This probably makes sense, lots of good refactorings. That said, I'd like to know how you selected what goes to platform.c?
-- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock > + Some fixups within the platform.c functions. > - need to check environment set on Windows. > > Signed-off-by: Alon Bar-Lev <alon.bar...@gmail.com> > --- > src/openvpn/Makefile.am | 1 + > src/openvpn/buffer.c | 2 +- > src/openvpn/crypto.c | 6 +- > src/openvpn/error.c | 2 +- > src/openvpn/init.c | 18 +- > src/openvpn/manage.c | 16 +- > src/openvpn/misc.c | 295 ++---------------------------------- > src/openvpn/misc.h | 106 +------------- > src/openvpn/mstats.c | 2 +- > src/openvpn/multi.c | 2 +- > src/openvpn/openvpn.h | 4 +- > src/openvpn/openvpn.vcproj | 8 + > src/openvpn/options.c | 14 +- > src/openvpn/packet_id.c | 2 +- > src/openvpn/pf.c | 6 +- > src/openvpn/platform.c | 369 > ++++++++++++++++++++++++++++++++++++++++++++ > src/openvpn/platform.h | 142 +++++++++++++++++ > src/openvpn/ps.c | 2 +- > src/openvpn/ssl_openssl.c | 2 +- > src/openvpn/ssl_verify.c | 8 +- > src/openvpn/status.c | 6 +- > src/openvpn/tun.c | 12 +- > src/openvpn/win32.c | 27 ---- > 23 files changed, 584 insertions(+), 468 deletions(-) > create mode 100644 src/openvpn/platform.c > create mode 100644 src/openvpn/platform.h > > diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am > index 333eebc..6ba12b8 100644 > --- a/src/openvpn/Makefile.am > +++ b/src/openvpn/Makefile.am > @@ -58,6 +58,7 @@ openvpn_SOURCES = \ > mbuf.c mbuf.h \ > memdbg.h \ > misc.c misc.h \ > + platform.c platform.h \ > console.c console.h \ > mroute.c mroute.h \ > mss.c mss.h \ > diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c > index ad30223..5eee3ee 100644 > --- a/src/openvpn/buffer.c > +++ b/src/openvpn/buffer.c > @@ -1080,7 +1080,7 @@ buffer_list_advance (struct buffer_list *ol, int n) > struct buffer_list * > buffer_list_file (const char *fn, int max_line_len) > { > - FILE *fp = openvpn_fopen (fn, "r"); > + FILE *fp = platform_fopen (fn, "r"); > struct buffer_list *bl = NULL; > > if (fp) > diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c > index 2e2e5d7..f811966 100644 > --- a/src/openvpn/crypto.c > +++ b/src/openvpn/crypto.c > @@ -868,7 +868,7 @@ read_key_file (struct key2 *key2, const char *file, const > unsigned int flags) > #endif > { > in = alloc_buf_gc (2048, &gc); > - fd = openvpn_open (file, O_RDONLY, 0); > + fd = platform_open (file, O_RDONLY, 0); > if (fd == -1) > msg (M_ERR, "Cannot open file key file '%s'", file); > size = read (fd, in.data, in.capacity); > @@ -1029,7 +1029,7 @@ read_passphrase_hash (const char *passphrase_file, > const int min_passphrase_size = 8; > uint8_t buf[64]; > int total_size = 0; > - int fd = openvpn_open (passphrase_file, O_RDONLY, 0); > + int fd = platform_open (passphrase_file, O_RDONLY, 0); > > if (fd == -1) > msg (M_ERR, "Cannot open passphrase file: '%s'", passphrase_file); > @@ -1079,7 +1079,7 @@ write_key_file (const int nkeys, const char *filename) > const int bytes_per_line = 16; > > /* open key file */ > - fd = openvpn_open (filename, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | > S_IWUSR); > + fd = platform_open (filename, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | > S_IWUSR); > > if (fd == -1) > msg (M_ERR, "Cannot open shared secret file '%s' for write", filename); > diff --git a/src/openvpn/error.c b/src/openvpn/error.c > index 1f2dd86..d6ad639 100644 > --- a/src/openvpn/error.c > +++ b/src/openvpn/error.c > @@ -640,7 +640,7 @@ x_check_status (int status, > my_errno); > > if (x_cs_err_delay_ms) > - sleep_milliseconds (x_cs_err_delay_ms); > + platform_sleep_milliseconds (x_cs_err_delay_ms); > } > gc_free (&gc); > } > diff --git a/src/openvpn/init.c b/src/openvpn/init.c > index bba3cf8..bc7718e 100644 > --- a/src/openvpn/init.c > +++ b/src/openvpn/init.c > @@ -935,7 +935,7 @@ do_genkey (const struct options * options) > "shared secret output file (--secret)"); > > if (options->mlock) /* should we disable paging? */ > - do_mlockall (true); > + platform_mlockall (true); > > nbits_written = write_key_file (2, options->shared_secret_file); > > @@ -1022,7 +1022,7 @@ do_uid_gid_chroot (struct context *c, bool no_delay) > if (c->options.chroot_dir) > { > if (no_delay) > - do_chroot (c->options.chroot_dir); > + platform_chroot (c->options.chroot_dir); > else > msg (M_INFO, "NOTE: chroot %s", why_not); > } > @@ -1030,8 +1030,8 @@ do_uid_gid_chroot (struct context *c, bool no_delay) > /* set user and/or group that we want to setuid/setgid to */ > if (no_delay) > { > - set_group (&c0->group_state); > - set_user (&c0->user_state); > + platform_group_set (&c0->platform_state_group); > + platform_user_set (&c0->platform_state_user); > c0->uid_gid_set = true; > } > else if (c0->uid_gid_specified) > @@ -2780,8 +2780,8 @@ do_init_first_time (struct context *c) > > /* get user and/or group that we want to setuid/setgid to */ > c0->uid_gid_specified = > - get_group (c->options.groupname, &c0->group_state) | > - get_user (c->options.username, &c0->user_state); > + platform_group_get (c->options.groupname, &c0->platform_state_group) | > + platform_user_get (c->options.username, &c0->platform_state_user); > > /* get --writepid file descriptor */ > get_pid_file (c->options.writepid, &c0->pid_state); > @@ -2791,13 +2791,13 @@ do_init_first_time (struct context *c) > > /* should we disable paging? */ > if (c->options.mlock && c->did_we_daemonize) > - do_mlockall (true); /* call again in case we daemonized */ > + platform_mlockall (true); /* call again in case we daemonized */ > > /* save process ID in a file */ > write_pid (&c0->pid_state); > > /* should we change scheduling priority? */ > - set_nice (c->options.nice); > + platform_nice (c->options.nice); > } > } > > @@ -3342,7 +3342,7 @@ init_instance (struct context *c, const struct env_set > *env, const unsigned int > > /* should we disable paging? */ > if (c->first_time && options->mlock) > - do_mlockall (true); > + platform_mlockall (true); > > #if P2MP > /* get passwords if undefined */ > diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c > index 85c9aca..1dddd41 100644 > --- a/src/openvpn/manage.c > +++ b/src/openvpn/manage.c > @@ -1146,7 +1146,7 @@ man_dispatch_command (struct management *man, struct > status_output *so, const ch > } > else if (streq (p[0], "pid")) > { > - msg (M_CLIENT, "SUCCESS: pid=%d", openvpn_getpid ()); > + msg (M_CLIENT, "SUCCESS: pid=%d", platform_getpid ()); > } > #ifdef MANAGEMENT_DEF_AUTH > else if (streq (p[0], "nclients")) > @@ -1429,7 +1429,7 @@ man_record_peer_info (struct management *man) > { > const in_addr_t a = ntohl (addr.sin_addr.s_addr); > const int p = ntohs (addr.sin_port); > - FILE *fp = openvpn_fopen (man->settings.write_peer_info_file, > "w"); > + FILE *fp = platform_fopen (man->settings.write_peer_info_file, > "w"); > if (fp) > { > fprintf (fp, "%s\n%d\n", print_in_addr_t (a, 0, &gc), p); > @@ -2013,17 +2013,17 @@ man_settings_init (struct man_settings *ms, > */ > if (client_user) > { > - struct user_state s; > - get_user (client_user, &s); > - ms->client_uid = user_state_uid (&s); > + struct platform_state_user s; > + platform_user_get (client_user, &s); > + ms->client_uid = platform_state_user_uid (&s); > msg (D_MANAGEMENT, "MANAGEMENT: client_uid=%d", ms->client_uid); > ASSERT (ms->client_uid >= 0); > } > if (client_group) > { > - struct group_state s; > - get_group (client_group, &s); > - ms->client_gid = group_state_gid (&s); > + struct platform_state_group s; > + platform_group_get (client_group, &s); > + ms->client_gid = platform_state_group_gid (&s); > msg (D_MANAGEMENT, "MANAGEMENT: client_gid=%d", ms->client_gid); > ASSERT (ms->client_gid >= 0); > } > diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c > index 2571194..2ded9bf 100644 > --- a/src/openvpn/misc.c > +++ b/src/openvpn/misc.c > @@ -56,122 +56,6 @@ int script_security = SSEC_BUILT_IN; /* GLOBAL */ > /* contains SM_x value defined in misc.h */ > int script_method = SM_EXECVE; /* GLOBAL */ > > -/* Redefine the top level directory of the filesystem > - to restrict access to files for security */ > -void > -do_chroot (const char *path) > -{ > - if (path) > - { > -#ifdef HAVE_CHROOT > - const char *top = "/"; > - if (chroot (path)) > - msg (M_ERR, "chroot to '%s' failed", path); > - if (openvpn_chdir (top)) > - msg (M_ERR, "cd to '%s' failed", top); > - msg (M_INFO, "chroot to '%s' and cd to '%s' succeeded", path, top); > -#else > - msg (M_FATAL, "Sorry but I can't chroot to '%s' because this operating > system doesn't appear to support the chroot() system call", path); > -#endif > - } > -} > - > -/* Get/Set UID of process */ > - > -bool > -get_user (const char *username, struct user_state *state) > -{ > - bool ret = false; > - CLEAR (*state); > - if (username) > - { > -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > - state->pw = getpwnam (username); > - if (!state->pw) > - msg (M_ERR, "failed to find UID for user %s", username); > - state->username = username; > - ret = true; > -#else > - msg (M_FATAL, "cannot get UID for user %s -- platform lacks > getpwname() or setuid() system calls", username); > -#endif > - } > - return ret; > -} > - > -void > -set_user (const struct user_state *state) > -{ > -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > - if (state->username && state->pw) > - { > - if (setuid (state->pw->pw_uid)) > - msg (M_ERR, "setuid('%s') failed", state->username); > - msg (M_INFO, "UID set to %s", state->username); > - } > -#endif > -} > - > -/* Get/Set GID of process */ > - > -bool > -get_group (const char *groupname, struct group_state *state) > -{ > - bool ret = false; > - CLEAR (*state); > - if (groupname) > - { > -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > - state->gr = getgrnam (groupname); > - if (!state->gr) > - msg (M_ERR, "failed to find GID for group %s", groupname); > - state->groupname = groupname; > - ret = true; > -#else > - msg (M_FATAL, "cannot get GID for group %s -- platform lacks > getgrnam() or setgid() system calls", groupname); > -#endif > - } > - return ret; > -} > - > -void > -set_group (const struct group_state *state) > -{ > -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > - if (state->groupname && state->gr) > - { > - if (setgid (state->gr->gr_gid)) > - msg (M_ERR, "setgid('%s') failed", state->groupname); > - msg (M_INFO, "GID set to %s", state->groupname); > -#ifdef HAVE_SETGROUPS > - { > - gid_t gr_list[1]; > - gr_list[0] = state->gr->gr_gid; > - if (setgroups (1, gr_list)) > - msg (M_ERR, "setgroups('%s') failed", state->groupname); > - } > -#endif > - } > -#endif > -} > - > -/* Change process priority */ > -void > -set_nice (int niceval) > -{ > - if (niceval) > - { > -#ifdef HAVE_NICE > - errno = 0; > - if (nice (niceval) < 0 && errno != 0) > - msg (M_WARN | M_ERRNO, "WARNING: nice %d failed: %s", niceval, > strerror(errno)); > - else > - msg (M_INFO, "nice %d succeeded", niceval); > -#else > - msg (M_WARN, "WARNING: nice %d failed (function not implemented)", > niceval); > -#endif > - } > -} > - > /* > * Pass tunnel endpoint and MTU parms to a user-supplied script. > * Used to execute the up/down script/plugins. > @@ -253,7 +137,7 @@ get_pid_file (const char* filename, struct pid_state > *state) > CLEAR (*state); > if (filename) > { > - state->fp = openvpn_fopen (filename, "w"); > + state->fp = platform_fopen (filename, "w"); > if (!state->fp) > msg (M_ERR, "Open error on pid file %s", filename); > state->filename = filename; > @@ -266,42 +150,13 @@ write_pid (const struct pid_state *state) > { > if (state->filename && state->fp) > { > - unsigned int pid = openvpn_getpid (); > + unsigned int pid = platform_getpid (); > fprintf(state->fp, "%u\n", pid); > if (fclose (state->fp)) > msg (M_ERR, "Close error on pid file %s", state->filename); > } > } > > -/* Get current PID */ > -unsigned int > -openvpn_getpid () > -{ > -#ifdef WIN32 > - return (unsigned int) GetCurrentProcessId (); > -#else > -#ifdef HAVE_GETPID > - return (unsigned int) getpid (); > -#else > - return 0; > -#endif > -#endif > -} > - > -/* Disable paging */ > -void > -do_mlockall(bool print_msg) > -{ > -#ifdef HAVE_MLOCKALL > - if (mlockall (MCL_CURRENT | MCL_FUTURE)) > - msg (M_WARN | M_ERRNO, "WARNING: mlockall call failed"); > - else if (print_msg) > - msg (M_INFO, "mlockall call succeeded"); > -#else > - msg (M_WARN, "WARNING: mlockall call failed (function not implemented)"); > -#endif > -} > - > /* > * Set standard file descriptors to /dev/null > */ > @@ -325,27 +180,6 @@ set_std_files_to_null (bool stdin_only) > } > > /* > - * Wrapper for chdir library function > - */ > -int > -openvpn_chdir (const char* dir) > -{ > -#ifdef HAVE_CHDIR > -#ifdef WIN32 > - int res; > - struct gc_arena gc = gc_new (); > - res = _wchdir (wide_string (dir, &gc)); > - gc_free (&gc); > - return res; > -#else > - return chdir (dir); > -#endif > -#else > - return -1; > -#endif > -} > - > -/* > * dup inetd/xinetd socket descriptor and save > */ > > @@ -391,32 +225,6 @@ warn_if_group_others_accessible (const char* filename) > } > > /* > - * convert system() return into a success/failure value > - */ > -bool > -system_ok (int stat) > -{ > -#ifdef WIN32 > - return stat == 0; > -#else > - return stat != -1 && WIFEXITED (stat) && WEXITSTATUS (stat) == 0; > -#endif > -} > - > -/* > - * did system() call execute the given command? > - */ > -bool > -system_executed (int stat) > -{ > -#ifdef WIN32 > - return stat != -1; > -#else > - return stat != -1 && WEXITSTATUS (stat) != 127; > -#endif > -} > - > -/* > * Print an error message based on the status code returned by system(). > */ > const char * > @@ -456,7 +264,7 @@ openvpn_execve_check (const struct argv *a, const struct > env_set *es, const unsi > const int stat = openvpn_execve (a, es, flags); > int ret = false; > > - if (system_ok (stat)) > + if (platform_system_ok (stat)) > ret = true; > else > { > @@ -554,7 +362,6 @@ openvpn_system (const char *command, const struct env_set > *es, unsigned int flag > { > #ifdef HAVE_SYSTEM > int ret; > - struct gc_arena gc; > > perf_push (PERF_SCRIPT); > > @@ -573,13 +380,7 @@ openvpn_system (const char *command, const struct > env_set *es, unsigned int flag > /* > * execute the command > */ > -#ifdef WIN32 > - gc = gc_new (); > - ret = _wsystem (wide_string (command, &gc)); > - gc_free (&gc); > -#else > - ret = system (command); > -#endif > + ret = platform_system(command); > > /* debugging */ > dmsg (D_SCRIPT, "SYSTEM return=%u", ret); > @@ -599,19 +400,6 @@ openvpn_system (const char *command, const struct > env_set *es, unsigned int flag > #endif > } > > -int > -openvpn_access (const char *path, int mode) > -{ > -#ifdef WIN32 > - struct gc_arena gc = gc_new (); > - int ret = _waccess (wide_string (path, &gc), mode); > - gc_free (&gc); > - return ret; > -#else > - return access (path, mode); > -#endif > -} > - > /* > * Run execve() inside a fork(), duping stdout. Designed to replicate the > semantics of popen() but > * in a safer way that doesn't require the invocation of a shell or the risks > @@ -981,7 +769,7 @@ env_set_remove_from_environment (const struct env_set *es) > > static struct env_item *global_env = NULL; /* GLOBAL */ > > -static void > +void > manage_env (char *str) > { > remove_env_item (str, true, &global_env); > @@ -1078,27 +866,11 @@ setenv_str_ex (struct env_set *es, > } > else > { > -#if defined(WIN32) > + char *str = construct_name_value (name_tmp, val_tmp, NULL); > + if (platform_putenv(str)) > { > - if (!SetEnvironmentVariableW (wide_string (name_tmp, &gc), > - wide_string (val_tmp, &gc))) > - msg (M_WARN | M_ERRNO, "SetEnvironmentVariable failed, name='%s', > value='%s'", > - name_tmp, > - val_tmp ? val_tmp : "NULL"); > + msg (M_WARN | M_ERRNO, "putenv('%s') failed", str); > } > -#elif defined(HAVE_PUTENV) > - { > - char *str = construct_name_value (name_tmp, val_tmp, NULL); > - int status; > - > - status = putenv (str); > - /*msg (M_INFO, "PUTENV '%s'", str);*/ > - if (!status) > - manage_env (str); > - if (status) > - msg (M_WARN | M_ERRNO, "putenv('%s') failed", str); > - } > -#endif > } > > gc_free (&gc); > @@ -1162,35 +934,6 @@ count_netmask_bits(const char *dotted_quad) > return ((int)result); > } > > -/* > - * Go to sleep for n milliseconds. > - */ > -void > -sleep_milliseconds (unsigned int n) > -{ > -#ifdef WIN32 > - Sleep (n); > -#else > - struct timeval tv; > - tv.tv_sec = n / 1000; > - tv.tv_usec = (n % 1000) * 1000; > - select (0, NULL, NULL, NULL, &tv); > -#endif > -} > - > -/* > - * Go to sleep indefinitely. > - */ > -void > -sleep_until_signal (void) > -{ > -#ifdef WIN32 > - ASSERT (0); > -#else > - select (0, NULL, NULL, NULL, NULL); > -#endif > -} > - > /* return true if filename can be opened for read */ > bool > test_file (const char *filename) > @@ -1198,7 +941,7 @@ test_file (const char *filename) > bool ret = false; > if (filename) > { > - FILE *fp = openvpn_fopen (filename, "r"); > + FILE *fp = platform_fopen (filename, "r"); > if (fp) > { > fclose (fp); > @@ -1246,7 +989,7 @@ create_temp_file (const char *directory, const char > *prefix, struct gc_arena *gc > > /* Atomically create the file. Errors out if the file already > exists. */ > - fd = openvpn_open (retfname, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | > S_IWUSR); > + fd = platform_open (retfname, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | > S_IWUSR); > if (fd != -1) > { > close (fd); > @@ -1342,22 +1085,6 @@ gen_path (const char *directory, const char *filename, > struct gc_arena *gc) > return NULL; > } > > -/* delete a file, return true if succeeded */ > -bool > -delete_file (const char *filename) > -{ > -#if defined(WIN32) > - struct gc_arena gc = gc_new (); > - BOOL ret = DeleteFileW (wide_string (filename, &gc)); > - gc_free (&gc); > - return (ret != 0); > -#elif defined(HAVE_UNLINK) > - return (unlink (filename) == 0); > -#else > - return false; > -#endif > -} > - > bool > absolute_pathname (const char *pathname) > { > @@ -1524,7 +1251,7 @@ get_user_pass_cr (struct user_pass *up, > > warn_if_group_others_accessible (auth_file); > > - fp = openvpn_fopen (auth_file, "r"); > + fp = platform_fopen (auth_file, "r"); > if (!fp) > msg (M_ERR, "Error opening '%s' auth file: %s", prefix, > auth_file); > > diff --git a/src/openvpn/misc.h b/src/openvpn/misc.h > index 12a8f71..d4c8e33 100644 > --- a/src/openvpn/misc.h > +++ b/src/openvpn/misc.h > @@ -29,6 +29,7 @@ > #include "common.h" > #include "integer.h" > #include "buffer.h" > +#include "platform.h" > > /* socket descriptor passed by inetd/xinetd server to us */ > #define INETD_SOCKET_DESCRIPTOR 0 > @@ -58,37 +59,6 @@ struct env_set { > struct env_item *list; > }; > > -/* Get/Set UID of process */ > - > -struct user_state { > -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > - const char *username; > - struct passwd *pw; > -#else > - int dummy; > -#endif > -}; > - > -bool get_user (const char *username, struct user_state *state); > -void set_user (const struct user_state *state); > - > -/* Get/Set GID of process */ > - > -struct group_state { > -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > - const char *groupname; > - struct group *gr; > -#else > - int dummy; > -#endif > -}; > - > -bool get_group (const char *groupname, struct group_state *state); > -void set_group (const struct group_state *state); > - > -void set_nice (int niceval); > -void do_chroot (const char *path); > - > void run_up_down (const char *command, > const struct plugin_list *plugins, > int plugin_type, > @@ -111,9 +81,6 @@ struct pid_state { > > void get_pid_file (const char* filename, struct pid_state *state); > void write_pid (const struct pid_state *state); > -unsigned int openvpn_getpid (void); > - > -void do_mlockall (bool print_msg); /* Disable paging */ > > /* check file protections */ > void warn_if_group_others_accessible(const char* filename); > @@ -122,9 +89,6 @@ void warn_if_group_others_accessible(const char* filename); > #define S_SCRIPT (1<<0) > #define S_FATAL (1<<1) > > -/* interpret the status code returned by system()/execve() */ > -bool system_ok(int); > -bool system_executed (int stat); > const char *system_error_message (int, struct gc_arena *gc); > > /* wrapper around the execve() call */ > @@ -133,7 +97,6 @@ int openvpn_execve (const struct argv *a, const struct > env_set *es, const unsign > bool openvpn_execve_check (const struct argv *a, const struct env_set *es, > const unsigned int flags, const char *error_message); > bool openvpn_execve_allowed (const unsigned int flags); > int openvpn_system (const char *command, const struct env_set *es, unsigned > int flags); > -int openvpn_access (const char *path, int mode); > > static inline bool > openvpn_run_script (const struct argv *a, const struct env_set *es, const > unsigned int flags, const char *hook) > @@ -144,37 +107,6 @@ openvpn_run_script (const struct argv *a, const struct > env_set *es, const unsign > return openvpn_execve_check(a, es, flags | S_SCRIPT, msg); > } > > -#ifdef WIN32 > -FILE * openvpn_fopen (const char *path, const char *mode); > -#else > -static inline FILE * > -openvpn_fopen (const char *path, const char *mode) > -{ > - return fopen (path, mode); > -} > -#endif > - > -#ifdef WIN32 > -int openvpn_open (const char *path, int flags, int mode); > -#else > -static inline int > -openvpn_open (const char *path, int flags, mode_t mode) > -{ > - return open (path, flags, mode); > -} > -#endif > - > -#ifdef WIN32 > -typedef struct _stat openvpn_stat_t; > -int openvpn_stat (const char *path, openvpn_stat_t *buf); > -#else > -typedef struct stat openvpn_stat_t; > -static inline int > -openvpn_stat (const char *path, openvpn_stat_t *buf) > -{ > - return stat (path, buf); > -} > -#endif > > #ifdef HAVE_STRERROR > /* a thread-safe version of strerror */ > @@ -184,9 +116,6 @@ const char* strerror_ts (int errnum, struct gc_arena *gc); > /* Set standard file descriptors to /dev/null */ > void set_std_files_to_null (bool stdin_only); > > -/* Wrapper for chdir library function */ > -int openvpn_chdir (const char* dir); > - > /* dup inetd/xinetd socket descriptor and save */ > extern int inetd_socket_descriptor; > void save_inetd_socket_descriptor (void); > @@ -242,12 +171,6 @@ const char **make_extended_arg_array (char **p, struct > gc_arena *gc); > int count_netmask_bits(const char *); > unsigned int count_bits(unsigned int ); > > -/* go to sleep for n milliseconds */ > -void sleep_milliseconds (unsigned int n); > - > -/* go to sleep indefinitely */ > -void sleep_until_signal (void); > - > /* an analogue to the random() function, but use OpenSSL functions if > available */ > #ifdef ENABLE_CRYPTO > long int get_random(void); > @@ -264,9 +187,6 @@ const char *create_temp_file (const char *directory, > const char *prefix, struct > /* put a directory and filename together */ > const char *gen_path (const char *directory, const char *filename, struct > gc_arena *gc); > > -/* delete a file, return true if succeeded */ > -bool delete_file (const char *filename); > - > /* return true if pathname is absolute */ > bool absolute_pathname (const char *pathname); > > @@ -448,28 +368,4 @@ void argv_printf_cat (struct argv *a, const char > *format, ...) > #endif > ; > > -/* > - * Extract UID or GID > - */ > - > -static inline int > -user_state_uid (const struct user_state *s) > -{ > -#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > - if (s->pw) > - return s->pw->pw_uid; > -#endif > - return -1; > -} > - > -static inline int > -group_state_gid (const struct group_state *s) > -{ > -#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > - if (s->gr) > - return s->gr->gr_gid; > -#endif > - return -1; > -} > - > #endif > diff --git a/src/openvpn/mstats.c b/src/openvpn/mstats.c > index b4b864b..3be493c 100644 > --- a/src/openvpn/mstats.c > +++ b/src/openvpn/mstats.c > @@ -114,7 +114,7 @@ mstats_close(void) > mmap_stats->state = MSTATS_EXPIRED; > if (munmap((void *)mmap_stats, sizeof(struct mmap_stats))) > msg (M_WARN | M_ERRNO, "mstats_close: munmap error"); > - delete_file(mmap_fn); > + platform_unlink(mmap_fn); > mmap_stats = NULL; > } > } > diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c > index e79c6f1..9876b80 100644 > --- a/src/openvpn/multi.c > +++ b/src/openvpn/multi.c > @@ -1452,7 +1452,7 @@ multi_client_connect_post (struct multi_context *m, > option_types_found, > mi->context.c2.es); > > - if (!delete_file (dc_file)) > + if (!platform_unlink (dc_file)) > msg (D_MULTI_ERRORS, "MULTI: problem deleting temporary file: %s", > dc_file); > > diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h > index b314885..0732d0f 100644 > --- a/src/openvpn/openvpn.h > +++ b/src/openvpn/openvpn.h > @@ -143,8 +143,8 @@ struct context_0 > /* workspace for --user/--group */ > bool uid_gid_specified; > bool uid_gid_set; > - struct user_state user_state; > - struct group_state group_state; > + struct platform_state_user platform_state_user; > + struct platform_state_group platform_state_group; > }; > > > diff --git a/src/openvpn/openvpn.vcproj b/src/openvpn/openvpn.vcproj > index 6c19621..4680e52 100644 > --- a/src/openvpn/openvpn.vcproj > +++ b/src/openvpn/openvpn.vcproj > @@ -347,6 +347,10 @@ > > > </File> > <File > + RelativePath=".\platform.c" > + > > + </File> > + <File > RelativePath=".\plugin.c" > > > </File> > @@ -649,6 +653,10 @@ > > > </File> > <File > + RelativePath=".\platform.h" > + > > + </File> > + <File > RelativePath=".\plugin.h" > > > </File> > diff --git a/src/openvpn/options.c b/src/openvpn/options.c > index 258b060..bd83843 100644 > --- a/src/openvpn/options.c > +++ b/src/openvpn/options.c > @@ -920,7 +920,7 @@ setenv_settings (struct env_set *es, const struct options > *o) > setenv_int (es, "daemon", o->daemon); > setenv_int (es, "daemon_log_redirect", o->log); > setenv_unsigned (es, "daemon_start_time", time(NULL)); > - setenv_int (es, "daemon_pid", openvpn_getpid()); > + setenv_int (es, "daemon_pid", platform_getpid()); > > #ifdef ENABLE_CONNECTION > if (o->connection_list) > @@ -2640,18 +2640,18 @@ check_file_access(const int type, const char *file, > const int mode, const char * > char *fullpath = strdup(file); /* POSIX dirname() implementaion may > modify its arguments */ > char *dirpath = dirname(fullpath); > > - if (openvpn_access (dirpath, mode|X_OK) != 0) > + if (platform_access (dirpath, mode|X_OK) != 0) > errcode = errno; > free(fullpath); > } > > /* Is the file itself accessible? */ > - if (!errcode && (type & CHKACC_FILE) && (openvpn_access (file, mode) != 0) > ) > + if (!errcode && (type & CHKACC_FILE) && (platform_access (file, mode) != > 0) ) > errcode = errno; > > /* If the file exists and is accessible, is it writable? */ > - if (!errcode && (type & CHKACC_FILEXSTWR) && (openvpn_access (file, F_OK) > == 0) ) > - if (openvpn_access (file, W_OK) != 0) > + if (!errcode && (type & CHKACC_FILEXSTWR) && (platform_access (file, F_OK) > == 0) ) > + if (platform_access (file, W_OK) != 0) > errcode = errno; > > /* Scream if an error is found */ > @@ -3755,7 +3755,7 @@ read_config_file (struct options *options, > if (streq (file, "stdin")) > fp = stdin; > else > - fp = openvpn_fopen (file, "r"); > + fp = platform_fopen (file, "r"); > if (fp) > { > line_num = 0; > @@ -4528,7 +4528,7 @@ add_option (struct options *options, > else if (streq (p[0], "cd") && p[1]) > { > VERIFY_PERMISSION (OPT_P_GENERAL); > - if (openvpn_chdir (p[1])) > + if (platform_chdir (p[1])) > { > msg (M_ERR, "cd to '%s' failed", p[1]); > goto err; > diff --git a/src/openvpn/packet_id.c b/src/openvpn/packet_id.c > index 186f074..0102129 100644 > --- a/src/openvpn/packet_id.c > +++ b/src/openvpn/packet_id.c > @@ -368,7 +368,7 @@ packet_id_persist_load (struct packet_id_persist *p, > const char *filename) > if (!packet_id_persist_enabled (p)) > { > /* open packet-id persist file for both read and write */ > - p->fd = openvpn_open (filename, > + p->fd = platform_open (filename, > O_CREAT | O_RDWR | O_BINARY, > S_IRUSR | S_IWUSR); > if (p->fd == -1) > diff --git a/src/openvpn/pf.c b/src/openvpn/pf.c > index 729792e..7ed1e70 100644 > --- a/src/openvpn/pf.c > +++ b/src/openvpn/pf.c > @@ -504,8 +504,8 @@ pf_check_reload (struct context *c) > && c->c2.pf.filename > && event_timeout_trigger (&c->c2.pf.reload, &c->c2.timeval, > ETT_DEFAULT)) > { > - openvpn_stat_t s; > - if (!openvpn_stat (c->c2.pf.filename, &s)) > + platform_stat_t s; > + if (!platform_stat (c->c2.pf.filename, &s)) > { > if (s.st_mtime > c->c2.pf.file_last_mod) > { > @@ -605,7 +605,7 @@ pf_destroy_context (struct pf_context *pfc) > #ifdef PLUGIN_PF > if (pfc->filename) > { > - delete_file (pfc->filename); > + platform_unlink (pfc->filename); > free (pfc->filename); > } > #endif > diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c > new file mode 100644 > index 0000000..c79f680 > --- /dev/null > +++ b/src/openvpn/platform.c > @@ -0,0 +1,369 @@ > +/* > + * OpenVPN -- An application to securely tunnel IP networks > + * over a single TCP/UDP port, with support for SSL/TLS-based > + * session authentication and key exchange, > + * packet encryption, packet authentication, and > + * packet compression. > + * > + * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sa...@openvpn.net> > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License version 2 > + * as published by the Free Software Foundation. > + * > + * This program is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU General Public License for more details. > + * > + * You should have received a copy of the GNU General Public License > + * along with this program (see the file COPYING included with this > + * distribution); if not, write to the Free Software Foundation, Inc., > + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > + */ > + > +#ifdef HAVE_CONFIG_H > +#include "config.h" > +#elif defined(_MSC_VER) > +#include "config-msvc.h" > +#endif > + > +#include "syshead.h" > + > +#include "buffer.h" > +#include "error.h" > +#include "win32.h" > + > +#include "memdbg.h" > + > +#include "platform.h" > + > +/* Redefine the top level directory of the filesystem > + to restrict access to files for security */ > +void > +platform_chroot (const char *path) > +{ > + if (path) > + { > +#ifdef HAVE_CHROOT > + const char *top = "/"; > + if (chroot (path)) > + msg (M_ERR, "chroot to '%s' failed", path); > + if (platform_chdir (top)) > + msg (M_ERR, "cd to '%s' failed", top); > + msg (M_INFO, "chroot to '%s' and cd to '%s' succeeded", path, top); > +#else > + msg (M_FATAL, "Sorry but I can't chroot to '%s' because this operating > system doesn't appear to support the chroot() system call", path); > +#endif > + } > +} > + > +/* Get/Set UID of process */ > + > +bool > +platform_user_get (const char *username, struct platform_state_user *state) > +{ > + bool ret = false; > + CLEAR (*state); > + if (username) > + { > +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > + state->pw = getpwnam (username); > + if (!state->pw) > + msg (M_ERR, "failed to find UID for user %s", username); > + state->username = username; > + ret = true; > +#else > + msg (M_FATAL, "cannot get UID for user %s -- platform lacks > getpwname() or setuid() system calls", username); > +#endif > + } > + return ret; > +} > + > +void > +platform_user_set (const struct platform_state_user *state) > +{ > +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > + if (state->username && state->pw) > + { > + if (setuid (state->pw->pw_uid)) > + msg (M_ERR, "setuid('%s') failed", state->username); > + msg (M_INFO, "UID set to %s", state->username); > + } > +#endif > +} > + > +/* Get/Set GID of process */ > + > +bool > +platform_group_get (const char *groupname, struct platform_state_group > *state) > +{ > + bool ret = false; > + CLEAR (*state); > + if (groupname) > + { > +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > + state->gr = getgrnam (groupname); > + if (!state->gr) > + msg (M_ERR, "failed to find GID for group %s", groupname); > + state->groupname = groupname; > + ret = true; > +#else > + msg (M_FATAL, "cannot get GID for group %s -- platform lacks > getgrnam() or setgid() system calls", groupname); > +#endif > + } > + return ret; > +} > + > +void > +platform_group_set (const struct platform_state_group *state) > +{ > +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > + if (state->groupname && state->gr) > + { > + if (setgid (state->gr->gr_gid)) > + msg (M_ERR, "setgid('%s') failed", state->groupname); > + msg (M_INFO, "GID set to %s", state->groupname); > +#ifdef HAVE_SETGROUPS > + { > + gid_t gr_list[1]; > + gr_list[0] = state->gr->gr_gid; > + if (setgroups (1, gr_list)) > + msg (M_ERR, "setgroups('%s') failed", state->groupname); > + } > +#endif > + } > +#endif > +} > + > +/* Change process priority */ > +void > +platform_nice (int niceval) > +{ > + if (niceval) > + { > +#ifdef HAVE_NICE > + errno = 0; > + if (nice (niceval) < 0 && errno != 0) > + msg (M_WARN | M_ERRNO, "WARNING: nice %d failed: %s", niceval, > strerror(errno)); > + else > + msg (M_INFO, "nice %d succeeded", niceval); > +#else > + msg (M_WARN, "WARNING: nice %d failed (function not implemented)", > niceval); > +#endif > + } > +} > + > +/* Get current PID */ > +unsigned int > +platform_getpid () > +{ > +#ifdef WIN32 > + return (unsigned int) GetCurrentProcessId (); > +#else > +#ifdef HAVE_GETPID > + return (unsigned int) getpid (); > +#else > + return 0; > +#endif > +#endif > +} > + > +/* Disable paging */ > +void > +platform_mlockall(bool print_msg) > +{ > +#ifdef HAVE_MLOCKALL > + if (mlockall (MCL_CURRENT | MCL_FUTURE)) > + msg (M_WARN | M_ERRNO, "WARNING: mlockall call failed"); > + else if (print_msg) > + msg (M_INFO, "mlockall call succeeded"); > +#else > + msg (M_WARN, "WARNING: mlockall call failed (function not implemented)"); > +#endif > +} > + > +/* > + * Wrapper for chdir library function > + */ > +int > +platform_chdir (const char* dir) > +{ > +#ifdef HAVE_CHDIR > +#ifdef WIN32 > + int res; > + struct gc_arena gc = gc_new (); > + res = _wchdir (wide_string (dir, &gc)); > + gc_free (&gc); > + return res; > +#else > + return chdir (dir); > +#endif > +#else > + return -1; > +#endif > +} > + > +/* > + * convert system() return into a success/failure value > + */ > +bool > +platform_system_ok (int stat) > +{ > +#ifdef WIN32 > + return stat == 0; > +#else > + return stat != -1 && WIFEXITED (stat) && WEXITSTATUS (stat) == 0; > +#endif > +} > + > +/* > + * did system() call execute the given command? > + */ > +bool > +platform_system_executed (int stat) > +{ > +#ifdef WIN32 > + return stat != -1; > +#else > + return stat != -1 && WEXITSTATUS (stat) != 127; > +#endif > +} > + > +int > +platform_access (const char *path, int mode) > +{ > +#ifdef WIN32 > + struct gc_arena gc = gc_new (); > + int ret = _waccess (wide_string (path, &gc), mode & ~X_OK); > + gc_free (&gc); > + return ret; > +#else > + return access (path, mode); > +#endif > +} > + > +/* > + * Go to sleep for n milliseconds. > + */ > +void > +platform_sleep_milliseconds (unsigned int n) > +{ > +#ifdef WIN32 > + Sleep (n); > +#else > + struct timeval tv; > + tv.tv_sec = n / 1000; > + tv.tv_usec = (n % 1000) * 1000; > + select (0, NULL, NULL, NULL, &tv); > +#endif > +} > + > +/* > + * Go to sleep indefinitely. > + */ > +void > +platform_sleep_until_signal (void) > +{ > +#ifdef WIN32 > + ASSERT (0); > +#else > + select (0, NULL, NULL, NULL, NULL); > +#endif > +} > + > +/* delete a file, return true if succeeded */ > +bool > +platform_unlink (const char *filename) > +{ > +#if defined(WIN32) > + struct gc_arena gc = gc_new (); > + BOOL ret = DeleteFileW (wide_string (filename, &gc)); > + gc_free (&gc); > + return (ret != 0); > +#elif defined(HAVE_UNLINK) > + return (unlink (filename) == 0); > +#else > + return false; > +#endif > +} > + > +int platform_system(const char *command) { > + int ret; > +#ifdef WIN32 > + struct gc_arena gc = gc_new (); > + ret = _wsystem (wide_string (command, &gc)); > + gc_free (&gc); > +#else > + ret = system (command); > +#endif > + return ret; > +} > + > +int platform_putenv(char *string) > +{ > + int status; > +#if defined(WIN32) > + struct gc_arena gc = gc_new (); > + char *s = string_alloc(string, &gc); > + char *value = strchr(s, '='); > + if (value!=NULL) > + { > + *value = '\0'; > + value++; > + if (*value == '\0') > + value = NULL; > + } > + > + status = SetEnvironmentVariableW (wide_string (s, &gc), > + wide_string (value, &gc)) ? 1: 0; > + gc_free (&gc); > +#elif defined(HAVE_PUTENV) > + void manage_env (char *str); /* TODO: Resolve properly */ > + status = putenv (string); > + if (!status) > + manage_env (string); > +#endif > + > + return status; > +} > + > +FILE * > +platform_fopen (const char *path, const char *mode) > +{ > +#ifdef WIN32 > + struct gc_arena gc = gc_new (); > + FILE *f = _wfopen (wide_string (path, &gc), wide_string (mode, &gc)); > + gc_free (&gc); > + return f; > +#else > + return fopen(path, mode); > +#endif > +} > + > +int > +platform_open (const char *path, int flags, int mode) > +{ > +#ifdef WIN32 > + struct gc_arena gc = gc_new (); > + int fd = _wopen (wide_string (path, &gc), flags, mode); > + gc_free (&gc); > + return fd; > +#else > + return open(path, flags, mode); > +#endif > +} > + > +int > +platform_stat (const char *path, platform_stat_t *buf) > +{ > +#ifdef WIN32 > + struct gc_arena gc = gc_new (); > + int res = _wstat (wide_string (path, &gc), buf); > + gc_free (&gc); > + return res; > +#else > + return stat(path, buf); > +#endif > +} > + > diff --git a/src/openvpn/platform.h b/src/openvpn/platform.h > new file mode 100644 > index 0000000..7bd2067 > --- /dev/null > +++ b/src/openvpn/platform.h > @@ -0,0 +1,142 @@ > +/* > + * OpenVPN -- An application to securely tunnel IP networks > + * over a single TCP/UDP port, with support for SSL/TLS-based > + * session authentication and key exchange, > + * packet encryption, packet authentication, and > + * packet compression. > + * > + * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sa...@openvpn.net> > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License version 2 > + * as published by the Free Software Foundation. > + * > + * This program is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU General Public License for more details. > + * > + * You should have received a copy of the GNU General Public License > + * along with this program (see the file COPYING included with this > + * distribution); if not, write to the Free Software Foundation, Inc., > + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > + */ > + > +#ifndef PLATFORM_H > +#define PLATFORM_H > + > +#ifdef HAVE_SYS_TYPES_H > +#include <sys/types.h> > +#endif > + > +#ifdef HAVE_SYS_STAT_H > +#include <sys/stat.h> > +#endif > + > +#ifdef HAVE_UNISTD_H > +#include <unistd.h> > +#endif > + > +#ifdef HAVE_PWD_H > +#include <pwd.h> > +#endif > + > +#ifdef HAVE_GRP_H > +#include <grp.h> > +#endif > + > +#ifdef HAVE_STDIO_H > +#include <stdio.h> > +#endif > + > +#include "basic.h" > + > +/* Get/Set UID of process */ > + > +struct platform_state_user { > +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > + const char *username; > + struct passwd *pw; > +#else > + int dummy; > +#endif > +}; > + > +/* Get/Set GID of process */ > + > +struct platform_state_group { > +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > + const char *groupname; > + struct group *gr; > +#else > + int dummy; > +#endif > +}; > + > +bool platform_user_get (const char *username, struct platform_state_user > *state); > +void platform_user_set (const struct platform_state_user *state); > + > +bool platform_group_get (const char *groupname, struct platform_state_group > *state); > +void platform_group_set (const struct platform_state_group *state); > + > +/* > + * Extract UID or GID > + */ > + > +static inline int > +platform_state_user_uid (const struct platform_state_user *s) > +{ > +#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID) > + if (s->pw) > + return s->pw->pw_uid; > +#endif > + return -1; > +} > + > +static inline int > +platform_state_group_gid (const struct platform_state_group *s) > +{ > +#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID) > + if (s->gr) > + return s->gr->gr_gid; > +#endif > + return -1; > +} > + > +void platform_chroot (const char *path); > + > +void platform_nice (int niceval); > + > +unsigned int platform_getpid (void); > + > +void platform_mlockall (bool print_msg); /* Disable paging */ > + > +int platform_chdir (const char* dir); > + > +/* interpret the status code returned by system()/execve() */ > +bool platform_system_ok (int stat); > +bool platform_system_executed (int stat); > +int platform_system(const char *command); > + > +int platform_access (const char *path, int mode); > + > +void platform_sleep_milliseconds (unsigned int n); > + > +void platform_sleep_until_signal (void); > + > +/* delete a file, return true if succeeded */ > +bool platform_unlink (const char *filename); > + > +int platform_putenv (char *string); > + > +FILE *platform_fopen (const char *path, const char *mode); > +int platform_open (const char *path, int flags, int mode); > + > +#ifdef WIN32 > +typedef struct _stat platform_stat_t; > +#else > +typedef struct stat platform_stat_t; > +#endif > +int platform_stat (const char *path, platform_stat_t *buf); > + > +#endif > diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c > index a4e50e8..5d056ee 100644 > --- a/src/openvpn/ps.c > +++ b/src/openvpn/ps.c > @@ -337,7 +337,7 @@ journal_add (const char *journal_dir, struct > proxy_connection *pc, struct proxy_ > check_malloc_return (jfn); > openvpn_snprintf (jfn, fnlen, "%s/%s", journal_dir, t); > dmsg (D_PS_PROXY_DEBUG, "PORT SHARE PROXY: client origin %s -> %s", > jfn, f); > - fd = openvpn_open (jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | > S_IWUSR | S_IRGRP); > + fd = platform_open (jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | > S_IWUSR | S_IRGRP); > if (fd != -1) > { > write(fd, f, strlen(f)); > diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c > index 6a60cb5..d712c66 100644 > --- a/src/openvpn/ssl_openssl.c > +++ b/src/openvpn/ssl_openssl.c > @@ -280,7 +280,7 @@ tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char > *pkcs12_file, > #endif > { > /* Load the PKCS #12 file */ > - if (!(fp = openvpn_fopen(pkcs12_file, "rb"))) > + if (!(fp = platform_fopen(pkcs12_file, "rb"))) > msg(M_SSLERR, "Error opening file %s", pkcs12_file); > p12 = d2i_PKCS12_fp(fp, NULL); > fclose(fp); > diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c > index 51457f8..e837e39 100644 > --- a/src/openvpn/ssl_verify.c > +++ b/src/openvpn/ssl_verify.c > @@ -517,7 +517,7 @@ verify_cert_call_command(const char *verify_command, > struct env_set *es, > if (verify_export_cert) > { > if (tmp_file) > - delete_file(tmp_file); > + platform_unlink(tmp_file); > } > > gc_free(&gc); > @@ -551,7 +551,7 @@ verify_check_crl_dir(const char *crl_dir, > openvpn_x509_cert_t *cert) > x509_free_serial(serial); > return FAILURE; > } > - fd = openvpn_open (fn, O_RDONLY, 0); > + fd = platform_open (fn, O_RDONLY, 0); > if (fd >= 0) > { > msg (D_HANDSHAKE, "VERIFY CRL: certificate serial number %s is > revoked", serial); > @@ -735,7 +735,7 @@ key_state_rm_auth_control_file (struct key_state *ks) > { > if (ks && ks->auth_control_file) > { > - delete_file (ks->auth_control_file); > + platform_unlink (ks->auth_control_file); > free (ks->auth_control_file); > ks->auth_control_file = NULL; > } > @@ -987,7 +987,7 @@ verify_user_pass_script (struct tls_session *session, > const struct user_pass *up > > done: > if (tmp_file && strlen (tmp_file) > 0) > - delete_file (tmp_file); > + platform_unlink (tmp_file); > > argv_reset (&argv); > gc_free (&gc); > diff --git a/src/openvpn/status.c b/src/openvpn/status.c > index 0be5e4c..5f9ab9e 100644 > --- a/src/openvpn/status.c > +++ b/src/openvpn/status.c > @@ -78,17 +78,17 @@ status_open (const char *filename, > switch (so->flags) > { > case STATUS_OUTPUT_WRITE: > - so->fd = openvpn_open (filename, > + so->fd = platform_open (filename, > O_CREAT | O_TRUNC | O_WRONLY, > S_IRUSR | S_IWUSR); > break; > case STATUS_OUTPUT_READ: > - so->fd = openvpn_open (filename, > + so->fd = platform_open (filename, > O_RDONLY, > S_IRUSR | S_IWUSR); > break; > case STATUS_OUTPUT_READ|STATUS_OUTPUT_WRITE: > - so->fd = openvpn_open (filename, > + so->fd = platform_open (filename, > O_CREAT | O_RDWR, > S_IRUSR | S_IWUSR); > break; > diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c > index abc6a99..e6a7bc8 100644 > --- a/src/openvpn/tun.c > +++ b/src/openvpn/tun.c > @@ -1545,22 +1545,22 @@ tuncfg (const char *dev, const char *dev_type, const > char *dev_node, int persist > msg (M_ERR, "Cannot ioctl TUNSETPERSIST(%d) %s", persist_mode, dev); > if (username != NULL) > { > - struct user_state user_state; > + struct platform_state_user platform_state_user; > > - if (!get_user (username, &user_state)) > + if (!platform_user_get (username, &platform_state_user)) > msg (M_ERR, "Cannot get user entry for %s", username); > else > - if (ioctl (tt->fd, TUNSETOWNER, user_state.pw->pw_uid) < 0) > + if (ioctl (tt->fd, TUNSETOWNER, platform_state_user.pw->pw_uid) < 0) > msg (M_ERR, "Cannot ioctl TUNSETOWNER(%s) %s", username, dev); > } > if (groupname != NULL) > { > - struct group_state group_state; > + struct platform_state_group platform_state_group; > > - if (!get_group (groupname, &group_state)) > + if (!platform_group_get (groupname, &platform_state_group)) > msg (M_ERR, "Cannot get group entry for %s", groupname); > else > - if (ioctl (tt->fd, TUNSETGROUP, group_state.gr->gr_gid) < 0) > + if (ioctl (tt->fd, TUNSETGROUP, platform_state_group.gr->gr_gid) < 0) > msg (M_ERR, "Cannot ioctl TUNSETOWNER(%s) %s", groupname, dev); > } > close_tun (tt); > diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c > index e94343b..e8e69dc 100644 > --- a/src/openvpn/win32.c > +++ b/src/openvpn/win32.c > @@ -976,33 +976,6 @@ wide_string (const char* utf8, struct gc_arena *gc) > return ucs16; > } > > -FILE * > -openvpn_fopen (const char *path, const char *mode) > -{ > - struct gc_arena gc = gc_new (); > - FILE *f = _wfopen (wide_string (path, &gc), wide_string (mode, &gc)); > - gc_free (&gc); > - return f; > -} > - > -int > -openvpn_open (const char *path, int flags, int mode) > -{ > - struct gc_arena gc = gc_new (); > - int fd = _wopen (wide_string (path, &gc), flags, mode); > - gc_free (&gc); > - return fd; > -} > - > -int > -openvpn_stat (const char *path, openvpn_stat_t *buf) > -{ > - struct gc_arena gc = gc_new (); > - int res = _wstat (wide_string (path, &gc), buf); > - gc_free (&gc); > - return res; > -} > - > /* > * call ourself in another process > */ > -- > 1.7.3.4 > > > ------------------------------------------------------------------------------ > Virtualization & Cloud Management Using Capacity Planning > Cloud computing makes use of virtualization - but cloud computing > also focuses on allowing computing to be delivered as a service. > http://www.accelacomm.com/jaw/sfnl/114/51521223/ > _______________________________________________ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel