From c1852e9a7140d69f8d308b3463fc1ec1159761ef Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Thu, 29 Aug 2019 20:07:41 +0200 Subject: tools: Add encryption option to ovpn This adds a -C, --crypt option to the ovpn tool to easily create AES encrypted IP tunnels. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- src/tools/ovpn/ovpn.c | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) (limited to 'src/tools/ovpn') diff --git a/src/tools/ovpn/ovpn.c b/src/tools/ovpn/ovpn.c index 54708730..0f1ec3e3 100644 --- a/src/tools/ovpn/ovpn.c +++ b/src/tools/ovpn/ovpn.c @@ -68,6 +68,7 @@ static void usage(void) "server to connect to\n" " -i, --ip IP address to give to TUN device\n" " -m, --mask Subnet mask to give to TUN device\n" + " -C, --crypt AES encryption (default: off)\n" "\n" " --help Display this help text and exit\n"); } @@ -187,13 +188,15 @@ int main(int argc, sigset_t sigset; int sig; int c; + qosspec_t qs; static struct option long_options[] = - {{"ip", required_argument, NULL, 'i'}, - {"mask", required_argument, NULL, 'm'}, - {"name", optional_argument, NULL, 'n'}, - {"help", no_argument, NULL, 'h'}, - {NULL, 0, NULL, 0} + {{"ip", required_argument, NULL, 'i'}, + {"mask", required_argument, NULL, 'm'}, + {"name", optional_argument, NULL, 'n'}, + {"crypt", no_argument, NULL, 'C'}, + {"help", no_argument, NULL, 'h'}, + {NULL, 0, NULL, 0} }; sigemptyset(&sigset); @@ -207,7 +210,9 @@ int main(int argc, exit(EXIT_FAILURE); } - while ((c = getopt_long(argc, argv, "i:m:n:h", + qs = qos_raw; + + while ((c = getopt_long(argc, argv, "i:m:n:Ch", long_options, NULL)) != -1) { switch (c) { case 'i': @@ -226,6 +231,9 @@ int main(int argc, case 'n': name = optarg; break; + case 'C': + qs = qos_raw_crypt; + break; case 'h': usage(); exit(EXIT_SUCCESS); @@ -255,7 +263,7 @@ int main(int argc, if (name != NULL) { printf("Allocating a flow to %s.\n", name); - o_fd = flow_alloc(name, NULL, NULL); + o_fd = flow_alloc(name, &qs, NULL); if (o_fd < 0) { printf("Failed to allocate flow.\n"); goto fail_alloc; -- cgit v1.2.3