Scripting and plugins are powerful tools to extend OpenVPN. It allows an administrator to integrate OpenVPN better into an existing infrastructure, for example, by enabling authentication against a separate backend system or by recording usage statistics of a client.

Writing OpenVPN scripts can be tricky, as special care needs to be taken about the timing of the scripts. The current version of OpenVPN is monolithic and single-threaded, which means that a lengthy or misbehaving server-side script can block the entire VPN for all users.

It is also important to understand the flow and order in which the scripts are called. In this chapter, we explored how this order works and which environment variables are present to each of the server- and ...