>From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17 00:00:00 2001
From: Micah Morton <mort...@chromium.org>
Date: Fri, 13 Apr 2018 09:55:22 -0700
Subject: [PATCH] Specify platform and version on command line.

Add --iv-plat and --iv-plat-rel command line args, and use the values
passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed
to the server.

IV_PLAT (platform type) is normally inferred from the build target, but
it would be useful to be able to override this from the command line
(e.g. for client to set platform as ChromeOS instead of Linux).

IV_PLAT_REL (platform release version) would allow for pushing the
platform (e.g. ChromeOS) release version to the server.

This patch is written against openvpn-2.4.4.

Signed-off-by: Micah Morton <mort...@chromium.org>
---
 src/openvpn/init.c       |  8 ++++++++
 src/openvpn/options.c    | 18 ++++++++++++++++++
 src/openvpn/options.h    |  2 ++
 src/openvpn/ssl.c        |  9 +++++++++
 src/openvpn/ssl_common.h |  2 ++
 5 files changed, 39 insertions(+)

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 133a9f5..1cb76ad 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -2723,6 +2723,14 @@ do_init_crypto_tls(struct context *c, const unsigned
int flags)
     {
         to.push_peer_info_detail = 0;
     }
+    if (options->iv_plat)
+    {
+        to.iv_plat = options->iv_plat;
+    }
+    if (options->iv_plat_rel)
+    {
+        to.iv_plat_rel = options->iv_plat_rel;
+    }
 #endif

     /* should we not xmit any packets until we get an initial
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 8dee5d1..d9559a0 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -229,6 +229,8 @@ static const char usage_message[] =
     "--client-nat snat|dnat network netmask alias : on client add 1-to-1
NAT rule.\n"
 #ifdef ENABLE_PUSH_PEER_INFO
     "--push-peer-info : (client only) push client info to server.\n"
+    "--iv-plat: (client only) platform type.\n"
+    "--iv-plat-rel: (client only) platform release version.\n"
 #endif
     "--setenv name value : Set a custom environmental variable to pass to
script.\n"
     "--setenv FORWARD_COMPATIBLE 1 : Relax config file syntax checking to
allow\n"
@@ -1781,6 +1783,8 @@ show_settings(const struct options *o)
     SHOW_BOOL(single_session);
 #ifdef ENABLE_PUSH_PEER_INFO
     SHOW_BOOL(push_peer_info);
+    SHOW_STR(iv_plat);
+    SHOW_STR(iv_plat_rel);
 #endif
     SHOW_BOOL(tls_exit);

@@ -7837,6 +7841,20 @@ add_option(struct options *options,
         VERIFY_PERMISSION(OPT_P_GENERAL);
         options->push_peer_info = true;
     }
+
+    else if (streq(p[0], "iv-plat") && p[1] && !p[2])
+    {
+        VERIFY_PERMISSION(OPT_P_GENERAL);
+        options->iv_plat = p[1];
+    }
+
+    else if (streq(p[0], "iv-plat-rel") && p[1] && !p[2])
+    {
+        VERIFY_PERMISSION(OPT_P_GENERAL);
+        options->iv_plat_rel = p[1];
+    }
+
+
 #endif
     else if (streq(p[0], "tls-exit") && !p[1])
     {
diff --git a/src/openvpn/options.h b/src/openvpn/options.h
index 01a7b26..9da4058 100644
--- a/src/openvpn/options.h
+++ b/src/openvpn/options.h
@@ -575,6 +575,8 @@ struct options

 #ifdef ENABLE_PUSH_PEER_INFO
     bool push_peer_info;
+    const char *iv_plat;
+    const char *iv_plat_rel;
 #endif

     bool tls_exit;
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 0739cf7..1265177 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2245,6 +2245,7 @@ push_peer_info(struct buffer *buf, struct tls_session
*session)
         buf_printf(&out, "IV_VER=%s\n", PACKAGE_VERSION);

         /* push platform */
+        if (session->opt->iv_plat == NULL) {
 #if defined(TARGET_LINUX)
         buf_printf(&out, "IV_PLAT=linux\n");
 #elif defined(TARGET_SOLARIS)
@@ -2262,6 +2263,14 @@ push_peer_info(struct buffer *buf, struct
tls_session *session)
 #elif defined(_WIN32)
         buf_printf(&out, "IV_PLAT=win\n");
 #endif
+        } else {
+            buf_printf(&out, "IV_PLAT=%s\n", session->opt->iv_plat);
+        }
+
+        if (session->opt->iv_plat_rel != NULL)
+        {
+            buf_printf(&out, "IV_PLAT_REL=%s\n",
session->opt->iv_plat_rel);
+        }

         /* support for P_DATA_V2 */
         buf_printf(&out, "IV_PROTO=2\n");
diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h
index 25bffd5..d95c2ef 100644
--- a/src/openvpn/ssl_common.h
+++ b/src/openvpn/ssl_common.h
@@ -251,6 +251,8 @@ struct tls_options
     bool pull;
 #ifdef ENABLE_PUSH_PEER_INFO
     int push_peer_info_detail;
+    const char *iv_plat;
+    const char *iv_plat_rel;
 #endif
     int transition_window;
     int handshake_window;
-- 
2.13.5
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to