openvpn-plugin
is a crate that makes it easy to write OpenVPN plugins in Rust.
The crate contains two main things:
- The
openvpn_plugin!
macro for generating the FFI interface OpenVPN will interact with - The FFI and safe Rust types needed to communicate with OpenVPN.
Usage
Edit your Cargo.toml
to depend on this crate and set the type of your crate to a cdylib
in
order to make it compile to a shared library that OpenVPN will understand:
[]
= ["cdylib"]
[]
= "x.y"
In your crate root (lib.rs
) define your handle type, the three callback functions and
call the openvpn_plugin!
macro to generate the corresponding FFI bindings.
More details on the handle and the callback functions can be found in the documentation for the
openvpn_plugin!
macro.
use HashMap;
use CString;
use Error;
use ;
openvpn_plugin!;
#
Panic handling
C cannot handle Rust panic unwinding into it, so it is not good practice to let Rust panic when
called from C. Because of this, all calls from this crate to the callbacks given to
openvpn_plugin!
($open_fn
, $close_fn
and $event_fn
) are wrapped in
catch_unwind
.
If catch_unwind
captures a panic it will log it and then return
OPENVPN_PLUGIN_FUNC_ERROR
to OpenVPN.
Note that this will only work for unwinding panics, not with panic=abort
.
Logging
Any errors returned from the user defined callbacks or panics that happens anywhere in Rust is
logged by this crate before control is returned to OpenVPN. By default logging happens to
stderr. To activate logging with the error!
macro in the log
crate, build this crate with
the log
feature.