-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/07/15 23:51, Gert Doering wrote: > Hi, > > On Thu, Jul 02, 2015 at 04:21:04PM -0400, Matthew Karas wrote: >> I would really like to return some information back to the client >> via the plugin once they log in, like an integer. > > I'm fairly sure the plugin API allowes sending back arbitrary > config items (just like the "client-connect" script API does) - I > just don't know *how* this is done, having never worked the API > before. > > What I'd do: there is a radius-plugin which returns user config > data stored in radius servers - look at that one and see how it > sends the config data. Most likely it's a file descriptor opened > by openvpn which is just there to be filled with "push" > statements... > > gert > > PS: I'd call that a "devel" question... so you might want to move > to openvpn-devel with it - this is the -users list, the developers > are over there...
As I've had my hands deep into the plug-in API, I feel somewhat responsible and think I should respond too :) On a general note, please use the v3 API - openvpn_plugin_open_v3() and openvpn_plugin_func_v3(). Even though this can be confusing; the abort, close, client_constructor, client_destructor and select_initialization_point functions only exists in the v1 variant and may also be used together with those two v3 functions. You don't need to use all of them, but it is advisable to look into them and see covers situations your plug-in may see. The close function is mandatory, but the abort may be appropriate in some cases. So to your challenge. Gert is quite right, there exists possibilities to pass back configuration statements to a client through plug-ins, as an alternative to --client-config-dir. This is done through the struct openvpn_plugin_args_func_in pointer passed into openvpn_plugin_func_v3(). This is an openvpn styled list of string which is imported into the connected clients config when the func_v3() function is called with the OPENVPN_PLUGIN_CLIENT_CONNECT_V2 type flag. It is also possible to do this via a file through the func_v1() or func_v2 API (one of the arguments passed to the plug-in is a filename to a file OpenVPN created, and the plug-in is responsible to populate the file). Or using the OPENVPN_PLUGIN_CLIENT_CONNECT_V2 flag through the func_v2() API, it is possible to use a a similar openvpn string list, but this flag is only available in the func_v2() and func_v3() APIs. Having that said the v1 and v2 APIs are very slowly being phased out for the newer and more flexible v3 API. I hope this could shed some more light on how you can do this. Remember that information which is going to be sent from the server to the client needs to be 'push' statements, just as in the - --client-config-dir approach. - -- kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlWWaAcACgkQDC186MBRfrqLgQCdHhxNUl/Oqni3rko0MjQEvp7Y NzIAoI6BnhTW6KUqlfzRoP35mIMupdAU =0/4T -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
