]> git.ipfire.org Git - thirdparty/openvpn.git/blame - options.h
projects / thirdparty / openvpn.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Added warning that --capath is not available with PolarSSL
[thirdparty/openvpn.git] / options.h
CommitLineData
6fbf66fa
JY		 1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
564a2109 8 * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
6fbf66fa
JY		 9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program (see the file COPYING included with this
21 * distribution); if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25/*
26 * 2004-01-28: Added Socks5 proxy support
27 * (Christof Meerwald, http://cmeerw.org)
28 */
29
30#ifndef OPTIONS_H
31#define OPTIONS_H
32
33#include "basic.h"
34#include "common.h"
35#include "mtu.h"
36#include "route.h"
37#include "tun.h"
38#include "socket.h"
39#include "plugin.h"
40#include "manage.h"
41#include "proxy.h"
537073fd 42#include "lzo.h"
3eee126e 43#include "pushlist.h"
581bef87 44#include "clinat.h"
6fbf66fa
JY		 45
46/*
47 * Maximum number of parameters associated with an option,
48 * including the option name itself.
49 */
50#define MAX_PARMS 16
51
52/*
53 * Max size of options line and parameter.
54 */
55#define OPTION_PARM_SIZE 256
56#define OPTION_LINE_SIZE 256
57
58extern const char title_string[];
59
60#if P2MP
61
6fbf66fa
JY		 62/* certain options are saved before --pull modifications are applied */
63struct options_pre_pull
64{
65 bool tuntap_options_defined;
66 struct tuntap_options tuntap_options;
67
68 bool routes_defined;
673f583f 69 struct route_option_list *routes;
6fbf66fa 70
581bef87
JY		 71#ifdef ENABLE_CLIENT_NAT
72 bool client_nat_defined;
73 struct client_nat_option_list *client_nat;
74#endif
75
6fbf66fa
JY		 76 int foreign_option_index;
77};
78
253329a8
AJ		 79#endif
80#if !defined(USE_OPENSSL) && !defined(USE_POLARSSL)
81# error "At least one of OpenSSL or PolarSSL needs to be defined."
6fbf66fa
JY		 82#endif
83
4e9a51d7
JY		 84struct connection_entry
85{
86 int proto;
87 int local_port;
88 bool local_port_defined;
89 int remote_port;
90 bool port_option_used;
91 const char *local;
92 const char *remote;
93 bool remote_float;
94 bool bind_defined;
95 bool bind_local;
96 int connect_retry_seconds;
97 bool connect_retry_defined;
98 int connect_retry_max;
99 int connect_timeout;
100 bool connect_timeout_defined;
101#ifdef ENABLE_HTTP_PROXY
102 struct http_proxy_options *http_proxy_options;
103#endif
104#ifdef ENABLE_SOCKS
105 const char *socks_proxy_server;
106 int socks_proxy_port;
fc1fa9ff 107 const char *socks_proxy_authfile;
4e9a51d7
JY		 108 bool socks_proxy_retry;
109#endif
3cf6c932
JY		 110
111# define CE_DISABLED (1<<0)
112#if HTTP_PROXY_FALLBACK
113# define CE_HTTP_PROXY_FALLBACK (1<<1)
114 time_t ce_http_proxy_fallback_timestamp; /* time when fallback http_proxy_options was last updated */
115#endif
54561af6
JY		 116#if MANAGEMENT_QUERY_REMOTE
117# define CE_MAN_QUERY_REMOTE_UNDEF 0
118# define CE_MAN_QUERY_REMOTE_QUERY 1
119# define CE_MAN_QUERY_REMOTE_ACCEPT 2
120# define CE_MAN_QUERY_REMOTE_MOD 3
121# define CE_MAN_QUERY_REMOTE_SKIP 4
122# define CE_MAN_QUERY_REMOTE_MASK (0x07)
123# define CE_MAN_QUERY_REMOTE_SHIFT (2)
124#endif
3cf6c932 125 unsigned int flags;
4e9a51d7
JY		 126};
127
128struct remote_entry
129{
130 const char *remote;
131 int remote_port;
132 int proto;
133};
134
135#ifdef ENABLE_CONNECTION
136
137#define CONNECTION_LIST_SIZE 64
138
139struct connection_list
140{
141 int len;
142 int current;
3cf6c932 143 int n_cycles;
4e9a51d7
JY		 144 bool no_advance;
145 struct connection_entry *array[CONNECTION_LIST_SIZE];
146};
147
148struct remote_list
149{
150 int len;
151 struct remote_entry *array[CONNECTION_LIST_SIZE];
152};
153
154#endif
155
3cf6c932
JY		 156#if HTTP_PROXY_FALLBACK
157struct hpo_store
158{
159 struct http_proxy_options hpo;
160 char server[80];
161};
162#endif
163
54561af6
JY		 164#if MANAGEMENT_QUERY_REMOTE
165struct remote_host_store
166{
167# define RH_HOST_LEN 80
168 char host[RH_HOST_LEN];
169};
170#endif
171
6fbf66fa
JY		 172/* Command line options */
173struct options
174{
175 struct gc_arena gc;
4e9a51d7 176 bool gc_owned;
6fbf66fa
JY		 177
178 /* first config file */
179 const char *config;
180
181 /* major mode */
182# define MODE_POINT_TO_POINT 0
183# define MODE_SERVER 1
184 int mode;
185
373faab1
JY		 186 /* enable forward compatibility for post-2.1 features */
187 bool forward_compatible;
188
6fbf66fa
JY		 189 /* persist parms */
190 bool persist_config;
191 int persist_mode;
192
193#ifdef USE_CRYPTO
194 const char *key_pass_file;
195 bool show_ciphers;
196 bool show_digests;
197 bool show_engines;
198#ifdef USE_SSL
199 bool show_tls_ciphers;
200#endif
201 bool genkey;
202#endif
203
204 /* Networking parms */
4e9a51d7
JY		 205 struct connection_entry ce;
206
207#ifdef ENABLE_CONNECTION
3cf6c932 208 char *remote_ip_hint;
4e9a51d7 209 struct connection_list *connection_list;
6fbf66fa 210 struct remote_list *remote_list;
3cf6c932 211 bool force_connection_list;
4e9a51d7
JY		 212#endif
213
214#ifdef GENERAL_PROXY_SUPPORT
215 struct auto_proxy_info *auto_proxy_info;
216#endif
217
3cf6c932
JY		 218#if HTTP_PROXY_FALLBACK
219 bool http_proxy_fallback;
220 struct http_proxy_options *http_proxy_override;
221 struct hpo_store *hpo_store; /* used to store dynamic proxy info given by management interface */
222#endif
223
54561af6
JY		 224#if MANAGEMENT_QUERY_REMOTE
225 struct remote_host_store *rh_store;
226#endif
227
6fbf66fa
JY		 228 bool remote_random;
229 const char *ipchange;
6fbf66fa
JY		 230 const char *dev;
231 const char *dev_type;
232 const char *dev_node;
e12fe286 233 const char *lladdr;
3c7f2f55 234 int topology; /* one of the TOP_x values from proto.h */
6fbf66fa
JY		 235 const char *ifconfig_local;
236 const char *ifconfig_remote_netmask;
512cda46 237 const char *ifconfig_ipv6_local;
1840c852 238 int ifconfig_ipv6_netbits;
512cda46 239 const char *ifconfig_ipv6_remote;
6fbf66fa
JY		 240 bool ifconfig_noexec;
241 bool ifconfig_nowarn;
242#ifdef HAVE_GETTIMEOFDAY
243 int shaper;
244#endif
245 int tun_mtu; /* MTU of tun device */
246 int tun_mtu_extra;
247 bool tun_mtu_extra_defined;
248 int link_mtu; /* MTU of device over which tunnel packets pass via TCP/UDP */
249 bool tun_mtu_defined; /* true if user overriding parm with command line option */
250 bool link_mtu_defined; /* true if user overriding parm with command line option */
251
51e6e5b0
JY		 252 int proto_force;
253
6fbf66fa
JY		 254 /* Advanced MTU negotiation and datagram fragmentation options */
255 int mtu_discover_type; /* used if OS supports setting Path MTU discovery options on socket */
256
257#ifdef ENABLE_OCC
258 bool mtu_test;
259#endif
260
261 int fragment; /* internal fragmentation size */
262
263 bool mlock;
264
265 int keepalive_ping; /* a proxy for ping/ping-restart */
266 int keepalive_timeout;
267
838911cc
JY		 268 int inactivity_timeout; /* --inactive */
269 int inactivity_minimum_bytes;
270
6fbf66fa
JY		 271 int ping_send_timeout; /* Send a TCP/UDP ping to remote every n seconds */
272 int ping_rec_timeout; /* Expect a TCP/UDP ping from remote at least once every n seconds */
273 bool ping_timer_remote; /* Run ping timer only if we have a remote address */
274 bool tun_ipv6; /* Build tun dev that supports IPv6 */
275
276# define PING_UNDEF 0
277# define PING_EXIT 1
278# define PING_RESTART 2
279 int ping_rec_timeout_action; /* What action to take on ping_rec_timeout (exit or restart)? */
280
281#ifdef ENABLE_OCC
282 int explicit_exit_notification; /* Explicitly tell peer when we are exiting via OCC_EXIT message */
283#endif
284
285 bool persist_tun; /* Don't close/reopen TUN/TAP dev on SIGUSR1 or PING_RESTART */
286 bool persist_local_ip; /* Don't re-resolve local address on SIGUSR1 or PING_RESTART */
287 bool persist_remote_ip; /* Don't re-resolve remote address on SIGUSR1 or PING_RESTART */
288 bool persist_key; /* Don't re-read key files on SIGUSR1 or PING_RESTART */
289
290 int mssfix; /* Upper bound on TCP MSS */
291 bool mssfix_default; /* true if --mssfix was supplied without a parameter */
292
293#if PASSTOS_CAPABILITY
294 bool passtos;
295#endif
296
297 int resolve_retry_seconds; /* If hostname resolve fails, retry for n seconds */
298
299 struct tuntap_options tuntap_options;
300
301 /* Misc parms */
302 const char *username;
303 const char *groupname;
304 const char *chroot_dir;
305 const char *cd_dir;
99385447
JY		 306#ifdef HAVE_SETCON
307 char *selinux_context;
308#endif
6fbf66fa
JY		 309 const char *writepid;
310 const char *up_script;
311 const char *down_script;
312 bool down_pre;
313 bool up_delay;
314 bool up_restart;
315 bool daemon;
316
317 int remap_sigusr1;
318
319 /* inetd modes defined in socket.h */
320 int inetd;
321
322 bool log;
323 bool suppress_timestamps;
324 int nice;
325 int verbosity;
326 int mute;
327
328#ifdef ENABLE_DEBUG
329 int gremlin;
330#endif
331
332 const char *status_file;
333 int status_file_version;
334 int status_file_update_freq;
335
336 /* optimize TUN/TAP/UDP writes */
337 bool fast_io;
338
339#ifdef USE_LZO
537073fd
JY		 340 /* LZO_x flags from lzo.h */
341 unsigned int lzo;
6fbf66fa
JY		 342#endif
343
344 /* buffer sizes */
345 int rcvbuf;
346 int sndbuf;
347
d90428d1
HH		 348 /* mark value */
349 int mark;
350
00d39170
JY		 351 /* socket flags */
352 unsigned int sockflags;
353
6fbf66fa
JY		 354 /* route management */
355 const char *route_script;
356 const char *route_default_gateway;
40ac3d7a 357 int route_default_metric;
6fbf66fa
JY		 358 bool route_noexec;
359 int route_delay;
360 int route_delay_window;
361 bool route_delay_defined;
673f583f 362 int max_routes;
6fbf66fa 363 struct route_option_list *routes;
512cda46 364 struct route_ipv6_option_list *routes_ipv6; /* IPv6 */
3c7f2f55 365 bool route_nopull;
03731db3 366 bool route_gateway_via_dhcp;
0a838de8 367 bool allow_pull_fqdn; /* as a client, allow server to push a FQDN for certain parameters */
6fbf66fa 368
581bef87
JY		 369#ifdef ENABLE_CLIENT_NAT
370 struct client_nat_option_list *client_nat;
371#endif
372
6fbf66fa
JY		 373#ifdef ENABLE_OCC
374 /* Enable options consistency check between peers */
375 bool occ;
376#endif
377
378#ifdef ENABLE_MANAGEMENT
379 const char *management_addr;
380 int management_port;
381 const char *management_user_pass;
382 int management_log_history_cache;
383 int management_echo_buffer_size;
384 int management_state_buffer_size;
8d33c060 385 const char *management_write_peer_info_file;
90efcacb 386
bb564a59
JY		 387 const char *management_client_user;
388 const char *management_client_group;
389
90efcacb
JY		 390 /* Mask of MF_ values of manage.h */
391 unsigned int management_flags;
6fbf66fa
JY		 392#endif
393
394#ifdef ENABLE_PLUGIN
395 struct plugin_option_list *plugin_list;
396#endif
397
b70d99fb
GZ		 398 const char *tmp_dir;
399
6fbf66fa
JY		 400#if P2MP
401
402#if P2MP_SERVER
403 bool server_defined;
404 in_addr_t server_network;
405 in_addr_t server_netmask;
512cda46
GD		 406 bool server_ipv6_defined; /* IPv6 */
407 struct in6_addr server_network_ipv6; /* IPv6 */
408 unsigned int server_netbits_ipv6; /* IPv6 */
6fbf66fa 409
3c7f2f55 410# define SF_NOPOOL (1<<0)
ae3b3746 411# define SF_TCP_NODELAY_HELPER (1<<1)
148329ca 412# define SF_NO_PUSH_ROUTE_GATEWAY (1<<2)
3c7f2f55
JY		 413 unsigned int server_flags;
414
03731db3
JY		 415 bool server_bridge_proxy_dhcp;
416
6fbf66fa
JY		 417 bool server_bridge_defined;
418 in_addr_t server_bridge_ip;
419 in_addr_t server_bridge_netmask;
420 in_addr_t server_bridge_pool_start;
421 in_addr_t server_bridge_pool_end;
422
3eee126e 423 struct push_list push_list;
6fbf66fa
JY		 424 bool ifconfig_pool_defined;
425 in_addr_t ifconfig_pool_start;
426 in_addr_t ifconfig_pool_end;
427 in_addr_t ifconfig_pool_netmask;
428 const char *ifconfig_pool_persist_filename;
429 int ifconfig_pool_persist_refresh_freq;
512cda46
GD		 430
431 bool ifconfig_ipv6_pool_defined; /* IPv6 */
432 struct in6_addr ifconfig_ipv6_pool_base; /* IPv6 */
433 int ifconfig_ipv6_pool_netbits; /* IPv6 */
434
6fbf66fa
JY		 435 int real_hash_size;
436 int virtual_hash_size;
437 const char *client_connect_script;
438 const char *client_disconnect_script;
439 const char *learn_address_script;
6fbf66fa
JY		 440 const char *client_config_dir;
441 bool ccd_exclusive;
442 bool disable;
443 int n_bcast_buf;
444 int tcp_queue_limit;
445 struct iroute *iroutes;
512cda46 446 struct iroute_ipv6 *iroutes_ipv6; /* IPv6 */
6fbf66fa
JY		 447 bool push_ifconfig_defined;
448 in_addr_t push_ifconfig_local;
449 in_addr_t push_ifconfig_remote_netmask;
581bef87
JY		 450#ifdef ENABLE_CLIENT_NAT
451 in_addr_t push_ifconfig_local_alias;
452#endif
3c7f2f55
JY		 453 bool push_ifconfig_constraint_defined;
454 in_addr_t push_ifconfig_constraint_network;
455 in_addr_t push_ifconfig_constraint_netmask;
1840c852
GD		 456 bool push_ifconfig_ipv6_defined; /* IPv6 */
457 struct in6_addr push_ifconfig_ipv6_local; /* IPv6 */
458 int push_ifconfig_ipv6_netbits; /* IPv6 */
459 struct in6_addr push_ifconfig_ipv6_remote; /* IPv6 */
6fbf66fa
JY		 460 bool enable_c2c;
461 bool duplicate_cn;
462 int cf_max;
463 int cf_per;
464 int max_clients;
465 int max_routes_per_client;
3a957aae
DG		 466 int stale_routes_check_interval;
467 int stale_routes_ageing_time;
6fbf66fa 468
6fbf66fa
JY		 469 const char *auth_user_pass_verify_script;
470 bool auth_user_pass_verify_script_via_file;
6add6b2f
JY		 471#if PORT_SHARE
472 char *port_share_host;
473 int port_share_port;
1c5ff772 474 const char *port_share_journal_dir;
6add6b2f 475#endif
6fbf66fa
JY		 476#endif
477
478 bool client;
479 bool pull; /* client pull of config options from server */
3eee126e 480 int push_continuation;
6fbf66fa
JY		 481 const char *auth_user_pass_file;
482 struct options_pre_pull *pre_pull;
483
e1e977f3
JY		 484 int server_poll_timeout;
485
6fbf66fa
JY		 486 int scheduled_exit_interval;
487
75987303
JY		 488#ifdef ENABLE_CLIENT_CR
489 struct static_challenge_info sc_info;
490#endif
6fbf66fa
JY		 491#endif
492
493#ifdef USE_CRYPTO
494 /* Cipher parms */
495 const char *shared_secret_file;
c959fc74
JY		 496#if ENABLE_INLINE_FILES
497 const char *shared_secret_file_inline;
498#endif
6fbf66fa
JY		 499 int key_direction;
500 bool ciphername_defined;
501 const char *ciphername;
502 bool authname_defined;
503 const char *authname;
504 int keysize;
03bfb228
JY		 505 const char *prng_hash;
506 int prng_nonce_secret_len;
6fbf66fa
JY		 507 const char *engine;
508 bool replay;
509 bool mute_replay_warnings;
510 int replay_window;
511 int replay_time;
512 const char *packet_id_file;
513 bool use_iv;
514 bool test_crypto;
515
516#ifdef USE_SSL
517 /* TLS (control channel) parms */
518 bool tls_server;
519 bool tls_client;
520 const char *ca_file;
e9c5e170 521 const char *ca_path;
6fbf66fa
JY		 522 const char *dh_file;
523 const char *cert_file;
7966d75a 524 const char *extra_certs_file;
6fbf66fa
JY		 525 const char *priv_key_file;
526 const char *pkcs12_file;
527 const char *cipher_list;
528 const char *tls_verify;
39238d1b 529 const char *tls_export_cert;
6fbf66fa
JY		 530 const char *tls_remote;
531 const char *crl_file;
d40f2b20
JY		 532
533#if ENABLE_INLINE_FILES
534 const char *ca_file_inline;
535 const char *cert_file_inline;
7966d75a 536 const char *extra_certs_file_inline;
d40f2b20
JY		 537 char *priv_key_file_inline;
538 const char *dh_file_inline;
2e8ff6c1 539 const char *pkcs12_file_inline; /* contains the base64 encoding of pkcs12 file */
d40f2b20
JY		 540#endif
541
06d22777 542 int ns_cert_type; /* set to 0, NS_CERT_CHECK_SERVER, or NS_CERT_CHECK_CLIENT */
411e89ae
JY		 543 unsigned remote_cert_ku[MAX_PARMS];
544 const char *remote_cert_eku;
7966d75a 545 uint8_t *verify_hash;
e4359af4 546 unsigned int ssl_flags; /* set to SSLF_x flags from ssl.h */
bed73623
JY		 547
548#ifdef ENABLE_PKCS11
ce98fd24 549 const char *pkcs11_providers[MAX_PARMS];
718526e0 550 unsigned pkcs11_private_mode[MAX_PARMS];
18597b93
JY		 551 bool pkcs11_protected_authentication[MAX_PARMS];
552 bool pkcs11_cert_private[MAX_PARMS];
553 int pkcs11_pin_cache_period;
ce98fd24 554 const char *pkcs11_id;
1bda73a7 555 bool pkcs11_id_management;
bed73623
JY		 556#endif
557
6fbf66fa
JY		 558#ifdef WIN32
559 const char *cryptoapi_cert;
560#endif
561
562 /* data channel key exchange method */
563 int key_method;
564
565 /* Per-packet timeout on control channel */
566 int tls_timeout;
567
568 /* Data channel key renegotiation parameters */
569 int renegotiate_bytes;
570 int renegotiate_packets;
571 int renegotiate_seconds;
572
573 /* Data channel key handshake must finalize
574 within n seconds of handshake initiation. */
575 int handshake_window;
576
fbd18db6 577#ifdef ENABLE_X509ALTUSERNAME
2e8337de
EM		 578 /* Field used to be the username in X509 cert. */
579 char *x509_username_field;
fbd18db6 580#endif
2e8337de 581
6fbf66fa
JY		 582 /* Old key allowed to live n seconds after new key goes active */
583 int transition_window;
584
585 /* Special authentication MAC for TLS control channel */
586 const char *tls_auth_file; /* shared secret */
c959fc74
JY		 587#if ENABLE_INLINE_FILES
588 const char *tls_auth_file_inline;
589#endif
6fbf66fa
JY		 590
591 /* Allow only one session */
592 bool single_session;
593
aaf72974
JY		 594#ifdef ENABLE_PUSH_PEER_INFO
595 bool push_peer_info;
596#endif
597
6fbf66fa
JY		 598 bool tls_exit;
599
600#endif /* USE_SSL */
601#endif /* USE_CRYPTO */
602
9356bae8
JY		 603#ifdef ENABLE_X509_TRACK
604 const struct x509_track *x509_track;
605#endif
606
6fbf66fa
JY		 607 /* special state parms */
608 int foreign_option_index;
609
610#ifdef WIN32
611 const char *exit_event_name;
612 bool exit_event_initial_state;
613 bool show_net_up;
614 int route_method;
615#endif
616};
617
618#define streq(x, y) (!strcmp((x), (y)))
619
620/*
621 * Option classes.
622 */
623#define OPT_P_GENERAL (1<<0)
624#define OPT_P_UP (1<<1)
625#define OPT_P_ROUTE (1<<2)
626#define OPT_P_IPWIN32 (1<<3)
627#define OPT_P_SCRIPT (1<<4)
628#define OPT_P_SETENV (1<<5)
629#define OPT_P_SHAPER (1<<6)
630#define OPT_P_TIMER (1<<7)
631#define OPT_P_PERSIST (1<<8)
632#define OPT_P_PERSIST_IP (1<<9)
633#define OPT_P_COMP (1<<10) /* TODO */
634#define OPT_P_MESSAGES (1<<11)
635#define OPT_P_CRYPTO (1<<12) /* TODO */
636#define OPT_P_TLS_PARMS (1<<13) /* TODO */
637#define OPT_P_MTU (1<<14) /* TODO */
638#define OPT_P_NICE (1<<15)
639#define OPT_P_PUSH (1<<16)
640#define OPT_P_INSTANCE (1<<17)
641#define OPT_P_CONFIG (1<<18)
642#define OPT_P_EXPLICIT_NOTIFY (1<<19)
643#define OPT_P_ECHO (1<<20)
644#define OPT_P_INHERIT (1<<21)
3c7f2f55
JY		 645#define OPT_P_ROUTE_EXTRAS (1<<22)
646#define OPT_P_PULL_MODE (1<<23)
647#define OPT_P_PLUGIN (1<<24)
00d39170
JY		 648#define OPT_P_SOCKBUF (1<<25)
649#define OPT_P_SOCKFLAGS (1<<26)
4e9a51d7 650#define OPT_P_CONNECTION (1<<27)
6fbf66fa 651
3c7f2f55 652#define OPT_P_DEFAULT (~(OPT_P_INSTANCE|OPT_P_PULL_MODE))
6fbf66fa
JY		 653
654#if P2MP
655#define PULL_DEFINED(opt) ((opt)->pull)
656#if P2MP_SERVER
657#define PUSH_DEFINED(opt) ((opt)->push_list)
658#endif
659#endif
660
661#ifndef PULL_DEFINED
662#define PULL_DEFINED(opt) (false)
663#endif
664
665#ifndef PUSH_DEFINED
666#define PUSH_DEFINED(opt) (false)
667#endif
668
669#ifdef WIN32
670#define ROUTE_OPTION_FLAGS(o) ((o)->route_method & ROUTE_METHOD_MASK)
671#else
672#define ROUTE_OPTION_FLAGS(o) (0)
673#endif
674
675#ifdef HAVE_GETTIMEOFDAY
676#define SHAPER_DEFINED(opt) ((opt)->shaper)
677#else
678#define SHAPER_DEFINED(opt) (false)
679#endif
680
681#ifdef ENABLE_PLUGIN
682#define PLUGIN_OPTION_LIST(opt) ((opt)->plugin_list)
683#else
684#define PLUGIN_OPTION_LIST(opt) (NULL)
685#endif
686
90efcacb
JY		 687#ifdef MANAGEMENT_DEF_AUTH
688#define MAN_CLIENT_AUTH_ENABLED(opt) ((opt)->management_flags & MF_CLIENT_AUTH)
689#else
690#define MAN_CLIENT_AUTH_ENABLED(opt) (false)
691#endif
692
6fbf66fa
JY		 693void parse_argv (struct options *options,
694 const int argc,
695 char *argv[],
696 const int msglevel,
697 const unsigned int permission_mask,
698 unsigned int *option_types_found,
699 struct env_set *es);
700
701void notnull (const char *arg, const char *description);
702
703void usage_small (void);
704
4e9a51d7 705void init_options (struct options *o, const bool init_gc);
6fbf66fa
JY		 706void uninit_options (struct options *o);
707
708void setenv_settings (struct env_set *es, const struct options *o);
709void show_settings (const struct options *o);
710
711bool string_defined_equal (const char *s1, const char *s2);
712
713#ifdef ENABLE_OCC
714
715const char *options_string_version (const char* s, struct gc_arena *gc);
716
717char *options_string (const struct options *o,
718 const struct frame *frame,
719 struct tuntap *tt,
720 bool remote,
721 struct gc_arena *gc);
722
bb564a59 723bool options_cmp_equal_safe (char *actual, const char *expected, size_t actual_n);
6fbf66fa 724void options_warning_safe (char *actual, const char *expected, size_t actual_n);
bb564a59 725bool options_cmp_equal (char *actual, const char *expected);
6fbf66fa
JY		 726void options_warning (char *actual, const char *expected);
727
728#endif
729
4e9a51d7 730void options_postprocess (struct options *options);
6fbf66fa
JY		 731
732void pre_pull_save (struct options *o);
733void pre_pull_restore (struct options *o);
734
735bool apply_push_options (struct options *options,
736 struct buffer *buf,
737 unsigned int permission_mask,
738 unsigned int *option_types_found,
739 struct env_set *es);
740
741bool is_persist_option (const struct options *o);
742bool is_stateful_restart (const struct options *o);
743
744void options_detach (struct options *o);
745
746void options_server_import (struct options *o,
747 const char *filename,
748 int msglevel,
749 unsigned int permission_mask,
750 unsigned int *option_types_found,
751 struct env_set *es);
752
753void pre_pull_default (struct options *o);
754
755void rol_check_alloc (struct options *options);
756
757int parse_line (const char *line,
758 char *p[],
759 const int n,
760 const char *file,
761 const int line_num,
762 int msglevel,
763 struct gc_arena *gc);
764
3c7f2f55
JY		 765/*
766 * parse/print topology coding
767 */
768
769int parse_topology (const char *str, const int msglevel);
770const char *print_topology (const int topology);
771
6fbf66fa
JY		 772/*
773 * Manage auth-retry variable
774 */
775
776#if P2MP
777
778#define AR_NONE 0
779#define AR_INTERACT 1
780#define AR_NOINTERACT 2
781
782int auth_retry_get (void);
783bool auth_retry_set (const int msglevel, const char *option);
784const char *auth_retry_print (void);
785
786#endif
787
90efcacb 788void options_string_import (struct options *options,
3c7f2f55
JY		 789 const char *config,
790 const int msglevel,
791 const unsigned int permission_mask,
792 unsigned int *option_types_found,
793 struct env_set *es);
794
512cda46 795bool get_ipv6_addr( const char * prefix_str, struct in6_addr *network,
1840c852
GD		 796 unsigned int * netbits, char ** printable_ipv6,
797 int msglevel );
512cda46 798
4e9a51d7
JY		 799/*
800 * inline functions
801 */
802static inline bool
803connection_list_defined (const struct options *o)
804{
805#ifdef ENABLE_CONNECTION
806 return o->connection_list != NULL;
807#else
808 return false;
809#endif
810}
811
812static inline void
813connection_list_set_no_advance (struct options *o)
814{
815#ifdef ENABLE_CONNECTION
816 if (o->connection_list)
817 o->connection_list->no_advance = true;
818#endif
819}
820
3cf6c932
JY		 821#if HTTP_PROXY_FALLBACK
822
823struct http_proxy_options *
824parse_http_proxy_fallback (struct context *c,
825 const char *server,
826 const char *port,
827 const char *flags,
828 const int msglevel);
829
830#endif /* HTTP_PROXY_FALLBACK */
831
3c7f2f55 832#endif
Mirror of https://github.com/OpenVPN/openvpn.git