CSanchezAustin

in case anyone is interested, I translated the example Windows cli wrapper for the ESET API to Linux. Compile and runs as follows. Note: All 3 shared libraries need to be in the same directory as the executable that get created. Limitation on how ESET created their shared libraries. g++ -c -g -o esetapi_cli.o esetapi_cli.cpp && g++ esetapi_cli.o -L/usr/local/lib -ldl -o esetapi Source: esetapi_cli.cpp #include <iostream> #include <string> #include <errno.h> #include <dlfcn.h> typedef int (*era_process_request)(const char* request, char** response); typedef void (*era_free)(char* s); typedef int (*era_init_lib)(); typedef void (*era_deinit_lib)(); int main(int argc, char** argv) { // 1. Load library void* hMod = ::dlopen( "ServerApi.so", RTLD_LAZY | RTLD_GLOBAL ); if (!hMod) { std::cout << "Cannot load api library error. Last error is: " << dlerror() << std::endl; return 1; } // 2. Get pointer to function, which can initialize library era_init_lib init_lib = (era_init_lib)::dlsym(hMod,"era_init_lib"); if (!init_lib ) { std::cout<<"Cannot init library" << std::endl; ::dlclose(hMod); return 1; } // 7. Get pointer to function, which can deinitialize library era_deinit_lib deinit_lib = (era_deinit_lib)::dlsym(hMod,"era_deinit_lib"); if (!deinit_lib ) { std::cout<<"Cannot deinit libraries" << std::endl; ::dlclose(hMod); return 1; } // 3. Initialize library int res = init_lib(); if(res) { std::cout<<"Init lib result:" << res << std::endl; ::dlclose(hMod); return 1; } // 4. Get pointer to function, which can send request and receive response era_process_request send_request = (era_process_request)::dlsym(hMod,"era_process_request"); if (!send_request) { std::cout<<"Cannot load era_process_request" << std::endl; deinit_lib(); ::dlclose(hMod); return 1; } // 5. Get pointer to function, which can free response era_free free_response = (era_free)::dlsym(hMod,"era_free"); if (!free_response) { std::cout<<"Cannot load era_free" << std::endl; deinit_lib(); ::dlclose(hMod); return 1; } while (true) { std::string request;// = "{\"Era.ServerApi.StartRequest\":{}}"; std::cout<<">"; std::getline(std::cin, request); if (request == "quit") {; break; } std::cout<<"Executing json ..." << std::endl; char* szRes = NULL; // 6. Send request and receive response + free response int res = send_request(request.c_str(),&szRes); if (szRes) std::cout<<szRes<<std::endl; free_response(szRes); } std::cout<<"Exiting ... " << std::endl; // 8. Deinitialize library deinit_lib(); // 9. Free library ::dlclose(hMod); std::cout<<"Library freed ... " << std::endl; return 0; } Example messages: {"Era.ServerApi.StartRequest":{}} {"Era.ServerApi.CreateConnectionRequest":{"host":"192.168.2.10","port":2223}} {"Era.ServerApi.VerifyUserResponse":{"VerifyResult":true}} {"Era.Common.NetworkMessage.ConsoleApi.SessionManagement.RpcAuthLoginRequest" : {"username":"CHANGEME", "password":"CHANGEME", "isDomainUser":false, "locale":"en-US"}} {"Era.ServerApi.IsConnectionAliveRequest":{}} {"Era.Common.NetworkMessage.ConsoleApi.Dashboards.RpcGetDashboardsRequest":{}} # Get information about the root group (All) {"Era.Common.NetworkMessage.ConsoleApi.Groups.RpcGetStaticGroupRequest": {"groupUuid": {"uuid": "00000000-0000-0000-7001-000000000001"}}} {"Era.ServerApi.CloseConnectionRequest":{}} {"Era.ServerApi.StopRequest":{}}

I am trying to implement a choke point in an OpenVPN post_auth plugin. My criterial will be whether or not a client machine has any flags (see attachment). If they do I will deny access. This will be a python plugin for OpenVPN and it needs to access APIs (REST is preferred). How can this be accomplished?