summaryrefslogtreecommitdiff
path: root/src/openvpnserv/interactive.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/openvpnserv/interactive.c')
-rw-r--r--src/openvpnserv/interactive.c84
1 files changed, 73 insertions, 11 deletions
diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
index dbe2b9b..607c8a9 100644
--- a/src/openvpnserv/interactive.c
+++ b/src/openvpnserv/interactive.c
@@ -16,10 +16,9 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with this program (see the file COPYING included with this
- * distribution); if not, write to the Free Software Foundation, Inc.,
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
@@ -94,6 +93,13 @@ typedef enum {
} undo_type_t;
typedef list_item_t *undo_lists_t[_undo_type_max];
+typedef struct {
+ HANDLE engine;
+ int index;
+ int metric_v4;
+ int metric_v6;
+} block_dns_data_t;
+
static DWORD
AddListItem(list_item_t **pfirst, LPVOID data)
@@ -215,7 +221,9 @@ AsyncPipeOp(async_op_t op, HANDLE pipe, LPVOID buffer, DWORD size, DWORD count,
handles[0] = io_event;
for (i = 0; i < count; i++)
+ {
handles[i + 1] = events[i];
+ }
res = WaitForMultipleObjects(count + 1, handles, FALSE,
op == peek ? INFINITE : IO_TIMEOUT);
@@ -883,6 +891,7 @@ static DWORD
HandleBlockDNSMessage(const block_dns_message_t *msg, undo_lists_t *lists)
{
DWORD err = 0;
+ block_dns_data_t *interface_data;
HANDLE engine = NULL;
LPCWSTR exe_path;
@@ -899,16 +908,57 @@ HandleBlockDNSMessage(const block_dns_message_t *msg, undo_lists_t *lists)
err = add_block_dns_filters(&engine, msg->iface.index, exe_path, BlockDNSErrHandler);
if (!err)
{
- err = AddListItem(&(*lists)[block_dns], engine);
+ interface_data = malloc(sizeof(block_dns_data_t));
+ if (!interface_data)
+ {
+ return ERROR_OUTOFMEMORY;
+ }
+ interface_data->engine = engine;
+ interface_data->index = msg->iface.index;
+ interface_data->metric_v4 = get_interface_metric(msg->iface.index,
+ AF_INET);
+ if (interface_data->metric_v4 < 0)
+ {
+ interface_data->metric_v4 = -1;
+ }
+ interface_data->metric_v6 = get_interface_metric(msg->iface.index,
+ AF_INET6);
+ if (interface_data->metric_v6 < 0)
+ {
+ interface_data->metric_v6 = -1;
+ }
+ err = AddListItem(&(*lists)[block_dns], interface_data);
+ if (!err)
+ {
+ err = set_interface_metric(msg->iface.index, AF_INET,
+ BLOCK_DNS_IFACE_METRIC);
+ if (!err)
+ {
+ set_interface_metric(msg->iface.index, AF_INET6,
+ BLOCK_DNS_IFACE_METRIC);
+ }
+ }
}
}
else
{
- engine = RemoveListItem(&(*lists)[block_dns], CmpEngine, NULL);
- if (engine)
+ interface_data = RemoveListItem(&(*lists)[block_dns], CmpEngine, NULL);
+ if (interface_data)
{
+ engine = interface_data->engine;
err = delete_block_dns_filters(engine);
engine = NULL;
+ if (interface_data->metric_v4 >= 0)
+ {
+ set_interface_metric(msg->iface.index, AF_INET,
+ interface_data->metric_v4);
+ }
+ if (interface_data->metric_v6 >= 0)
+ {
+ set_interface_metric(msg->iface.index, AF_INET6,
+ interface_data->metric_v6);
+ }
+ free(interface_data);
}
else
{
@@ -1323,6 +1373,7 @@ static VOID
Undo(undo_lists_t *lists)
{
undo_type_t type;
+ block_dns_data_t *interface_data;
for (type = 0; type < _undo_type_max; type++)
{
list_item_t **pnext = &(*lists)[type];
@@ -1348,8 +1399,18 @@ Undo(undo_lists_t *lists)
break;
case block_dns:
- delete_block_dns_filters(item->data);
- item->data = NULL;
+ interface_data = (block_dns_data_t*)(item->data);
+ delete_block_dns_filters(interface_data->engine);
+ if (interface_data->metric_v4 >= 0)
+ {
+ set_interface_metric(interface_data->index, AF_INET,
+ interface_data->metric_v4);
+ }
+ if (interface_data->metric_v6 >= 0)
+ {
+ set_interface_metric(interface_data->index, AF_INET6,
+ interface_data->metric_v6);
+ }
break;
}
@@ -1475,7 +1536,7 @@ RunOpenvpn(LPVOID p)
}
/* Check user is authorized or options are white-listed */
- if (!IsAuthorizedUser(ovpn_user->User.Sid, &settings)
+ if (!IsAuthorizedUser(ovpn_user->User.Sid, imp_token, settings.ovpn_admin_group)
&& !ValidateOptions(pipe, sud.directory, sud.options))
{
goto out;
@@ -1840,7 +1901,8 @@ ServiceStartInteractive(DWORD dwArgc, LPTSTR *lpszArgv)
PHANDLE handles = NULL;
DWORD handle_count;
BOOL
- CmpHandle(LPVOID item, LPVOID hnd) {
+ CmpHandle(LPVOID item, LPVOID hnd)
+ {
return item == hnd;
}