summaryrefslogtreecommitdiff
path: root/src/openvpn/syshead.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/openvpn/syshead.h')
-rw-r--r--src/openvpn/syshead.h718
1 files changed, 718 insertions, 0 deletions
diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h
new file mode 100644
index 0000000..c81f08a
--- /dev/null
+++ b/src/openvpn/syshead.h
@@ -0,0 +1,718 @@
+/*
+ * OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program (see the file COPYING included with this
+ * distribution); if not, write to the Free Software Foundation, Inc.,
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#ifndef SYSHEAD_H
+#define SYSHEAD_H
+
+#include "compat.h"
+#include "compat-stdbool.h"
+
+/* branch prediction hints */
+#if defined(__GNUC__)
+# define likely(x) __builtin_expect((x),1)
+# define unlikely(x) __builtin_expect((x),0)
+#else
+# define likely(x) (x)
+# define unlikely(x) (x)
+#endif
+
+#ifdef WIN32
+#include <windows.h>
+#include <winsock2.h>
+#define sleep(x) Sleep((x)*1000)
+#define random rand
+#define srandom srand
+#endif
+
+#if defined(__APPLE__)
+#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 1070
+#define __APPLE_USE_RFC_3542 1
+#endif
+#endif
+
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
+#ifdef HAVE_SYS_WAIT_H
+# include <sys/wait.h>
+#endif
+
+#ifndef WIN32
+#ifndef WEXITSTATUS
+# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
+#endif
+#ifndef WIFEXITED
+# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
+#endif
+#endif
+
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+
+#ifdef HAVE_SYS_UN_H
+#include <sys/un.h>
+#endif
+
+#ifdef HAVE_SYS_IOCTL_H
+#include <sys/ioctl.h>
+#endif
+
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+
+#ifdef HAVE_DIRECT_H
+#include <direct.h>
+#endif
+
+#ifdef HAVE_IO_H
+#include <io.h>
+#endif
+
+#ifdef HAVE_SYS_FILE_H
+#include <sys/file.h>
+#endif
+
+#ifdef HAVE_STDLIB_H
+#include <stdlib.h>
+#endif
+
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#elif defined(HAVE_STDINT_H)
+#include <stdint.h>
+#endif
+
+#ifdef HAVE_STDARG_H
+#include <stdarg.h>
+#endif
+
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+#ifdef HAVE_SIGNAL_H
+#include <signal.h>
+#endif
+
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+
+#ifdef HAVE_STDIO_H
+#include <stdio.h>
+#endif
+
+#ifdef HAVE_CTYPE_H
+#include <ctype.h>
+#endif
+
+#ifdef HAVE_ERRNO_H
+#include <errno.h>
+#endif
+
+#ifdef HAVE_ERR_H
+#include <err.h>
+#endif
+
+#ifdef HAVE_SYSLOG_H
+#include <syslog.h>
+#endif
+
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+
+#ifdef HAVE_GRP_H
+#include <grp.h>
+#endif
+
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+
+#ifdef HAVE_RESOLV_H
+#include <resolv.h>
+#endif
+
+#ifdef HAVE_SYS_POLL_H
+#include <sys/poll.h>
+#endif
+
+#ifdef HAVE_SYS_EPOLL_H
+#include <sys/epoll.h>
+#endif
+
+#ifdef ENABLE_SELINUX
+#include <selinux/selinux.h>
+#endif
+
+#if defined(HAVE_LIBGEN_H)
+#include <libgen.h>
+#endif
+
+#ifdef TARGET_SOLARIS
+#ifdef HAVE_STRINGS_H
+#include <strings.h>
+#endif
+#else
+#ifdef HAVE_STRING_H
+#include <string.h>
+#endif
+#endif
+
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+
+#ifdef HAVE_NET_IF_H
+#include <net/if.h>
+#endif
+
+#ifdef TARGET_NETBSD
+#include <net/if_tap.h>
+#endif
+
+#ifdef TARGET_LINUX
+
+#if defined(HAVE_NETINET_IF_ETHER_H)
+#include <netinet/if_ether.h>
+#endif
+
+#ifdef HAVE_LINUX_IF_TUN_H
+#include <linux/if_tun.h>
+#endif
+
+#ifdef HAVE_NETINET_IP_H
+#include <netinet/ip.h>
+#endif
+
+#ifdef HAVE_LINUX_SOCKIOS_H
+#include <linux/sockios.h>
+#endif
+
+#ifdef HAVE_LINUX_TYPES_H
+#include <linux/types.h>
+#endif
+
+#ifdef HAVE_LINUX_ERRQUEUE_H
+#include <linux/errqueue.h>
+#endif
+
+#ifdef HAVE_NETINET_TCP_H
+#include <netinet/tcp.h>
+#endif
+
+#endif /* TARGET_LINUX */
+
+#ifdef TARGET_SOLARIS
+
+#ifdef HAVE_STROPTS_H
+#include <stropts.h>
+#undef S_ERROR
+#endif
+
+#ifdef HAVE_NET_IF_TUN_H
+#include <net/if_tun.h>
+#endif
+
+#ifdef HAVE_SYS_SOCKIO_H
+#include <sys/sockio.h>
+#endif
+
+#ifdef HAVE_NETINET_IN_SYSTM_H
+#include <netinet/in_systm.h>
+#endif
+
+#ifdef HAVE_NETINET_IP_H
+#include <netinet/ip.h>
+#endif
+
+#ifdef HAVE_NETINET_TCP_H
+#include <netinet/tcp.h>
+#endif
+
+#endif /* TARGET_SOLARIS */
+
+#ifdef TARGET_OPENBSD
+
+#ifdef HAVE_SYS_UIO_H
+#include <sys/uio.h>
+#endif
+
+#ifdef HAVE_NETINET_IN_SYSTM_H
+#include <netinet/in_systm.h>
+#endif
+
+#ifdef HAVE_NETINET_IP_H
+#include <netinet/ip.h>
+#endif
+
+#ifdef HAVE_NET_IF_TUN_H
+#include <net/if_tun.h>
+#endif
+
+#endif /* TARGET_OPENBSD */
+
+#ifdef TARGET_FREEBSD
+
+#ifdef HAVE_SYS_UIO_H
+#include <sys/uio.h>
+#endif
+
+#ifdef HAVE_NETINET_IN_SYSTM_H
+#include <netinet/in_systm.h>
+#endif
+
+#ifdef HAVE_NETINET_IP_H
+#include <netinet/ip.h>
+#endif
+
+#ifdef HAVE_NET_IF_TUN_H
+#include <net/if_tun.h>
+#endif
+
+#endif /* TARGET_FREEBSD */
+
+#ifdef TARGET_NETBSD
+
+#ifdef HAVE_NET_IF_TUN_H
+#include <net/if_tun.h>
+#endif
+
+#ifdef HAVE_NETINET_TCP_H
+#include <netinet/tcp.h>
+#endif
+
+#endif /* TARGET_NETBSD */
+
+#ifdef TARGET_DRAGONFLY
+
+#ifdef HAVE_SYS_UIO_H
+#include <sys/uio.h>
+#endif
+
+#ifdef HAVE_NETINET_IN_SYSTM_H
+#include <netinet/in_systm.h>
+#endif
+
+#ifdef HAVE_NETINET_IP_H
+#include <netinet/ip.h>
+#endif
+
+#ifdef HAVE_NET_TUN_IF_TUN_H
+#include <net/tun/if_tun.h>
+#endif
+
+#endif /* TARGET_DRAGONFLY */
+
+#ifdef WIN32
+#include <iphlpapi.h>
+#include <ntddndis.h>
+#include <wininet.h>
+#include <shellapi.h>
+/* The following two headers are needed of PF_INET6 */
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#endif
+
+#ifdef HAVE_SYS_MMAN_H
+#ifdef TARGET_DARWIN
+#define _P1003_1B_VISIBLE
+#endif /* TARGET_DARWIN */
+#include <sys/mman.h>
+#endif
+
+/*
+ * Pedantic mode is meant to accomplish lint-style program checking,
+ * not to build a working executable.
+ */
+#ifdef __STRICT_ANSI__
+# define PEDANTIC 1
+# undef HAVE_CPP_VARARG_MACRO_GCC
+# undef HAVE_CPP_VARARG_MACRO_ISO
+# undef EMPTY_ARRAY_SIZE
+# define EMPTY_ARRAY_SIZE 1
+# undef inline
+# define inline
+#else
+# define PEDANTIC 0
+#endif
+
+/*
+ * Do we have the capability to support the --passtos option?
+ */
+#if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
+#define PASSTOS_CAPABILITY 1
+#else
+#define PASSTOS_CAPABILITY 0
+#endif
+
+/*
+ * Do we have nanoseconds gettimeofday?
+ */
+#if defined(HAVE_GETTIMEOFDAY) || defined(WIN32)
+#define HAVE_GETTIMEOFDAY_NANOSECONDS 1
+#endif
+
+/*
+ * Do we have the capability to report extended socket errors?
+ */
+#if defined(HAVE_LINUX_TYPES_H) && defined(HAVE_LINUX_ERRQUEUE_H) && defined(HAVE_SOCK_EXTENDED_ERR) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(IP_RECVERR) && defined(MSG_ERRQUEUE) && defined(SOL_IP) && defined(HAVE_IOVEC)
+#define EXTENDED_SOCKET_ERROR_CAPABILITY 1
+#else
+#define EXTENDED_SOCKET_ERROR_CAPABILITY 0
+#endif
+
+/*
+ * Does this platform support linux-style IP_PKTINFO
+ * or bsd-style IP_RECVDSTADDR ?
+ */
+#if defined(ENABLE_MULTIHOME) && ((defined(HAVE_IN_PKTINFO)&&defined(IP_PKTINFO)) || defined(IP_RECVDSTADDR)) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
+#define ENABLE_IP_PKTINFO 1
+#else
+#define ENABLE_IP_PKTINFO 0
+#endif
+
+/*
+ * Does this platform define SOL_IP
+ * or only bsd-style IPPROTO_IP ?
+ */
+#ifndef SOL_IP
+#define SOL_IP IPPROTO_IP
+#endif
+
+/*
+ * Disable ESEC
+ */
+#if 0
+#undef EXTENDED_SOCKET_ERROR_CAPABILITY
+#define EXTENDED_SOCKET_ERROR_CAPABILITY 0
+#endif
+
+/*
+ * Do we have a syslog capability?
+ */
+#if defined(HAVE_OPENLOG) && defined(HAVE_SYSLOG)
+#define SYSLOG_CAPABILITY 1
+#else
+#define SYSLOG_CAPABILITY 0
+#endif
+
+/*
+ * Does this OS draw a distinction between binary and ascii files?
+ */
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
+/*
+ * Directory separation char
+ */
+#ifdef WIN32
+#define OS_SPECIFIC_DIRSEP '\\'
+#else
+#define OS_SPECIFIC_DIRSEP '/'
+#endif
+
+/*
+ * Define a boolean value based
+ * on Win32 status.
+ */
+#ifdef WIN32
+#define WIN32_0_1 1
+#else
+#define WIN32_0_1 0
+#endif
+
+/*
+ * Our socket descriptor type.
+ */
+#ifdef WIN32
+#define SOCKET_UNDEFINED (INVALID_SOCKET)
+typedef SOCKET socket_descriptor_t;
+#else
+#define SOCKET_UNDEFINED (-1)
+typedef int socket_descriptor_t;
+#endif
+
+static inline int
+socket_defined (const socket_descriptor_t sd)
+{
+ return sd != SOCKET_UNDEFINED;
+}
+
+/*
+ * Should statistics counters be 64 bits?
+ */
+#define USE_64_BIT_COUNTERS
+
+/*
+ * Should we enable the use of execve() for calling subprocesses,
+ * instead of system()?
+ */
+#if defined(HAVE_EXECVE) && defined(HAVE_FORK)
+#define ENABLE_FEATURE_EXECVE
+#endif
+
+/*
+ * Do we have point-to-multipoint capability?
+ */
+
+#if defined(ENABLE_CLIENT_SERVER) && defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) && defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
+#define P2MP 1
+#else
+#define P2MP 0
+#endif
+
+#if P2MP && !defined(ENABLE_CLIENT_ONLY)
+#define P2MP_SERVER 1
+#else
+#define P2MP_SERVER 0
+#endif
+
+/*
+ * HTTPS port sharing capability
+ */
+#if defined(ENABLE_PORT_SHARE) && P2MP_SERVER && defined(SCM_RIGHTS) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
+#define PORT_SHARE 1
+#else
+#define PORT_SHARE 0
+#endif
+
+/*
+ * Enable deferred authentication?
+ */
+#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_PLUGIN)
+#define PLUGIN_DEF_AUTH
+#endif
+#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_MANAGEMENT)
+#define MANAGEMENT_DEF_AUTH
+#endif
+#if !defined(PLUGIN_DEF_AUTH) && !defined(MANAGEMENT_DEF_AUTH)
+#undef ENABLE_DEF_AUTH
+#endif
+
+/*
+ * Enable external private key
+ */
+#if defined(ENABLE_MANAGEMENT) && defined(ENABLE_SSL) && !defined(ENABLE_CRYPTO_POLARSSL)
+#define MANAGMENT_EXTERNAL_KEY
+#endif
+
+/* Enable PolarSSL RNG prediction resistance support */
+#ifdef ENABLE_CRYPTO_POLARSSL
+#define ENABLE_PREDICTION_RESISTANCE
+#endif /* ENABLE_CRYPTO_POLARSSL */
+
+/*
+ * MANAGEMENT_IN_EXTRA allows the management interface to
+ * read multi-line inputs from clients.
+ */
+#if defined(MANAGEMENT_DEF_AUTH) || defined(MANAGMENT_EXTERNAL_KEY)
+#define MANAGEMENT_IN_EXTRA
+#endif
+
+/*
+ * Enable packet filter?
+ */
+#if defined(ENABLE_PF) && P2MP_SERVER && defined(ENABLE_PLUGIN) && defined(HAVE_STAT)
+#define PLUGIN_PF
+#endif
+#if defined(ENABLE_PF) && P2MP_SERVER && defined(MANAGEMENT_DEF_AUTH)
+#define MANAGEMENT_PF
+#endif
+#if !defined(PLUGIN_PF) && !defined(MANAGEMENT_PF)
+#undef ENABLE_PF
+#endif
+
+/*
+ * Do we support Unix domain sockets?
+ */
+#if defined(PF_UNIX) && !defined(WIN32)
+#define UNIX_SOCK_SUPPORT 1
+#else
+#define UNIX_SOCK_SUPPORT 0
+#endif
+
+/*
+ * Compile the struct buffer_list code
+ */
+#define ENABLE_BUFFER_LIST
+
+/*
+ * Should we include OCC (options consistency check) code?
+ */
+#ifndef ENABLE_SMALL
+#define ENABLE_OCC
+#endif
+
+/*
+ * Should we include NTLM proxy functionality
+ */
+#if defined(ENABLE_CRYPTO) && defined(ENABLE_HTTP_PROXY)
+#define NTLM 1
+#else
+#define NTLM 0
+#endif
+
+/*
+ * Should we include proxy digest auth functionality
+ */
+#if defined(ENABLE_CRYPTO) && defined(ENABLE_HTTP_PROXY)
+#define PROXY_DIGEST_AUTH 1
+#else
+#define PROXY_DIGEST_AUTH 0
+#endif
+
+/*
+ * Should we include code common to all proxy methods?
+ */
+#if defined(ENABLE_HTTP_PROXY) || defined(ENABLE_SOCKS)
+#define GENERAL_PROXY_SUPPORT
+#endif
+
+/*
+ * Do we have CryptoAPI capability?
+ */
+#if defined(WIN32) && defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) && defined(ENABLE_CRYPTO_OPENSSL)
+#define ENABLE_CRYPTOAPI
+#endif
+
+/*
+ * Enable x509-track feature?
+ */
+#if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) && defined (ENABLE_CRYPTO_OPENSSL)
+#define ENABLE_X509_TRACK
+#endif
+
+/*
+ * Is poll available on this platform?
+ */
+#if defined(HAVE_POLL) && defined(HAVE_SYS_POLL_H)
+#define POLL 1
+#else
+#define POLL 0
+#endif
+
+/*
+ * Is epoll available on this platform?
+ */
+#if defined(HAVE_EPOLL_CREATE) && defined(HAVE_SYS_EPOLL_H)
+#define EPOLL 1
+#else
+#define EPOLL 0
+#endif
+
+/* Disable EPOLL */
+#if 0
+#undef EPOLL
+#define EPOLL 0
+#endif
+
+/*
+ * Should we include http proxy override functionality
+ */
+#if defined(ENABLE_MANAGEMENT) && defined(ENABLE_HTTP_PROXY)
+#define HTTP_PROXY_OVERRIDE 1
+#else
+#define HTTP_PROXY_OVERRIDE 0
+#endif
+
+/*
+ * Reduce sensitivity to system clock instability
+ * and backtracks.
+ */
+#if defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
+#define TIME_BACKTRACK_PROTECTION 1
+#endif
+
+/*
+ * Enable traffic shaper.
+ */
+#if defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
+#define ENABLE_FEATURE_SHAPER 1
+#endif
+
+/*
+ * Is non-blocking connect() supported?
+ */
+#if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_ERROR) && defined(EINPROGRESS) && defined(ETIMEDOUT)
+#define CONNECT_NONBLOCK
+#endif
+
+/*
+ * Do we have the capability to support the AUTO_USERID feature?
+ */
+#if defined(ENABLE_AUTO_USERID)
+#define AUTO_USERID 1
+#else
+#define AUTO_USERID 0
+#endif
+
+/*
+ * Do we support challenge/response authentication as client?
+ */
+#if defined(ENABLE_MANAGEMENT)
+#define ENABLE_CLIENT_CR
+#endif
+
+/*
+ * Do we support pushing peer info?
+ */
+#if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL)
+#define ENABLE_PUSH_PEER_INFO
+#endif
+
+/*
+ * Do we support internal client-side NAT?
+ */
+#define ENABLE_CLIENT_NAT
+
+/*
+ * Enable --memstats option
+ */
+#ifdef TARGET_LINUX
+#define ENABLE_MEMSTATS
+#endif
+
+#endif