GitList

src/openvpn/syshead.h

6fbf66fa	/* * OpenVPN -- An application to securely tunnel IP networks * over a single UDP port, with support for SSL/TLS-based * session authentication and key exchange, * packet encryption, packet authentication, and * packet compression. *
49979459	* Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
6fbf66fa	* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. *
caa54ac3	* You should have received a copy of the GNU General Public License along * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
6fbf66fa	*/ #ifndef SYSHEAD_H #define SYSHEAD_H
4b1a82db	#include "compat.h"
35be7e0d	#include <stdbool.h>
ec302f70
5d89a362	/* branch prediction hints */ #if defined(__GNUC__)
81d882d5	#define likely(x) __builtin_expect((x),1) #define unlikely(x) __builtin_expect((x),0)
5d89a362	#else
81d882d5	#define likely(x) (x) #define unlikely(x) (x)
5d89a362	#endif
445b192a	#ifdef _WIN32
1bda73a7	#include <windows.h>
aab2f954	#include <winsock2.h>
1bda73a7	#define sleep(x) Sleep((x)*1000) #define random rand #define srandom srand #endif
81d882d5	#ifdef _MSC_VER /* Visual Studio */
9884e208	#define __func__ __FUNCTION__
123092a7	#define __attribute__(x)
b70b2fc2	#include <inttypes.h>
9884e208	#endif
c02a8405	#if defined(__APPLE__) #if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 1070 #define __APPLE_USE_RFC_3542 1 #endif #endif
6fbf66fa	#ifdef HAVE_SYS_TYPES_H #include <sys/types.h> #endif #ifdef HAVE_SYS_WAIT_H
81d882d5	#include <sys/wait.h>
6fbf66fa	#endif
445b192a	#ifndef _WIN32
6fbf66fa	#ifndef WEXITSTATUS
81d882d5	#define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
6fbf66fa	#endif #ifndef WIFEXITED
81d882d5	#define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
6fbf66fa	#endif #endif
51bd56f4	#ifdef HAVE_SYS_TIME_H #include <sys/time.h> #endif #ifdef HAVE_TIME_H #include <time.h>
6fbf66fa	#endif #ifdef HAVE_SYS_SOCKET_H #include <sys/socket.h> #endif
bb564a59	#ifdef HAVE_SYS_UN_H #include <sys/un.h> #endif
6fbf66fa	#ifdef HAVE_SYS_IOCTL_H #include <sys/ioctl.h> #endif #ifdef HAVE_SYS_STAT_H #include <sys/stat.h> #endif #ifdef HAVE_FCNTL_H #include <fcntl.h> #endif
4b1a82db	#ifdef HAVE_DIRECT_H #include <direct.h> #endif #ifdef HAVE_IO_H #include <io.h> #endif
6fbf66fa	#ifdef HAVE_SYS_FILE_H #include <sys/file.h> #endif #ifdef HAVE_STDLIB_H #include <stdlib.h> #endif
51bd56f4	#ifdef HAVE_INTTYPES_H #include <inttypes.h> #elif defined(HAVE_STDINT_H)
6fbf66fa	#include <stdint.h> #endif #ifdef HAVE_STDARG_H #include <stdarg.h> #endif #ifdef HAVE_UNISTD_H #include <unistd.h> #endif #ifdef HAVE_SIGNAL_H #include <signal.h> #endif
112731fc	#ifdef HAVE_LIMITS_H #include <limits.h> #endif
6fbf66fa	#ifdef HAVE_STDIO_H #include <stdio.h> #endif #ifdef HAVE_CTYPE_H #include <ctype.h> #endif #ifdef HAVE_ERRNO_H #include <errno.h> #endif
dcc0b244	#ifdef HAVE_ERR_H #include <err.h> #endif
6fbf66fa	#ifdef HAVE_SYSLOG_H #include <syslog.h> #endif #ifdef HAVE_PWD_H #include <pwd.h> #endif #ifdef HAVE_GRP_H #include <grp.h> #endif #ifdef HAVE_NETDB_H #include <netdb.h> #endif #ifdef HAVE_NETINET_IN_H #include <netinet/in.h> #endif
1bda73a7	#ifdef HAVE_RESOLV_H #include <resolv.h> #endif
6fbf66fa	#ifdef HAVE_SYS_POLL_H #include <sys/poll.h> #endif #ifdef HAVE_SYS_EPOLL_H #include <sys/epoll.h> #endif
cd5990e0	#ifdef ENABLE_SELINUX
99385447	#include <selinux/selinux.h> #endif
dc81e743	#if defined(HAVE_LIBGEN_H) #include <libgen.h> #endif
6fbf66fa	#ifdef TARGET_SOLARIS #ifdef HAVE_STRINGS_H #include <strings.h> #endif #else #ifdef HAVE_STRING_H #include <string.h> #endif #endif #ifdef HAVE_ARPA_INET_H #include <arpa/inet.h> #endif #ifdef HAVE_NET_IF_H #include <net/if.h> #endif
8ca19c01	#ifdef TARGET_NETBSD #include <net/if_tap.h> #endif
a55b3cdb	#if defined(TARGET_LINUX) \|\| defined (TARGET_ANDROID)
6fbf66fa	#ifdef HAVE_LINUX_IF_TUN_H #include <linux/if_tun.h> #endif #ifdef HAVE_NETINET_IP_H #include <netinet/ip.h> #endif #ifdef HAVE_LINUX_SOCKIOS_H #include <linux/sockios.h> #endif #ifdef HAVE_LINUX_TYPES_H #include <linux/types.h> #endif #ifdef HAVE_LINUX_ERRQUEUE_H #include <linux/errqueue.h> #endif
00d39170	#ifdef HAVE_NETINET_TCP_H #include <netinet/tcp.h> #endif
6fbf66fa	#endif /* TARGET_LINUX / #ifdef TARGET_SOLARIS #ifdef HAVE_STROPTS_H #include <stropts.h> #undef S_ERROR #endif #ifdef HAVE_NET_IF_TUN_H #include <net/if_tun.h> #endif #ifdef HAVE_SYS_SOCKIO_H #include <sys/sockio.h> #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include <netinet/in_systm.h> #endif #ifdef HAVE_NETINET_IP_H #include <netinet/ip.h> #endif #ifdef HAVE_NETINET_TCP_H #include <netinet/tcp.h> #endif #endif / TARGET_SOLARIS */ #ifdef TARGET_OPENBSD #ifdef HAVE_SYS_UIO_H #include <sys/uio.h> #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include <netinet/in_systm.h> #endif #ifdef HAVE_NETINET_IP_H #include <netinet/ip.h> #endif
e5b236ea	#ifdef HAVE_NETINET_TCP_H #include <netinet/tcp.h> #endif
6fbf66fa	#ifdef HAVE_NET_IF_TUN_H #include <net/if_tun.h> #endif #endif /* TARGET_OPENBSD */ #ifdef TARGET_FREEBSD #ifdef HAVE_SYS_UIO_H #include <sys/uio.h> #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include <netinet/in_systm.h> #endif #ifdef HAVE_NETINET_IP_H #include <netinet/ip.h> #endif
3e86f688	#ifdef HAVE_NETINET_TCP_H #include <netinet/tcp.h> #endif
6fbf66fa	#ifdef HAVE_NET_IF_TUN_H #include <net/if_tun.h> #endif #endif /* TARGET_FREEBSD */ #ifdef TARGET_NETBSD #ifdef HAVE_NET_IF_TUN_H #include <net/if_tun.h>
6c29814b	#endif #ifdef HAVE_NETINET_TCP_H #include <netinet/tcp.h>
6fbf66fa	#endif #endif /* TARGET_NETBSD */
1bda73a7	#ifdef TARGET_DRAGONFLY #ifdef HAVE_SYS_UIO_H #include <sys/uio.h> #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include <netinet/in_systm.h> #endif #ifdef HAVE_NETINET_IP_H #include <netinet/ip.h> #endif #ifdef HAVE_NET_TUN_IF_TUN_H #include <net/tun/if_tun.h> #endif #endif /* TARGET_DRAGONFLY */
37170767	#ifdef TARGET_DARWIN #ifdef HAVE_NETINET_TCP_H #include <netinet/tcp.h> #endif #endif /* TARGET_DARWIN */
445b192a	#ifdef _WIN32
81d882d5	/* Missing declarations for MinGW 32. / / #if !defined(__MINGW64_VERSION_MAJOR) \|\| __MINGW64_VERSION_MAJOR < 2 / typedef int MIB_TCP_STATE; / #endif */
5fcd4933	#include <naptypes.h>
a18c2b02	#include <ntddndis.h>
5fcd4933	#include <iphlpapi.h>
1bda73a7	#include <wininet.h>
71bbbd76	#include <shellapi.h>
eb230891	/* The following two headers are needed of PF_INET6 */
b7f203c8	#include <winsock2.h> #include <ws2tcpip.h>
6fbf66fa	#endif #ifdef HAVE_SYS_MMAN_H #ifdef TARGET_DARWIN #define _P1003_1B_VISIBLE #endif /* TARGET_DARWIN / #include <sys/mman.h> #endif / * Pedantic mode is meant to accomplish lint-style program checking, * not to build a working executable. */
058f0efd	#ifdef PEDANTIC
81d882d5	#undef HAVE_CPP_VARARG_MACRO_GCC #undef HAVE_CPP_VARARG_MACRO_ISO #undef EMPTY_ARRAY_SIZE #define EMPTY_ARRAY_SIZE 1 #undef inline #define inline
6fbf66fa	#endif /* * Do we have the capability to support the --passtos option? / #if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT) #define PASSTOS_CAPABILITY 1 #else #define PASSTOS_CAPABILITY 0 #endif /
3d163bc5	* Do we have nanoseconds gettimeofday? */
445b192a	#if defined(HAVE_GETTIMEOFDAY) \|\| defined(_WIN32)
3d163bc5	#define HAVE_GETTIMEOFDAY_NANOSECONDS 1 #endif /*
6fbf66fa	* Do we have the capability to report extended socket errors? / #if defined(HAVE_LINUX_TYPES_H) && defined(HAVE_LINUX_ERRQUEUE_H) && defined(HAVE_SOCK_EXTENDED_ERR) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(IP_RECVERR) && defined(MSG_ERRQUEUE) && defined(SOL_IP) && defined(HAVE_IOVEC) #define EXTENDED_SOCKET_ERROR_CAPABILITY 1 #else #define EXTENDED_SOCKET_ERROR_CAPABILITY 0 #endif /
d3774cdf	* Does this platform support linux-style IP_PKTINFO * or bsd-style IP_RECVDSTADDR ?
8bc93d7f	*/
81d882d5	#if defined(ENABLE_MULTIHOME) && ((defined(HAVE_IN_PKTINFO) && defined(IP_PKTINFO)) \|\| defined(IP_RECVDSTADDR)) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
8bc93d7f	#define ENABLE_IP_PKTINFO 1 #else #define ENABLE_IP_PKTINFO 0 #endif /*
c02a8405	* Does this platform define SOL_IP * or only bsd-style IPPROTO_IP ? / #ifndef SOL_IP #define SOL_IP IPPROTO_IP #endif /
87b468d4	* Define type sa_family_t if it isn't defined in the socket headers / #ifndef HAVE_SA_FAMILY_T typedef unsigned short sa_family_t; #endif /
6fbf66fa	* Disable ESEC / #if 0 #undef EXTENDED_SOCKET_ERROR_CAPABILITY #define EXTENDED_SOCKET_ERROR_CAPABILITY 0 #endif / * Do we have a syslog capability? / #if defined(HAVE_OPENLOG) && defined(HAVE_SYSLOG) #define SYSLOG_CAPABILITY 1 #else #define SYSLOG_CAPABILITY 0 #endif / * Does this OS draw a distinction between binary and ascii files? / #ifndef O_BINARY #define O_BINARY 0 #endif / * Directory separation char */
445b192a	#ifdef _WIN32
6fbf66fa	#define OS_SPECIFIC_DIRSEP '\\' #else #define OS_SPECIFIC_DIRSEP '/' #endif /* * Our socket descriptor type. */
445b192a	#ifdef _WIN32
6fbf66fa	#define SOCKET_UNDEFINED (INVALID_SOCKET) typedef SOCKET socket_descriptor_t; #else #define SOCKET_UNDEFINED (-1) typedef int socket_descriptor_t; #endif static inline int
81d882d5	socket_defined(const socket_descriptor_t sd)
6fbf66fa	{
81d882d5	return sd != SOCKET_UNDEFINED;
6fbf66fa	} /*
b9baa4d9	* Should statistics counters be 64 bits? / #define USE_64_BIT_COUNTERS /
5a2e9a25	* Should we enable the use of execve() for calling subprocesses, * instead of system()? */ #if defined(HAVE_EXECVE) && defined(HAVE_FORK)
51bd56f4	#define ENABLE_FEATURE_EXECVE
5a2e9a25	#endif /*
6fbf66fa	* Do we have point-to-multipoint capability? */
c7ca9133	#if defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
6fbf66fa	#define P2MP 1 #else #define P2MP 0 #endif #if P2MP && !defined(ENABLE_CLIENT_ONLY) #define P2MP_SERVER 1 #else #define P2MP_SERVER 0 #endif /*
6add6b2f	* HTTPS port sharing capability / #if defined(ENABLE_PORT_SHARE) && P2MP_SERVER && defined(SCM_RIGHTS) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG) #define PORT_SHARE 1 #else #define PORT_SHARE 0 #endif /
90efcacb	* Enable deferred authentication?
47ae8457	*/
51bd56f4	#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_PLUGIN)
90efcacb	#define PLUGIN_DEF_AUTH #endif
51bd56f4	#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_MANAGEMENT)
90efcacb	#define MANAGEMENT_DEF_AUTH #endif
51bd56f4	#if !defined(PLUGIN_DEF_AUTH) && !defined(MANAGEMENT_DEF_AUTH) #undef ENABLE_DEF_AUTH
47ae8457	#endif /*
cf69617b	* Enable external private key */
c7ca9133	#if defined(ENABLE_MANAGEMENT)
cf69617b	#define MANAGMENT_EXTERNAL_KEY #endif
86d8cd68	/* Enable mbed TLS RNG prediction resistance support */ #ifdef ENABLE_CRYPTO_MBEDTLS
0f25d296	#define ENABLE_PREDICTION_RESISTANCE
86d8cd68	#endif /* ENABLE_CRYPTO_MBEDTLS */
0f25d296
cf69617b	/* * MANAGEMENT_IN_EXTRA allows the management interface to * read multi-line inputs from clients. / #if defined(MANAGEMENT_DEF_AUTH) \|\| defined(MANAGMENT_EXTERNAL_KEY) #define MANAGEMENT_IN_EXTRA #endif /
90efcacb	* Enable packet filter?
47ae8457	*/
51bd56f4	#if defined(ENABLE_PF) && P2MP_SERVER && defined(ENABLE_PLUGIN) && defined(HAVE_STAT)
90efcacb	#define PLUGIN_PF #endif
51bd56f4	#if defined(ENABLE_PF) && P2MP_SERVER && defined(MANAGEMENT_DEF_AUTH)
90efcacb	#define MANAGEMENT_PF #endif
51bd56f4	#if !defined(PLUGIN_PF) && !defined(MANAGEMENT_PF) #undef ENABLE_PF
47ae8457	#endif /*
bb564a59	* Do we support Unix domain sockets? */
445b192a	#if defined(PF_UNIX) && !defined(_WIN32)
bb564a59	#define UNIX_SOCK_SUPPORT 1 #else #define UNIX_SOCK_SUPPORT 0 #endif /*
6fbf66fa	* Should we include OCC (options consistency check) code? / #define ENABLE_OCC / * Should we include NTLM proxy functionality / #define NTLM 1 /
b27dc04c	* Should we include proxy digest auth functionality / #define PROXY_DIGEST_AUTH 1 /
93c22ecc	* Do we have CryptoAPI capability? */
c7ca9133	#if defined(_WIN32) && defined(ENABLE_CRYPTO_OPENSSL)
93c22ecc	#define ENABLE_CRYPTOAPI #endif /*
6fbf66fa	* Is poll available on this platform? / #if defined(HAVE_POLL) && defined(HAVE_SYS_POLL_H) #define POLL 1 #else #define POLL 0 #endif / * Is epoll available on this platform? / #if defined(HAVE_EPOLL_CREATE) && defined(HAVE_SYS_EPOLL_H) #define EPOLL 1 #else #define EPOLL 0 #endif / Disable EPOLL */ #if 0 #undef EPOLL #define EPOLL 0 #endif
d40f2b20	/*
0475d17e	* Reduce sensitivity to system clock instability * and backtracks. */
3d163bc5	#if defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
e5239fc2	#define TIME_BACKTRACK_PROTECTION 1
3d163bc5	#endif /* * Enable traffic shaper. */ #if defined(HAVE_GETTIMEOFDAY_NANOSECONDS) #define ENABLE_FEATURE_SHAPER 1 #endif
0475d17e
1ae9d051	/* * Is non-blocking connect() supported? */ #if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_ERROR) && defined(EINPROGRESS) && defined(ETIMEDOUT) #define CONNECT_NONBLOCK #endif
5f31881e	/*
eab3e22f	* Do we support challenge/response authentication as client?
3cf9dd88	*/
2ee0dc2b	#if defined(ENABLE_MANAGEMENT)
3cf9dd88	#define ENABLE_CLIENT_CR
2ee0dc2b	#endif
3cf9dd88	/*
38d96bd7	* Compression support */
81d882d5	#if defined(ENABLE_LZO) \|\| defined(ENABLE_LZ4) \ \|\| defined(ENABLE_COMP_STUB)
38d96bd7	#define USE_COMP #endif /*
ffea644c	* Enable --memstats option */ #ifdef TARGET_LINUX #define ENABLE_MEMSTATS #endif
81d882d5	#endif /* ifndef SYSHEAD_H */