}
> -
> bool
> absolute_pathname (const char *pathname)
> {
> @@ -1524,7 +1251,7 @@ get_user_pass_cr (struct user_pass *up,
>
> warn_if_group_others_accessible (auth_file);
>
> - fp = openvpn_fopen (auth_file, "r");
> + fp = platform_fopen (auth_file, "r");
> if (!fp)
> msg (M_ERR, "Error opening '%s' auth file: %s", prefix,
> auth_file);
>
> diff --git a/src/openvpn/misc.h b/src/openvpn/misc.h
> index 12a8f71..d4c8e33 100644
> --- a/src/openvpn/misc.h
> +++ b/src/openvpn/misc.h
> @@ -29,6 +29,7 @@
> #include "common.h"
> #include "integer.h"
> #include "buffer.h"
> +#include "platform.h"
>
> /* socket descriptor passed by inetd/xinetd server to us */
> #define INETD_SOCKET_DESCRIPTOR 0
> @@ -58,37 +59,6 @@ struct env_set {
> struct env_item *list;
> };
>
> -/* Get/Set UID of process */
> -
> -struct user_state {
> -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> - const char *username;
> - struct passwd *pw;
> -#else
> - int dummy;
> -#endif
> -};
> -
> -bool get_user (const char *username, struct user_state *state);
> -void set_user (const struct user_state *state);
> -
> -/* Get/Set GID of process */
> -
> -struct group_state {
> -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> - const char *groupname;
> - struct group *gr;
> -#else
> - int dummy;
> -#endif
> -};
> -
> -bool get_group (const char *groupname, struct group_state *state);
> -void set_group (const struct group_state *state);
> -
> -void set_nice (int niceval);
> -void do_chroot (const char *path);
> -
> void run_up_down (const char *command,
> const struct plugin_list *plugins,
> int plugin_type,
> @@ -111,9 +81,6 @@ struct pid_state {
>
> void get_pid_file (const char* filename, struct pid_state *state);
> void write_pid (const struct pid_state *state);
> -unsigned int openvpn_getpid (void);
> -
> -void do_mlockall (bool print_msg); /* Disable paging */
>
> /* check file protections */
> void warn_if_group_others_accessible(const char* filename);
> @@ -122,9 +89,6 @@ void warn_if_group_others_accessible(const char* filename);
> #define S_SCRIPT (1<<0)
> #define S_FATAL (1<<1)
>
> -/* interpret the status code returned by system()/execve() */
> -bool system_ok(int);
> -bool system_executed (int stat);
> const char *system_error_message (int, struct gc_arena *gc);
>
> /* wrapper around the execve() call */
> @@ -133,7 +97,6 @@ int openvpn_execve (const struct argv *a, const struct
> env_set *es, const unsign
> bool openvpn_execve_check (const struct argv *a, const struct env_set *es,
> const unsigned int flags, const char *error_message);
> bool openvpn_execve_allowed (const unsigned int flags);
> int openvpn_system (const char *command, const struct env_set *es, unsigned
> int flags);
> -int openvpn_access (const char *path, int mode);
>
> static inline bool
> openvpn_run_script (const struct argv *a, const struct env_set *es, const
> unsigned int flags, const char *hook)
> @@ -144,37 +107,6 @@ openvpn_run_script (const struct argv *a, const struct
> env_set *es, const unsign
> return openvpn_execve_check(a, es, flags | S_SCRIPT, msg);
> }
>
> -#ifdef WIN32
> -FILE * openvpn_fopen (const char *path, const char *mode);
> -#else
> -static inline FILE *
> -openvpn_fopen (const char *path, const char *mode)
> -{
> - return fopen (path, mode);
> -}
> -#endif
> -
> -#ifdef WIN32
> -int openvpn_open (const char *path, int flags, int mode);
> -#else
> -static inline int
> -openvpn_open (const char *path, int flags, mode_t mode)
> -{
> - return open (path, flags, mode);
> -}
> -#endif
> -
> -#ifdef WIN32
> -typedef struct _stat openvpn_stat_t;
> -int openvpn_stat (const char *path, openvpn_stat_t *buf);
> -#else
> -typedef struct stat openvpn_stat_t;
> -static inline int
> -openvpn_stat (const char *path, openvpn_stat_t *buf)
> -{
> - return stat (path, buf);
> -}
> -#endif
>
> #ifdef HAVE_STRERROR
> /* a thread-safe version of strerror */
> @@ -184,9 +116,6 @@ const char* strerror_ts (int errnum, struct gc_arena *gc);
> /* Set standard file descriptors to /dev/null */
> void set_std_files_to_null (bool stdin_only);
>
> -/* Wrapper for chdir library function */
> -int openvpn_chdir (const char* dir);
> -
> /* dup inetd/xinetd socket descriptor and save */
> extern int inetd_socket_descriptor;
> void save_inetd_socket_descriptor (void);
> @@ -242,12 +171,6 @@ const char **make_extended_arg_array (char **p, struct
> gc_arena *gc);
> int count_netmask_bits(const char *);
> unsigned int count_bits(unsigned int );
>
> -/* go to sleep for n milliseconds */
> -void sleep_milliseconds (unsigned int n);
> -
> -/* go to sleep indefinitely */
> -void sleep_until_signal (void);
> -
> /* an analogue to the random() function, but use OpenSSL functions if
> available */
> #ifdef ENABLE_CRYPTO
> long int get_random(void);
> @@ -264,9 +187,6 @@ const char *create_temp_file (const char *directory,
> const char *prefix, struct
> /* put a directory and filename together */
> const char *gen_path (const char *directory, const char *filename, struct
> gc_arena *gc);
>
> -/* delete a file, return true if succeeded */
> -bool delete_file (const char *filename);
> -
> /* return true if pathname is absolute */
> bool absolute_pathname (const char *pathname);
>
> @@ -448,28 +368,4 @@ void argv_printf_cat (struct argv *a, const char
> *format, ...)
> #endif
> ;
>
> -/*
> - * Extract UID or GID
> - */
> -
> -static inline int
> -user_state_uid (const struct user_state *s)
> -{
> -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> - if (s->pw)
> - return s->pw->pw_uid;
> -#endif
> - return -1;
> -}
> -
> -static inline int
> -group_state_gid (const struct group_state *s)
> -{
> -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> - if (s->gr)
> - return s->gr->gr_gid;
> -#endif
> - return -1;
> -}
> -
> #endif
> diff --git a/src/openvpn/mstats.c b/src/openvpn/mstats.c
> index b4b864b..3be493c 100644
> --- a/src/openvpn/mstats.c
> +++ b/src/openvpn/mstats.c
> @@ -114,7 +114,7 @@ mstats_close(void)
> mmap_stats->state = MSTATS_EXPIRED;
> if (munmap((void *)mmap_stats, sizeof(struct mmap_stats)))
> msg (M_WARN | M_ERRNO, "mstats_close: munmap error");
> - delete_file(mmap_fn);
> + platform_unlink(mmap_fn);
> mmap_stats = NULL;
> }
> }
> diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
> index e79c6f1..9876b80 100644
> --- a/src/openvpn/multi.c
> +++ b/src/openvpn/multi.c
> @@ -1452,7 +1452,7 @@ multi_client_connect_post (struct multi_context *m,
> option_types_found,
> mi->context.c2.es);
>
> - if (!delete_file (dc_file))
> + if (!platform_unlink (dc_file))
> msg (D_MULTI_ERRORS, "MULTI: problem deleting temporary file: %s",
> dc_file);
>
> diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h
> index b314885..0732d0f 100644
> --- a/src/openvpn/openvpn.h
> +++ b/src/openvpn/openvpn.h
> @@ -143,8 +143,8 @@ struct context_0
> /* workspace for --user/--group */
> bool uid_gid_specified;
> bool uid_gid_set;
> - struct user_state user_state;
> - struct group_state group_state;
> + struct platform_state_user platform_state_user;
> + struct platform_state_group platform_state_group;
> };
>
>
> diff --git a/src/openvpn/openvpn.vcproj b/src/openvpn/openvpn.vcproj
> index 6c19621..4680e52 100644
> --- a/src/openvpn/openvpn.vcproj
> +++ b/src/openvpn/openvpn.vcproj
> @@ -347,6 +347,10 @@
> >
> </File>
> <File
> + RelativePath=".\platform.c"
> + >
> + </File>
> + <File
> RelativePath=".\plugin.c"
> >
> </File>
> @@ -649,6 +653,10 @@
> >
> </File>
> <File
> + RelativePath=".\platform.h"
> + >
> + </File>
> + <File
> RelativePath=".\plugin.h"
> >
> </File>
> diff --git a/src/openvpn/options.c b/src/openvpn/options.c
> index 258b060..bd83843 100644
> --- a/src/openvpn/options.c
> +++ b/src/openvpn/options.c
> @@ -920,7 +920,7 @@ setenv_settings (struct env_set *es, const struct options
> *o)
> setenv_int (es, "daemon", o->daemon);
> setenv_int (es, "daemon_log_redirect", o->log);
> setenv_unsigned (es, "daemon_start_time", time(NULL));
> - setenv_int (es, "daemon_pid", openvpn_getpid());
> + setenv_int (es, "daemon_pid", platform_getpid());
>
> #ifdef ENABLE_CONNECTION
> if (o->connection_list)
> @@ -2640,18 +2640,18 @@ check_file_access(const int type, const char *file,
> const int mode, const char *
> char *fullpath = strdup(file); /* POSIX dirname() implementaion may
> modify its arguments */
> char *dirpath = dirname(fullpath);
>
> - if (openvpn_access (dirpath, mode|X_OK) != 0)
> + if (platform_access (dirpath, mode|X_OK) != 0)
> errcode = errno;
> free(fullpath);
> }
>
> /* Is the file itself accessible? */
> - if (!errcode && (type & CHKACC_FILE) && (openvpn_access (file, mode) != 0)
> )
> + if (!errcode && (type & CHKACC_FILE) && (platform_access (file, mode) !=
> 0) )
> errcode = errno;
>
> /* If the file exists and is accessible, is it writable? */
> - if (!errcode && (type & CHKACC_FILEXSTWR) && (openvpn_access (file, F_OK)
> == 0) )
> - if (openvpn_access (file, W_OK) != 0)
> + if (!errcode && (type & CHKACC_FILEXSTWR) && (platform_access (file, F_OK)
> == 0) )
> + if (platform_access (file, W_OK) != 0)
> errcode = errno;
>
> /* Scream if an error is found */
> @@ -3755,7 +3755,7 @@ read_config_file (struct options *options,
> if (streq (file, "stdin"))
> fp = stdin;
> else
> - fp = openvpn_fopen (file, "r");
> + fp = platform_fopen (file, "r");
> if (fp)
> {
> line_num = 0;
> @@ -4528,7 +4528,7 @@ add_option (struct options *options,
> else if (streq (p[0], "cd") && p[1])
> {
> VERIFY_PERMISSION (OPT_P_GENERAL);
> - if (openvpn_chdir (p[1]))
> + if (platform_chdir (p[1]))
> {
> msg (M_ERR, "cd to '%s' failed", p[1]);
> goto err;
> diff --git a/src/openvpn/packet_id.c b/src/openvpn/packet_id.c
> index 186f074..0102129 100644
> --- a/src/openvpn/packet_id.c
> +++ b/src/openvpn/packet_id.c
> @@ -368,7 +368,7 @@ packet_id_persist_load (struct packet_id_persist *p,
> const char *filename)
> if (!packet_id_persist_enabled (p))
> {
> /* open packet-id persist file for both read and write */
> - p->fd = openvpn_open (filename,
> + p->fd = platform_open (filename,
> O_CREAT | O_RDWR | O_BINARY,
> S_IRUSR | S_IWUSR);
> if (p->fd == -1)
> diff --git a/src/openvpn/pf.c b/src/openvpn/pf.c
> index 729792e..7ed1e70 100644
> --- a/src/openvpn/pf.c
> +++ b/src/openvpn/pf.c
> @@ -504,8 +504,8 @@ pf_check_reload (struct context *c)
> && c->c2.pf.filename
> && event_timeout_trigger (&c->c2.pf.reload, &c->c2.timeval,
> ETT_DEFAULT))
> {
> - openvpn_stat_t s;
> - if (!openvpn_stat (c->c2.pf.filename, &s))
> + platform_stat_t s;
> + if (!platform_stat (c->c2.pf.filename, &s))
> {
> if (s.st_mtime > c->c2.pf.file_last_mod)
> {
> @@ -605,7 +605,7 @@ pf_destroy_context (struct pf_context *pfc)
> #ifdef PLUGIN_PF
> if (pfc->filename)
> {
> - delete_file (pfc->filename);
> + platform_unlink (pfc->filename);
> free (pfc->filename);
> }
> #endif
> diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c
> new file mode 100644
> index 0000000..c79f680
> --- /dev/null
> +++ b/src/openvpn/platform.c
> @@ -0,0 +1,369 @@
> +/*
> + * OpenVPN -- An application to securely tunnel IP networks
> + * over a single TCP/UDP port, with support for SSL/TLS-based
> + * session authentication and key exchange,
> + * packet encryption, packet authentication, and
> + * packet compression.
> + *
> + * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sa...@openvpn.net>
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License version 2
> + * as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program (see the file COPYING included with this
> + * distribution); if not, write to the Free Software Foundation, Inc.,
> + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> + */
> +
> +#ifdef HAVE_CONFIG_H
> +#include "config.h"
> +#elif defined(_MSC_VER)
> +#include "config-msvc.h"
> +#endif
> +
> +#include "syshead.h"
> +
> +#include "buffer.h"
> +#include "error.h"
> +#include "win32.h"
> +
> +#include "memdbg.h"
> +
> +#include "platform.h"
> +
> +/* Redefine the top level directory of the filesystem
> + to restrict access to files for security */
> +void
> +platform_chroot (const char *path)
> +{
> + if (path)
> + {
> +#ifdef HAVE_CHROOT
> + const char *top = "/";
> + if (chroot (path))
> + msg (M_ERR, "chroot to '%s' failed", path);
> + if (platform_chdir (top))
> + msg (M_ERR, "cd to '%s' failed", top);
> + msg (M_INFO, "chroot to '%s' and cd to '%s' succeeded", path, top);
> +#else
> + msg (M_FATAL, "Sorry but I can't chroot to '%s' because this operating
> system doesn't appear to support the chroot() system call", path);
> +#endif
> + }
> +}
> +
> +/* Get/Set UID of process */
> +
> +bool
> +platform_user_get (const char *username, struct platform_state_user *state)
> +{
> + bool ret = false;
> + CLEAR (*state);
> + if (username)
> + {
> +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> + state->pw = getpwnam (username);
> + if (!state->pw)
> + msg (M_ERR, "failed to find UID for user %s", username);
> + state->username = username;
> + ret = true;
> +#else
> + msg (M_FATAL, "cannot get UID for user %s -- platform lacks
> getpwname() or setuid() system calls", username);
> +#endif
> + }
> + return ret;
> +}
> +
> +void
> +platform_user_set (const struct platform_state_user *state)
> +{
> +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> + if (state->username && state->pw)
> + {
> + if (setuid (state->pw->pw_uid))
> + msg (M_ERR, "setuid('%s') failed", state->username);
> + msg (M_INFO, "UID set to %s", state->username);
> + }
> +#endif
> +}
> +
> +/* Get/Set GID of process */
> +
> +bool
> +platform_group_get (const char *groupname, struct platform_state_group
> *state)
> +{
> + bool ret = false;
> + CLEAR (*state);
> + if (groupname)
> + {
> +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> + state->gr = getgrnam (groupname);
> + if (!state->gr)
> + msg (M_ERR, "failed to find GID for group %s", groupname);
> + state->groupname = groupname;
> + ret = true;
> +#else
> + msg (M_FATAL, "cannot get GID for group %s -- platform lacks
> getgrnam() or setgid() system calls", groupname);
> +#endif
> + }
> + return ret;
> +}
> +
> +void
> +platform_group_set (const struct platform_state_group *state)
> +{
> +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> + if (state->groupname && state->gr)
> + {
> + if (setgid (state->gr->gr_gid))
> + msg (M_ERR, "setgid('%s') failed", state->groupname);
> + msg (M_INFO, "GID set to %s", state->groupname);
> +#ifdef HAVE_SETGROUPS
> + {
> + gid_t gr_list[1];
> + gr_list[0] = state->gr->gr_gid;
> + if (setgroups (1, gr_list))
> + msg (M_ERR, "setgroups('%s') failed", state->groupname);
> + }
> +#endif
> + }
> +#endif
> +}
> +
> +/* Change process priority */
> +void
> +platform_nice (int niceval)
> +{
> + if (niceval)
> + {
> +#ifdef HAVE_NICE
> + errno = 0;
> + if (nice (niceval) < 0 && errno != 0)
> + msg (M_WARN | M_ERRNO, "WARNING: nice %d failed: %s", niceval,
> strerror(errno));
> + else
> + msg (M_INFO, "nice %d succeeded", niceval);
> +#else
> + msg (M_WARN, "WARNING: nice %d failed (function not implemented)",
> niceval);
> +#endif
> + }
> +}
> +
> +/* Get current PID */
> +unsigned int
> +platform_getpid ()
> +{
> +#ifdef WIN32
> + return (unsigned int) GetCurrentProcessId ();
> +#else
> +#ifdef HAVE_GETPID
> + return (unsigned int) getpid ();
> +#else
> + return 0;
> +#endif
> +#endif
> +}
> +
> +/* Disable paging */
> +void
> +platform_mlockall(bool print_msg)
> +{
> +#ifdef HAVE_MLOCKALL
> + if (mlockall (MCL_CURRENT | MCL_FUTURE))
> + msg (M_WARN | M_ERRNO, "WARNING: mlockall call failed");
> + else if (print_msg)
> + msg (M_INFO, "mlockall call succeeded");
> +#else
> + msg (M_WARN, "WARNING: mlockall call failed (function not implemented)");
> +#endif
> +}
> +
> +/*
> + * Wrapper for chdir library function
> + */
> +int
> +platform_chdir (const char* dir)
> +{
> +#ifdef HAVE_CHDIR
> +#ifdef WIN32
> + int res;
> + struct gc_arena gc = gc_new ();
> + res = _wchdir (wide_string (dir, &gc));
> + gc_free (&gc);
> + return res;
> +#else
> + return chdir (dir);
> +#endif
> +#else
> + return -1;
> +#endif
> +}
> +
> +/*
> + * convert system() return into a success/failure value
> + */
> +bool
> +platform_system_ok (int stat)
> +{
> +#ifdef WIN32
> + return stat == 0;
> +#else
> + return stat != -1 && WIFEXITED (stat) && WEXITSTATUS (stat) == 0;
> +#endif
> +}
> +
> +/*
> + * did system() call execute the given command?
> + */
> +bool
> +platform_system_executed (int stat)
> +{
> +#ifdef WIN32
> + return stat != -1;
> +#else
> + return stat != -1 && WEXITSTATUS (stat) != 127;
> +#endif
> +}
> +
> +int
> +platform_access (const char *path, int mode)
> +{
> +#ifdef WIN32
> + struct gc_arena gc = gc_new ();
> + int ret = _waccess (wide_string (path, &gc), mode & ~X_OK);
> + gc_free (&gc);
> + return ret;
> +#else
> + return access (path, mode);
> +#endif
> +}
> +
> +/*
> + * Go to sleep for n milliseconds.
> + */
> +void
> +platform_sleep_milliseconds (unsigned int n)
> +{
> +#ifdef WIN32
> + Sleep (n);
> +#else
> + struct timeval tv;
> + tv.tv_sec = n / 1000;
> + tv.tv_usec = (n % 1000) * 1000;
> + select (0, NULL, NULL, NULL, &tv);
> +#endif
> +}
> +
> +/*
> + * Go to sleep indefinitely.
> + */
> +void
> +platform_sleep_until_signal (void)
> +{
> +#ifdef WIN32
> + ASSERT (0);
> +#else
> + select (0, NULL, NULL, NULL, NULL);
> +#endif
> +}
> +
> +/* delete a file, return true if succeeded */
> +bool
> +platform_unlink (const char *filename)
> +{
> +#if defined(WIN32)
> + struct gc_arena gc = gc_new ();
> + BOOL ret = DeleteFileW (wide_string (filename, &gc));
> + gc_free (&gc);
> + return (ret != 0);
> +#elif defined(HAVE_UNLINK)
> + return (unlink (filename) == 0);
> +#else
> + return false;
> +#endif
> +}
> +
> +int platform_system(const char *command) {
> + int ret;
> +#ifdef WIN32
> + struct gc_arena gc = gc_new ();
> + ret = _wsystem (wide_string (command, &gc));
> + gc_free (&gc);
> +#else
> + ret = system (command);
> +#endif
> + return ret;
> +}
> +
> +int platform_putenv(char *string)
> +{
> + int status;
> +#if defined(WIN32)
> + struct gc_arena gc = gc_new ();
> + char *s = string_alloc(string, &gc);
> + char *value = strchr(s, '=');
> + if (value!=NULL)
> + {
> + *value = '\0';
> + value++;
> + if (*value == '\0')
> + value = NULL;
> + }
> +
> + status = SetEnvironmentVariableW (wide_string (s, &gc),
> + wide_string (value, &gc)) ? 1: 0;
> + gc_free (&gc);
> +#elif defined(HAVE_PUTENV)
> + void manage_env (char *str); /* TODO: Resolve properly */
> + status = putenv (string);
> + if (!status)
> + manage_env (string);
> +#endif
> +
> + return status;
> +}
> +
> +FILE *
> +platform_fopen (const char *path, const char *mode)
> +{
> +#ifdef WIN32
> + struct gc_arena gc = gc_new ();
> + FILE *f = _wfopen (wide_string (path, &gc), wide_string (mode, &gc));
> + gc_free (&gc);
> + return f;
> +#else
> + return fopen(path, mode);
> +#endif
> +}
> +
> +int
> +platform_open (const char *path, int flags, int mode)
> +{
> +#ifdef WIN32
> + struct gc_arena gc = gc_new ();
> + int fd = _wopen (wide_string (path, &gc), flags, mode);
> + gc_free (&gc);
> + return fd;
> +#else
> + return open(path, flags, mode);
> +#endif
> +}
> +
> +int
> +platform_stat (const char *path, platform_stat_t *buf)
> +{
> +#ifdef WIN32
> + struct gc_arena gc = gc_new ();
> + int res = _wstat (wide_string (path, &gc), buf);
> + gc_free (&gc);
> + return res;
> +#else
> + return stat(path, buf);
> +#endif
> +}
> +
> diff --git a/src/openvpn/platform.h b/src/openvpn/platform.h
> new file mode 100644
> index 0000000..7bd2067
> --- /dev/null
> +++ b/src/openvpn/platform.h
> @@ -0,0 +1,142 @@
> +/*
> + * OpenVPN -- An application to securely tunnel IP networks
> + * over a single TCP/UDP port, with support for SSL/TLS-based
> + * session authentication and key exchange,
> + * packet encryption, packet authentication, and
> + * packet compression.
> + *
> + * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sa...@openvpn.net>
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License version 2
> + * as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program (see the file COPYING included with this
> + * distribution); if not, write to the Free Software Foundation, Inc.,
> + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> + */
> +
> +#ifndef PLATFORM_H
> +#define PLATFORM_H
> +
> +#ifdef HAVE_SYS_TYPES_H
> +#include <sys/types.h>
> +#endif
> +
> +#ifdef HAVE_SYS_STAT_H
> +#include <sys/stat.h>
> +#endif
> +
> +#ifdef HAVE_UNISTD_H
> +#include <unistd.h>
> +#endif
> +
> +#ifdef HAVE_PWD_H
> +#include <pwd.h>
> +#endif
> +
> +#ifdef HAVE_GRP_H
> +#include <grp.h>
> +#endif
> +
> +#ifdef HAVE_STDIO_H
> +#include <stdio.h>
> +#endif
> +
> +#include "basic.h"
> +
> +/* Get/Set UID of process */
> +
> +struct platform_state_user {
> +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> + const char *username;
> + struct passwd *pw;
> +#else
> + int dummy;
> +#endif
> +};
> +
> +/* Get/Set GID of process */
> +
> +struct platform_state_group {
> +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> + const char *groupname;
> + struct group *gr;
> +#else
> + int dummy;
> +#endif
> +};
> +
> +bool platform_user_get (const char *username, struct platform_state_user
> *state);
> +void platform_user_set (const struct platform_state_user *state);
> +
> +bool platform_group_get (const char *groupname, struct platform_state_group
> *state);
> +void platform_group_set (const struct platform_state_group *state);
> +
> +/*
> + * Extract UID or GID
> + */
> +
> +static inline int
> +platform_state_user_uid (const struct platform_state_user *s)
> +{
> +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
> + if (s->pw)
> + return s->pw->pw_uid;
> +#endif
> + return -1;
> +}
> +
> +static inline int
> +platform_state_group_gid (const struct platform_state_group *s)
> +{
> +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
> + if (s->gr)
> + return s->gr->gr_gid;
> +#endif
> + return -1;
> +}
> +
> +void platform_chroot (const char *path);
> +
> +void platform_nice (int niceval);
> +
> +unsigned int platform_getpid (void);
> +
> +void platform_mlockall (bool print_msg); /* Disable paging */
> +
> +int platform_chdir (const char* dir);
> +
> +/* interpret the status code returned by system()/execve() */
> +bool platform_system_ok (int stat);
> +bool platform_system_executed (int stat);
> +int platform_system(const char *command);
> +
> +int platform_access (const char *path, int mode);
> +
> +void platform_sleep_milliseconds (unsigned int n);
> +
> +void platform_sleep_until_signal (void);
> +
> +/* delete a file, return true if succeeded */
> +bool platform_unlink (const char *filename);
> +
> +int platform_putenv (char *string);
> +
> +FILE *platform_fopen (const char *path, const char *mode);
> +int platform_open (const char *path, int flags, int mode);
> +
> +#ifdef WIN32
> +typedef struct _stat platform_stat_t;
> +#else
> +typedef struct stat platform_stat_t;
> +#endif
> +int platform_stat (const char *path, platform_stat_t *buf);
> +
> +#endif
> diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c
> index a4e50e8..5d056ee 100644
> --- a/src/openvpn/ps.c
> +++ b/src/openvpn/ps.c
> @@ -337,7 +337,7 @@ journal_add (const char *journal_dir, struct
> proxy_connection *pc, struct proxy_
> check_malloc_return (jfn);
> openvpn_snprintf (jfn, fnlen, "%s/%s", journal_dir, t);
> dmsg (D_PS_PROXY_DEBUG, "PORT SHARE PROXY: client origin %s -> %s",
> jfn, f);
> - fd = openvpn_open (jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR |
> S_IWUSR | S_IRGRP);
> + fd = platform_open (jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR |
> S_IWUSR | S_IRGRP);
> if (fd != -1)
> {
> write(fd, f, strlen(f));
> diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
> index 6a60cb5..d712c66 100644
> --- a/src/openvpn/ssl_openssl.c
> +++ b/src/openvpn/ssl_openssl.c
> @@ -280,7 +280,7 @@ tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char
> *pkcs12_file,
> #endif
> {
> /* Load the PKCS #12 file */
> - if (!(fp = openvpn_fopen(pkcs12_file, "rb")))
> + if (!(fp = platform_fopen(pkcs12_file, "rb")))
> msg(M_SSLERR, "Error opening file %s", pkcs12_file);
> p12 = d2i_PKCS12_fp(fp, NULL);
> fclose(fp);
> diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c
> index 51457f8..e837e39 100644
> --- a/src/openvpn/ssl_verify.c
> +++ b/src/openvpn/ssl_verify.c
> @@ -517,7 +517,7 @@ verify_cert_call_command(const char *verify_command,
> struct env_set *es,
> if (verify_export_cert)
> {
> if (tmp_file)
> - delete_file(tmp_file);
> + platform_unlink(tmp_file);
> }
>
> gc_free(&gc);
> @@ -551,7 +551,7 @@ verify_check_crl_dir(const char *crl_dir,
> openvpn_x509_cert_t *cert)
> x509_free_serial(serial);
> return FAILURE;
> }
> - fd = openvpn_open (fn, O_RDONLY, 0);
> + fd = platform_open (fn, O_RDONLY, 0);
> if (fd >= 0)
> {
> msg (D_HANDSHAKE, "VERIFY CRL: certificate serial number %s is
> revoked", serial);
> @@ -735,7 +735,7 @@ key_state_rm_auth_control_file (struct key_state *ks)
> {
> if (ks && ks->auth_control_file)
> {
> - delete_file (ks->auth_control_file);
> + platform_unlink (ks->auth_control_file);
> free (ks->auth_control_file);
> ks->auth_control_file = NULL;
> }
> @@ -987,7 +987,7 @@ verify_user_pass_script (struct tls_session *session,
> const struct user_pass *up
>
> done:
> if (tmp_file && strlen (tmp_file) > 0)
> - delete_file (tmp_file);
> + platform_unlink (tmp_file);
>
> argv_reset (&argv);
> gc_free (&gc);
> diff --git a/src/openvpn/status.c b/src/openvpn/status.c
> index 0be5e4c..5f9ab9e 100644
> --- a/src/openvpn/status.c
> +++ b/src/openvpn/status.c
> @@ -78,17 +78,17 @@ status_open (const char *filename,
> switch (so->flags)
> {
> case STATUS_OUTPUT_WRITE:
> - so->fd = openvpn_open (filename,
> + so->fd = platform_open (filename,
> O_CREAT | O_TRUNC | O_WRONLY,
> S_IRUSR | S_IWUSR);
> break;
> case STATUS_OUTPUT_READ:
> - so->fd = openvpn_open (filename,
> + so->fd = platform_open (filename,
> O_RDONLY,
> S_IRUSR | S_IWUSR);
> break;
> case STATUS_OUTPUT_READ|STATUS_OUTPUT_WRITE:
> - so->fd = openvpn_open (filename,
> + so->fd = platform_open (filename,
> O_CREAT | O_RDWR,
> S_IRUSR | S_IWUSR);
> break;
> diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
> index abc6a99..e6a7bc8 100644
> --- a/src/openvpn/tun.c
> +++ b/src/openvpn/tun.c
> @@ -1545,22 +1545,22 @@ tuncfg (const char *dev, const char *dev_type, const
> char *dev_node, int persist
> msg (M_ERR, "Cannot ioctl TUNSETPERSIST(%d) %s", persist_mode, dev);
> if (username != NULL)
> {
> - struct user_state user_state;
> + struct platform_state_user platform_state_user;
>
> - if (!get_user (username, &user_state))
> + if (!platform_user_get (username, &platform_state_user))
> msg (M_ERR, "Cannot get user entry for %s", username);
> else
> - if (ioctl (tt->fd, TUNSETOWNER, user_state.pw->pw_uid) < 0)
> + if (ioctl (tt->fd, TUNSETOWNER, platform_state_user.pw->pw_uid) < 0)
> msg (M_ERR, "Cannot ioctl TUNSETOWNER(%s) %s", username, dev);
> }
> if (groupname != NULL)
> {
> - struct group_state group_state;
> + struct platform_state_group platform_state_group;
>
> - if (!get_group (groupname, &group_state))
> + if (!platform_group_get (groupname, &platform_state_group))
> msg (M_ERR, "Cannot get group entry for %s", groupname);
> else
> - if (ioctl (tt->fd, TUNSETGROUP, group_state.gr->gr_gid) < 0)
> + if (ioctl (tt->fd, TUNSETGROUP, platform_state_group.gr->gr_gid) < 0)
> msg (M_ERR, "Cannot ioctl TUNSETOWNER(%s) %s", groupname, dev);
> }
> close_tun (tt);
> diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c
> index e94343b..e8e69dc 100644
> --- a/src/openvpn/win32.c
> +++ b/src/openvpn/win32.c
> @@ -976,33 +976,6 @@ wide_string (const char* utf8, struct gc_arena *gc)
> return ucs16;
> }
>
> -FILE *
> -openvpn_fopen (const char *path, const char *mode)
> -{
> - struct gc_arena gc = gc_new ();
> - FILE *f = _wfopen (wide_string (path, &gc), wide_string (mode, &gc));
> - gc_free (&gc);
> - return f;
> -}
> -
> -int
> -openvpn_open (const char *path, int flags, int mode)
> -{
> - struct gc_arena gc = gc_new ();
> - int fd = _wopen (wide_string (path, &gc), flags, mode);
> - gc_free (&gc);
> - return fd;
> -}
> -
> -int
> -openvpn_stat (const char *path, openvpn_stat_t *buf)
> -{
> - struct gc_arena gc = gc_new ();
> - int res = _wstat (wide_string (path, &gc), buf);
> - gc_free (&gc);
> - return res;
> -}
> -
> /*
> * call ourself in another process
> */
> --
> 1.7.3.4
>
>
> ------------------------------------------------------------------------------
> Virtualization & Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> _______________________________________________
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
