]> git.ipfire.org Git - thirdparty/openvpn.git/blame - src/openvpn/options.h
projects / thirdparty / openvpn.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Remove duplicate cipher entries from TLS translation table.
[thirdparty/openvpn.git] / src / openvpn / options.h
CommitLineData
6fbf66fa
JY		 1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
564a2109 8 * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
6fbf66fa
JY		 9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program (see the file COPYING included with this
21 * distribution); if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25/*
26 * 2004-01-28: Added Socks5 proxy support
27 * (Christof Meerwald, http://cmeerw.org)
28 */
29
30#ifndef OPTIONS_H
31#define OPTIONS_H
32
33#include "basic.h"
34#include "common.h"
35#include "mtu.h"
36#include "route.h"
37#include "tun.h"
38#include "socket.h"
39#include "plugin.h"
40#include "manage.h"
41#include "proxy.h"
38d96bd7 42#include "comp.h"
3eee126e 43#include "pushlist.h"
581bef87 44#include "clinat.h"
6fbf66fa
JY		 45
46/*
47 * Maximum number of parameters associated with an option,
48 * including the option name itself.
49 */
50#define MAX_PARMS 16
51
52/*
53 * Max size of options line and parameter.
54 */
55#define OPTION_PARM_SIZE 256
56#define OPTION_LINE_SIZE 256
57
58extern const char title_string[];
59
60#if P2MP
61
6fbf66fa
JY		 62/* certain options are saved before --pull modifications are applied */
63struct options_pre_pull
64{
65 bool tuntap_options_defined;
66 struct tuntap_options tuntap_options;
67
68 bool routes_defined;
673f583f 69 struct route_option_list *routes;
6fbf66fa 70
91402236
GD		 71 bool routes_ipv6_defined;
72 struct route_ipv6_option_list *routes_ipv6;
73
581bef87
JY		 74#ifdef ENABLE_CLIENT_NAT
75 bool client_nat_defined;
76 struct client_nat_option_list *client_nat;
77#endif
78
6fbf66fa
JY		 79 int foreign_option_index;
80};
81
253329a8 82#endif
9b33b5a4 83#if defined(ENABLE_CRYPTO) && !defined(ENABLE_CRYPTO_OPENSSL) && !defined(ENABLE_CRYPTO_POLARSSL)
253329a8 84# error "At least one of OpenSSL or PolarSSL needs to be defined."
6fbf66fa
JY		 85#endif
86
4e9a51d7
JY		 87struct connection_entry
88{
89 int proto;
90 int local_port;
91 bool local_port_defined;
92 int remote_port;
4e9a51d7
JY		 93 const char *local;
94 const char *remote;
95 bool remote_float;
96 bool bind_defined;
97 bool bind_local;
98 int connect_retry_seconds;
99 bool connect_retry_defined;
100 int connect_retry_max;
101 int connect_timeout;
102 bool connect_timeout_defined;
103#ifdef ENABLE_HTTP_PROXY
104 struct http_proxy_options *http_proxy_options;
105#endif
106#ifdef ENABLE_SOCKS
107 const char *socks_proxy_server;
108 int socks_proxy_port;
fc1fa9ff 109 const char *socks_proxy_authfile;
4e9a51d7
JY		 110 bool socks_proxy_retry;
111#endif
3cf6c932 112
76809cae
JJK		 113 int tun_mtu; /* MTU of tun device */
114 bool tun_mtu_defined; /* true if user overriding parm with command line option */
115 int tun_mtu_extra;
116 bool tun_mtu_extra_defined;
117 int link_mtu; /* MTU of device over which tunnel packets pass via TCP/UDP */
118 bool link_mtu_defined; /* true if user overriding parm with command line option */
119
120 /* Advanced MTU negotiation and datagram fragmentation options */
121 int mtu_discover_type; /* used if OS supports setting Path MTU discovery options on socket */
122
123 int fragment; /* internal fragmentation size */
124 int mssfix; /* Upper bound on TCP MSS */
125 bool mssfix_default; /* true if --mssfix was supplied without a parameter */
126
127#ifdef ENABLE_OCC
128 int explicit_exit_notification; /* Explicitly tell peer when we are exiting via OCC_EXIT message */
129#endif
130
3cf6c932 131# define CE_DISABLED (1<<0)
af1bf85a 132# define CE_MAN_QUERY_PROXY (1<<1)
54561af6
JY		 133# define CE_MAN_QUERY_REMOTE_UNDEF 0
134# define CE_MAN_QUERY_REMOTE_QUERY 1
135# define CE_MAN_QUERY_REMOTE_ACCEPT 2
136# define CE_MAN_QUERY_REMOTE_MOD 3
137# define CE_MAN_QUERY_REMOTE_SKIP 4
138# define CE_MAN_QUERY_REMOTE_MASK (0x07)
139# define CE_MAN_QUERY_REMOTE_SHIFT (2)
3cf6c932 140 unsigned int flags;
4e9a51d7
JY		 141};
142
143struct remote_entry
144{
145 const char *remote;
146 int remote_port;
147 int proto;
148};
149
4e9a51d7
JY		 150#define CONNECTION_LIST_SIZE 64
151
152struct connection_list
153{
154 int len;
155 int current;
3cf6c932 156 int n_cycles;
4e9a51d7
JY		 157 bool no_advance;
158 struct connection_entry *array[CONNECTION_LIST_SIZE];
159};
160
161struct remote_list
162{
163 int len;
164 struct remote_entry *array[CONNECTION_LIST_SIZE];
165};
166
54561af6
JY		 167struct remote_host_store
168{
169# define RH_HOST_LEN 80
170 char host[RH_HOST_LEN];
171};
54561af6 172
6fbf66fa
JY		 173/* Command line options */
174struct options
175{
176 struct gc_arena gc;
4e9a51d7 177 bool gc_owned;
6fbf66fa
JY		 178
179 /* first config file */
180 const char *config;
181
182 /* major mode */
183# define MODE_POINT_TO_POINT 0
184# define MODE_SERVER 1
185 int mode;
186
373faab1
JY		 187 /* enable forward compatibility for post-2.1 features */
188 bool forward_compatible;
b685a1e6
AS		 189 /* list of options that should be ignored even if unkown */
190 const char ** ignore_unknown_option;
373faab1 191
6fbf66fa
JY		 192 /* persist parms */
193 bool persist_config;
194 int persist_mode;
195
9b33b5a4 196#ifdef ENABLE_CRYPTO
6fbf66fa
JY		 197 const char *key_pass_file;
198 bool show_ciphers;
199 bool show_digests;
200 bool show_engines;
9b33b5a4 201#ifdef ENABLE_SSL
6fbf66fa
JY		 202 bool show_tls_ciphers;
203#endif
204 bool genkey;
205#endif
206
207 /* Networking parms */
4e9a51d7 208 struct connection_entry ce;
3cf6c932 209 char *remote_ip_hint;
4e9a51d7 210 struct connection_list *connection_list;
6fbf66fa 211 struct remote_list *remote_list;
3cf6c932 212 bool force_connection_list;
4e9a51d7 213
af1bf85a 214#if HTTP_PROXY_OVERRIDE
3cf6c932 215 struct http_proxy_options *http_proxy_override;
3cf6c932
JY		 216#endif
217
54561af6 218 struct remote_host_store *rh_store;
54561af6 219
6fbf66fa
JY		 220 bool remote_random;
221 const char *ipchange;
6fbf66fa
JY		 222 const char *dev;
223 const char *dev_type;
224 const char *dev_node;
e12fe286 225 const char *lladdr;
3c7f2f55 226 int topology; /* one of the TOP_x values from proto.h */
6fbf66fa
JY		 227 const char *ifconfig_local;
228 const char *ifconfig_remote_netmask;
512cda46 229 const char *ifconfig_ipv6_local;
1840c852 230 int ifconfig_ipv6_netbits;
512cda46 231 const char *ifconfig_ipv6_remote;
6fbf66fa
JY		 232 bool ifconfig_noexec;
233 bool ifconfig_nowarn;
3d163bc5 234#ifdef ENABLE_FEATURE_SHAPER
6fbf66fa
JY		 235 int shaper;
236#endif
6fbf66fa 237
51e6e5b0
JY		 238 int proto_force;
239
6fbf66fa
JY		 240#ifdef ENABLE_OCC
241 bool mtu_test;
242#endif
243
ffea644c
JY		 244#ifdef ENABLE_MEMSTATS
245 char *memstats_fn;
246#endif
247
6fbf66fa
JY		 248 bool mlock;
249
250 int keepalive_ping; /* a proxy for ping/ping-restart */
251 int keepalive_timeout;
252
838911cc
JY		 253 int inactivity_timeout; /* --inactive */
254 int inactivity_minimum_bytes;
255
6fbf66fa
JY		 256 int ping_send_timeout; /* Send a TCP/UDP ping to remote every n seconds */
257 int ping_rec_timeout; /* Expect a TCP/UDP ping from remote at least once every n seconds */
258 bool ping_timer_remote; /* Run ping timer only if we have a remote address */
259 bool tun_ipv6; /* Build tun dev that supports IPv6 */
260
261# define PING_UNDEF 0
262# define PING_EXIT 1
263# define PING_RESTART 2
264 int ping_rec_timeout_action; /* What action to take on ping_rec_timeout (exit or restart)? */
265
6fbf66fa
JY		 266 bool persist_tun; /* Don't close/reopen TUN/TAP dev on SIGUSR1 or PING_RESTART */
267 bool persist_local_ip; /* Don't re-resolve local address on SIGUSR1 or PING_RESTART */
268 bool persist_remote_ip; /* Don't re-resolve remote address on SIGUSR1 or PING_RESTART */
269 bool persist_key; /* Don't re-read key files on SIGUSR1 or PING_RESTART */
270
6fbf66fa
JY		 271#if PASSTOS_CAPABILITY
272 bool passtos;
273#endif
274
275 int resolve_retry_seconds; /* If hostname resolve fails, retry for n seconds */
276
277 struct tuntap_options tuntap_options;
278
279 /* Misc parms */
280 const char *username;
281 const char *groupname;
282 const char *chroot_dir;
283 const char *cd_dir;
cd5990e0 284#ifdef ENABLE_SELINUX
99385447
JY		 285 char *selinux_context;
286#endif
6fbf66fa
JY		 287 const char *writepid;
288 const char *up_script;
289 const char *down_script;
9b6a5028 290 bool user_script_used;
6fbf66fa
JY		 291 bool down_pre;
292 bool up_delay;
293 bool up_restart;
294 bool daemon;
295
296 int remap_sigusr1;
297
298 /* inetd modes defined in socket.h */
299 int inetd;
300
301 bool log;
302 bool suppress_timestamps;
303 int nice;
304 int verbosity;
305 int mute;
306
307#ifdef ENABLE_DEBUG
308 int gremlin;
309#endif
310
311 const char *status_file;
312 int status_file_version;
313 int status_file_update_freq;
314
315 /* optimize TUN/TAP/UDP writes */
316 bool fast_io;
317
38d96bd7
JY		 318#ifdef USE_COMP
319 struct compress_options comp;
6fbf66fa
JY		 320#endif
321
322 /* buffer sizes */
323 int rcvbuf;
324 int sndbuf;
325
d90428d1
HH		 326 /* mark value */
327 int mark;
328
00d39170
JY		 329 /* socket flags */
330 unsigned int sockflags;
331
6fbf66fa
JY		 332 /* route management */
333 const char *route_script;
415421c2 334 const char *route_predown_script;
6fbf66fa 335 const char *route_default_gateway;
40ac3d7a 336 int route_default_metric;
6fbf66fa
JY		 337 bool route_noexec;
338 int route_delay;
339 int route_delay_window;
340 bool route_delay_defined;
673f583f 341 int max_routes;
6fbf66fa 342 struct route_option_list *routes;
512cda46 343 struct route_ipv6_option_list *routes_ipv6; /* IPv6 */
3c7f2f55 344 bool route_nopull;
03731db3 345 bool route_gateway_via_dhcp;
0a838de8 346 bool allow_pull_fqdn; /* as a client, allow server to push a FQDN for certain parameters */
6fbf66fa 347
581bef87
JY		 348#ifdef ENABLE_CLIENT_NAT
349 struct client_nat_option_list *client_nat;
350#endif
351
6fbf66fa
JY		 352#ifdef ENABLE_OCC
353 /* Enable options consistency check between peers */
354 bool occ;
355#endif
356
357#ifdef ENABLE_MANAGEMENT
358 const char *management_addr;
359 int management_port;
360 const char *management_user_pass;
361 int management_log_history_cache;
362 int management_echo_buffer_size;
363 int management_state_buffer_size;
8d33c060 364 const char *management_write_peer_info_file;
90efcacb 365
bb564a59
JY		 366 const char *management_client_user;
367 const char *management_client_group;
368
90efcacb
JY		 369 /* Mask of MF_ values of manage.h */
370 unsigned int management_flags;
6fbf66fa
JY		 371#endif
372
373#ifdef ENABLE_PLUGIN
374 struct plugin_option_list *plugin_list;
375#endif
376
ea5e091e 377
b70d99fb 378
6fbf66fa
JY		 379#if P2MP
380
381#if P2MP_SERVER
ea5e091e
AS		 382 /* the tmp dir is for now only used in the P2P server context */
383 const char *tmp_dir;
6fbf66fa
JY		 384 bool server_defined;
385 in_addr_t server_network;
386 in_addr_t server_netmask;
512cda46
GD		 387 bool server_ipv6_defined; /* IPv6 */
388 struct in6_addr server_network_ipv6; /* IPv6 */
389 unsigned int server_netbits_ipv6; /* IPv6 */
6fbf66fa 390
3c7f2f55 391# define SF_NOPOOL (1<<0)
ae3b3746 392# define SF_TCP_NODELAY_HELPER (1<<1)
148329ca 393# define SF_NO_PUSH_ROUTE_GATEWAY (1<<2)
3c7f2f55
JY		 394 unsigned int server_flags;
395
03731db3
JY		 396 bool server_bridge_proxy_dhcp;
397
6fbf66fa
JY		 398 bool server_bridge_defined;
399 in_addr_t server_bridge_ip;
400 in_addr_t server_bridge_netmask;
401 in_addr_t server_bridge_pool_start;
402 in_addr_t server_bridge_pool_end;
403
3eee126e 404 struct push_list push_list;
6fbf66fa
JY		 405 bool ifconfig_pool_defined;
406 in_addr_t ifconfig_pool_start;
407 in_addr_t ifconfig_pool_end;
408 in_addr_t ifconfig_pool_netmask;
409 const char *ifconfig_pool_persist_filename;
410 int ifconfig_pool_persist_refresh_freq;
512cda46
GD		 411
412 bool ifconfig_ipv6_pool_defined; /* IPv6 */
413 struct in6_addr ifconfig_ipv6_pool_base; /* IPv6 */
414 int ifconfig_ipv6_pool_netbits; /* IPv6 */
415
6fbf66fa
JY		 416 int real_hash_size;
417 int virtual_hash_size;
418 const char *client_connect_script;
419 const char *client_disconnect_script;
420 const char *learn_address_script;
6fbf66fa
JY		 421 const char *client_config_dir;
422 bool ccd_exclusive;
423 bool disable;
424 int n_bcast_buf;
425 int tcp_queue_limit;
426 struct iroute *iroutes;
512cda46 427 struct iroute_ipv6 *iroutes_ipv6; /* IPv6 */
6fbf66fa
JY		 428 bool push_ifconfig_defined;
429 in_addr_t push_ifconfig_local;
430 in_addr_t push_ifconfig_remote_netmask;
581bef87
JY		 431#ifdef ENABLE_CLIENT_NAT
432 in_addr_t push_ifconfig_local_alias;
433#endif
3c7f2f55
JY		 434 bool push_ifconfig_constraint_defined;
435 in_addr_t push_ifconfig_constraint_network;
436 in_addr_t push_ifconfig_constraint_netmask;
1840c852
GD		 437 bool push_ifconfig_ipv6_defined; /* IPv6 */
438 struct in6_addr push_ifconfig_ipv6_local; /* IPv6 */
439 int push_ifconfig_ipv6_netbits; /* IPv6 */
440 struct in6_addr push_ifconfig_ipv6_remote; /* IPv6 */
6fbf66fa
JY		 441 bool enable_c2c;
442 bool duplicate_cn;
443 int cf_max;
444 int cf_per;
445 int max_clients;
446 int max_routes_per_client;
3a957aae
DG		 447 int stale_routes_check_interval;
448 int stale_routes_ageing_time;
6fbf66fa 449
6fbf66fa
JY		 450 const char *auth_user_pass_verify_script;
451 bool auth_user_pass_verify_script_via_file;
6add6b2f
JY		 452#if PORT_SHARE
453 char *port_share_host;
454 int port_share_port;
1c5ff772 455 const char *port_share_journal_dir;
6add6b2f 456#endif
6fbf66fa
JY		 457#endif
458
459 bool client;
460 bool pull; /* client pull of config options from server */
3eee126e 461 int push_continuation;
6fbf66fa
JY		 462 const char *auth_user_pass_file;
463 struct options_pre_pull *pre_pull;
464
e1e977f3
JY		 465 int server_poll_timeout;
466
6fbf66fa
JY		 467 int scheduled_exit_interval;
468
75987303
JY		 469#ifdef ENABLE_CLIENT_CR
470 struct static_challenge_info sc_info;
471#endif
6fbf66fa
JY		 472#endif
473
9b33b5a4 474#ifdef ENABLE_CRYPTO
6fbf66fa
JY		 475 /* Cipher parms */
476 const char *shared_secret_file;
c959fc74 477 const char *shared_secret_file_inline;
6fbf66fa
JY		 478 int key_direction;
479 bool ciphername_defined;
480 const char *ciphername;
481 bool authname_defined;
482 const char *authname;
483 int keysize;
03bfb228
JY		 484 const char *prng_hash;
485 int prng_nonce_secret_len;
6fbf66fa
JY		 486 const char *engine;
487 bool replay;
488 bool mute_replay_warnings;
489 int replay_window;
490 int replay_time;
491 const char *packet_id_file;
492 bool use_iv;
493 bool test_crypto;
0f25d296
AJ		 494#ifdef ENABLE_PREDICTION_RESISTANCE
495 bool use_prediction_resistance;
496#endif
6fbf66fa 497
9b33b5a4 498#ifdef ENABLE_SSL
6fbf66fa
JY		 499 /* TLS (control channel) parms */
500 bool tls_server;
501 bool tls_client;
502 const char *ca_file;
e9c5e170 503 const char *ca_path;
6fbf66fa
JY		 504 const char *dh_file;
505 const char *cert_file;
7966d75a 506 const char *extra_certs_file;
6fbf66fa
JY		 507 const char *priv_key_file;
508 const char *pkcs12_file;
509 const char *cipher_list;
510 const char *tls_verify;
9f0fc745
HH		 511 int verify_x509_type;
512 const char *verify_x509_name;
39238d1b 513 const char *tls_export_cert;
6fbf66fa 514 const char *crl_file;
d40f2b20 515
d40f2b20
JY		 516 const char *ca_file_inline;
517 const char *cert_file_inline;
7966d75a 518 const char *extra_certs_file_inline;
d40f2b20
JY		 519 char *priv_key_file_inline;
520 const char *dh_file_inline;
2e8ff6c1 521 const char *pkcs12_file_inline; /* contains the base64 encoding of pkcs12 file */
d40f2b20 522
06d22777 523 int ns_cert_type; /* set to 0, NS_CERT_CHECK_SERVER, or NS_CERT_CHECK_CLIENT */
411e89ae
JY		 524 unsigned remote_cert_ku[MAX_PARMS];
525 const char *remote_cert_eku;
7966d75a 526 uint8_t *verify_hash;
e4359af4 527 unsigned int ssl_flags; /* set to SSLF_x flags from ssl.h */
bed73623
JY		 528
529#ifdef ENABLE_PKCS11
ce98fd24 530 const char *pkcs11_providers[MAX_PARMS];
718526e0 531 unsigned pkcs11_private_mode[MAX_PARMS];
18597b93
JY		 532 bool pkcs11_protected_authentication[MAX_PARMS];
533 bool pkcs11_cert_private[MAX_PARMS];
534 int pkcs11_pin_cache_period;
ce98fd24 535 const char *pkcs11_id;
1bda73a7 536 bool pkcs11_id_management;
bed73623
JY		 537#endif
538
93c22ecc 539#ifdef ENABLE_CRYPTOAPI
6fbf66fa
JY		 540 const char *cryptoapi_cert;
541#endif
542
543 /* data channel key exchange method */
544 int key_method;
545
546 /* Per-packet timeout on control channel */
547 int tls_timeout;
548
549 /* Data channel key renegotiation parameters */
550 int renegotiate_bytes;
551 int renegotiate_packets;
552 int renegotiate_seconds;
553
554 /* Data channel key handshake must finalize
555 within n seconds of handshake initiation. */
556 int handshake_window;
557
fbd18db6 558#ifdef ENABLE_X509ALTUSERNAME
2e8337de
EM		 559 /* Field used to be the username in X509 cert. */
560 char *x509_username_field;
fbd18db6 561#endif
2e8337de 562
6fbf66fa
JY		 563 /* Old key allowed to live n seconds after new key goes active */
564 int transition_window;
565
566 /* Special authentication MAC for TLS control channel */
567 const char *tls_auth_file; /* shared secret */
c959fc74 568 const char *tls_auth_file_inline;
6fbf66fa
JY		 569
570 /* Allow only one session */
571 bool single_session;
572
aaf72974
JY		 573#ifdef ENABLE_PUSH_PEER_INFO
574 bool push_peer_info;
575#endif
576
6fbf66fa
JY		 577 bool tls_exit;
578
9b33b5a4
ABL		 579#endif /* ENABLE_SSL */
580#endif /* ENABLE_CRYPTO */
6fbf66fa 581
9356bae8
JY		 582#ifdef ENABLE_X509_TRACK
583 const struct x509_track *x509_track;
584#endif
585
6fbf66fa
JY		 586 /* special state parms */
587 int foreign_option_index;
588
589#ifdef WIN32
590 const char *exit_event_name;
591 bool exit_event_initial_state;
592 bool show_net_up;
593 int route_method;
594#endif
595};
596
597#define streq(x, y) (!strcmp((x), (y)))
598
599/*
600 * Option classes.
601 */
602#define OPT_P_GENERAL (1<<0)
603#define OPT_P_UP (1<<1)
604#define OPT_P_ROUTE (1<<2)
605#define OPT_P_IPWIN32 (1<<3)
606#define OPT_P_SCRIPT (1<<4)
607#define OPT_P_SETENV (1<<5)
608#define OPT_P_SHAPER (1<<6)
609#define OPT_P_TIMER (1<<7)
610#define OPT_P_PERSIST (1<<8)
611#define OPT_P_PERSIST_IP (1<<9)
612#define OPT_P_COMP (1<<10) /* TODO */
613#define OPT_P_MESSAGES (1<<11)
614#define OPT_P_CRYPTO (1<<12) /* TODO */
615#define OPT_P_TLS_PARMS (1<<13) /* TODO */
616#define OPT_P_MTU (1<<14) /* TODO */
617#define OPT_P_NICE (1<<15)
618#define OPT_P_PUSH (1<<16)
619#define OPT_P_INSTANCE (1<<17)
620#define OPT_P_CONFIG (1<<18)
621#define OPT_P_EXPLICIT_NOTIFY (1<<19)
622#define OPT_P_ECHO (1<<20)
623#define OPT_P_INHERIT (1<<21)
3c7f2f55
JY		 624#define OPT_P_ROUTE_EXTRAS (1<<22)
625#define OPT_P_PULL_MODE (1<<23)
626#define OPT_P_PLUGIN (1<<24)
00d39170
JY		 627#define OPT_P_SOCKBUF (1<<25)
628#define OPT_P_SOCKFLAGS (1<<26)
4e9a51d7 629#define OPT_P_CONNECTION (1<<27)
6fbf66fa 630
3c7f2f55 631#define OPT_P_DEFAULT (~(OPT_P_INSTANCE|OPT_P_PULL_MODE))
6fbf66fa
JY		 632
633#if P2MP
634#define PULL_DEFINED(opt) ((opt)->pull)
635#if P2MP_SERVER
636#define PUSH_DEFINED(opt) ((opt)->push_list)
637#endif
638#endif
639
640#ifndef PULL_DEFINED
641#define PULL_DEFINED(opt) (false)
642#endif
643
644#ifndef PUSH_DEFINED
645#define PUSH_DEFINED(opt) (false)
646#endif
647
648#ifdef WIN32
649#define ROUTE_OPTION_FLAGS(o) ((o)->route_method & ROUTE_METHOD_MASK)
650#else
651#define ROUTE_OPTION_FLAGS(o) (0)
652#endif
653
3d163bc5 654#ifdef ENABLE_FEATURE_SHAPER
6fbf66fa
JY		 655#define SHAPER_DEFINED(opt) ((opt)->shaper)
656#else
657#define SHAPER_DEFINED(opt) (false)
658#endif
659
660#ifdef ENABLE_PLUGIN
661#define PLUGIN_OPTION_LIST(opt) ((opt)->plugin_list)
662#else
663#define PLUGIN_OPTION_LIST(opt) (NULL)
664#endif
665
90efcacb
JY		 666#ifdef MANAGEMENT_DEF_AUTH
667#define MAN_CLIENT_AUTH_ENABLED(opt) ((opt)->management_flags & MF_CLIENT_AUTH)
668#else
669#define MAN_CLIENT_AUTH_ENABLED(opt) (false)
670#endif
671
6fbf66fa
JY		 672void parse_argv (struct options *options,
673 const int argc,
674 char *argv[],
675 const int msglevel,
676 const unsigned int permission_mask,
677 unsigned int *option_types_found,
678 struct env_set *es);
679
680void notnull (const char *arg, const char *description);
681
682void usage_small (void);
683
4e9a51d7 684void init_options (struct options *o, const bool init_gc);
6fbf66fa
JY		 685void uninit_options (struct options *o);
686
687void setenv_settings (struct env_set *es, const struct options *o);
688void show_settings (const struct options *o);
689
690bool string_defined_equal (const char *s1, const char *s2);
691
692#ifdef ENABLE_OCC
693
694const char *options_string_version (const char* s, struct gc_arena *gc);
695
696char *options_string (const struct options *o,
697 const struct frame *frame,
698 struct tuntap *tt,
699 bool remote,
700 struct gc_arena *gc);
701
bb564a59 702bool options_cmp_equal_safe (char *actual, const char *expected, size_t actual_n);
6fbf66fa 703void options_warning_safe (char *actual, const char *expected, size_t actual_n);
bb564a59 704bool options_cmp_equal (char *actual, const char *expected);
6fbf66fa
JY		 705void options_warning (char *actual, const char *expected);
706
707#endif
708
4e9a51d7 709void options_postprocess (struct options *options);
6fbf66fa
JY		 710
711void pre_pull_save (struct options *o);
712void pre_pull_restore (struct options *o);
713
714bool apply_push_options (struct options *options,
715 struct buffer *buf,
716 unsigned int permission_mask,
717 unsigned int *option_types_found,
718 struct env_set *es);
719
6fbf66fa
JY		 720void options_detach (struct options *o);
721
722void options_server_import (struct options *o,
723 const char *filename,
724 int msglevel,
725 unsigned int permission_mask,
726 unsigned int *option_types_found,
727 struct env_set *es);
728
729void pre_pull_default (struct options *o);
730
731void rol_check_alloc (struct options *options);
732
733int parse_line (const char *line,
734 char *p[],
735 const int n,
736 const char *file,
737 const int line_num,
738 int msglevel,
739 struct gc_arena *gc);
740
3c7f2f55
JY		 741/*
742 * parse/print topology coding
743 */
744
745int parse_topology (const char *str, const int msglevel);
746const char *print_topology (const int topology);
747
6fbf66fa
JY		 748/*
749 * Manage auth-retry variable
750 */
751
752#if P2MP
753
754#define AR_NONE 0
755#define AR_INTERACT 1
756#define AR_NOINTERACT 2
757
758int auth_retry_get (void);
759bool auth_retry_set (const int msglevel, const char *option);
760const char *auth_retry_print (void);
761
762#endif
763
90efcacb 764void options_string_import (struct options *options,
3c7f2f55
JY		 765 const char *config,
766 const int msglevel,
767 const unsigned int permission_mask,
768 unsigned int *option_types_found,
769 struct env_set *es);
770
512cda46 771bool get_ipv6_addr( const char * prefix_str, struct in6_addr *network,
1840c852
GD		 772 unsigned int * netbits, char ** printable_ipv6,
773 int msglevel );
512cda46 774
4e9a51d7
JY		 775/*
776 * inline functions
777 */
778static inline bool
779connection_list_defined (const struct options *o)
780{
4e9a51d7 781 return o->connection_list != NULL;
4e9a51d7
JY		 782}
783
784static inline void
785connection_list_set_no_advance (struct options *o)
786{
4e9a51d7
JY		 787 if (o->connection_list)
788 o->connection_list->no_advance = true;
4e9a51d7
JY		 789}
790
3c7f2f55 791#endif
Mirror of https://github.com/OpenVPN/openvpn.git