error.c error.h \
event.c event.h \
fdmisc.c fdmisc.h \
- forward.c forward.h forward-inline.h \
+ forward.c forward.h \
fragment.c fragment.h \
gremlin.c gremlin.h \
helper.c helper.h \
mudp.c mudp.h \
multi.c multi.h \
ntlm.c ntlm.h \
- occ.c occ.h occ-inline.h \
+ occ.c occ.h \
openssl_compat.h \
pkcs11.c pkcs11.h pkcs11_backend.h \
pkcs11_openssl.c \
otime.c otime.h \
packet_id.c packet_id.h \
perf.c perf.h \
- pf.c pf.h pf-inline.h \
- ping.c ping.h ping-inline.h \
+ pf.c pf.h \
+ ping.c ping.h \
plugin.c plugin.h \
pool.c pool.h \
proto.c proto.h \
+++ /dev/null
-/*
- * OpenVPN -- An application to securely tunnel IP networks
- * over a single TCP/UDP port, with support for SSL/TLS-based
- * session authentication and key exchange,
- * packet encryption, packet authentication, and
- * packet compression.
- *
- * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#ifndef FORWARD_INLINE_H
-#define FORWARD_INLINE_H
-
-/*
- * Inline functions
- */
-
-/*
- * Does TLS session need service?
- */
-static inline void
-check_tls(struct context *c)
-{
- void check_tls_dowork(struct context *c);
-
- if (c->c2.tls_multi)
- {
- check_tls_dowork(c);
- }
-}
-
-/*
- * TLS errors are fatal in TCP mode.
- * Also check for --tls-exit trigger.
- */
-static inline void
-check_tls_errors(struct context *c)
-{
- void check_tls_errors_co(struct context *c);
-
- void check_tls_errors_nco(struct context *c);
-
- if (c->c2.tls_multi && c->c2.tls_exit_signal)
- {
- if (link_socket_connection_oriented(c->c2.link_socket))
- {
- if (c->c2.tls_multi->n_soft_errors)
- {
- check_tls_errors_co(c);
- }
- }
- else
- {
- if (c->c2.tls_multi->n_hard_errors)
- {
- check_tls_errors_nco(c);
- }
- }
- }
-}
-
-/*
- * Check for possible incoming configuration
- * messages on the control channel.
- */
-static inline void
-check_incoming_control_channel(struct context *c)
-{
-#if P2MP
- void check_incoming_control_channel_dowork(struct context *c);
-
- if (tls_test_payload_len(c->c2.tls_multi) > 0)
- {
- check_incoming_control_channel_dowork(c);
- }
-#endif
-}
-
-/*
- * Options like --up-delay need to be triggered by this function which
- * checks for connection establishment.
- */
-static inline void
-check_connection_established(struct context *c)
-{
- void check_connection_established_dowork(struct context *c);
-
- if (event_timeout_defined(&c->c2.wait_for_connect))
- {
- check_connection_established_dowork(c);
- }
-}
-
-/*
- * Should we add routes?
- */
-static inline void
-check_add_routes(struct context *c)
-{
- void check_add_routes_dowork(struct context *c);
-
- if (event_timeout_trigger(&c->c2.route_wakeup, &c->c2.timeval, ETT_DEFAULT))
- {
- check_add_routes_dowork(c);
- }
-}
-
-/*
- * Should we exit due to inactivity timeout?
- */
-static inline void
-check_inactivity_timeout(struct context *c)
-{
- void check_inactivity_timeout_dowork(struct context *c);
-
- if (c->options.inactivity_timeout
- && event_timeout_trigger(&c->c2.inactivity_interval, &c->c2.timeval, ETT_DEFAULT))
- {
- check_inactivity_timeout_dowork(c);
- }
-}
-
-#if P2MP
-
-static inline void
-check_server_poll_timeout(struct context *c)
-{
- void check_server_poll_timeout_dowork(struct context *c);
-
- if (c->options.ce.connect_timeout
- && event_timeout_trigger(&c->c2.server_poll_interval, &c->c2.timeval, ETT_DEFAULT))
- {
- check_server_poll_timeout_dowork(c);
- }
-}
-
-/*
- * Scheduled exit?
- */
-static inline void
-check_scheduled_exit(struct context *c)
-{
- void check_scheduled_exit_dowork(struct context *c);
-
- if (event_timeout_defined(&c->c2.scheduled_exit))
- {
- if (event_timeout_trigger(&c->c2.scheduled_exit, &c->c2.timeval, ETT_DEFAULT))
- {
- check_scheduled_exit_dowork(c);
- }
- }
-}
-#endif /* if P2MP */
-
-/*
- * Should we write timer-triggered status file.
- */
-static inline void
-check_status_file(struct context *c)
-{
- void check_status_file_dowork(struct context *c);
-
- if (c->c1.status_output)
- {
- if (status_trigger_tv(c->c1.status_output, &c->c2.timeval))
- {
- check_status_file_dowork(c);
- }
- }
-}
-
-#ifdef ENABLE_FRAGMENT
-/*
- * Should we deliver a datagram fragment to remote?
- */
-static inline void
-check_fragment(struct context *c)
-{
- void check_fragment_dowork(struct context *c);
-
- if (c->c2.fragment)
- {
- check_fragment_dowork(c);
- }
-}
-#endif
-
-#if P2MP
-
-/*
- * see if we should send a push_request in response to --pull
- */
-static inline void
-check_push_request(struct context *c)
-{
- void check_push_request_dowork(struct context *c);
-
- if (event_timeout_trigger(&c->c2.push_request_interval, &c->c2.timeval, ETT_DEFAULT))
- {
- check_push_request_dowork(c);
- }
-}
-
-#endif
-
-/*
- * Should we persist our anti-replay packet ID state to disk?
- */
-static inline void
-check_packet_id_persist_flush(struct context *c)
-{
- if (packet_id_persist_enabled(&c->c1.pid_persist)
- && event_timeout_trigger(&c->c2.packet_id_persist_interval, &c->c2.timeval, ETT_DEFAULT))
- {
- packet_id_persist_save(&c->c1.pid_persist);
- }
-}
-
-/*
- * Set our wakeup to 0 seconds, so we will be rescheduled
- * immediately.
- */
-static inline void
-context_immediate_reschedule(struct context *c)
-{
- c->c2.timeval.tv_sec = 0; /* ZERO-TIMEOUT */
- c->c2.timeval.tv_usec = 0;
-}
-
-static inline void
-context_reschedule_sec(struct context *c, int sec)
-{
- if (sec < 0)
- {
- sec = 0;
- }
- if (sec < c->c2.timeval.tv_sec)
- {
- c->c2.timeval.tv_sec = sec;
- c->c2.timeval.tv_usec = 0;
- }
-}
-
-static inline struct link_socket_info *
-get_link_socket_info(struct context *c)
-{
- if (c->c2.link_socket_info)
- {
- return c->c2.link_socket_info;
- }
- else
- {
- return &c->c2.link_socket->info;
- }
-}
-
-static inline void
-register_activity(struct context *c, const int size)
-{
- if (c->options.inactivity_timeout)
- {
- c->c2.inactivity_bytes += size;
- if (c->c2.inactivity_bytes >= c->options.inactivity_minimum_bytes)
- {
- c->c2.inactivity_bytes = 0;
- event_timeout_reset(&c->c2.inactivity_interval);
- }
- }
-}
-
-/*
- * Return the io_wait() flags appropriate for
- * a point-to-point tunnel.
- */
-static inline unsigned int
-p2p_iow_flags(const struct context *c)
-{
- unsigned int flags = (IOW_SHAPER|IOW_CHECK_RESIDUAL|IOW_FRAG|IOW_READ|IOW_WAIT_SIGNAL);
- if (c->c2.to_link.len > 0)
- {
- flags |= IOW_TO_LINK;
- }
- if (c->c2.to_tun.len > 0)
- {
- flags |= IOW_TO_TUN;
- }
- return flags;
-}
-
-/*
- * This is the core I/O wait function, used for all I/O waits except
- * for TCP in server mode.
- */
-static inline void
-io_wait(struct context *c, const unsigned int flags)
-{
- void io_wait_dowork(struct context *c, const unsigned int flags);
-
- if (c->c2.fast_io && (flags & (IOW_TO_TUN|IOW_TO_LINK|IOW_MBUF)))
- {
- /* fast path -- only for TUN/TAP/UDP writes */
- unsigned int ret = 0;
- if (flags & IOW_TO_TUN)
- {
- ret |= TUN_WRITE;
- }
- if (flags & (IOW_TO_LINK|IOW_MBUF))
- {
- ret |= SOCKET_WRITE;
- }
- c->c2.event_set_status = ret;
- }
- else
- {
- /* slow path */
- io_wait_dowork(c, flags);
- }
-}
-
-#define CONNECTION_ESTABLISHED(c) (get_link_socket_info(c)->connection_established)
-
-#endif /* EVENT_INLINE_H */
#include "gremlin.h"
#include "mss.h"
#include "event.h"
+#include "occ.h"
+#include "pf.h"
+#include "ping.h"
#include "ps.h"
#include "dhcp.h"
#include "common.h"
#include "memdbg.h"
-#include "forward-inline.h"
-#include "occ-inline.h"
-#include "ping-inline.h"
#include "mstats.h"
counter_type link_read_bytes_global; /* GLOBAL */
#endif /* ifdef ENABLE_DEBUG */
+/*
+ * Does TLS session need service?
+ */
+static inline void
+check_tls(struct context *c)
+{
+ void check_tls_dowork(struct context *c);
+
+ if (c->c2.tls_multi)
+ {
+ check_tls_dowork(c);
+ }
+}
+
+/*
+ * TLS errors are fatal in TCP mode.
+ * Also check for --tls-exit trigger.
+ */
+static inline void
+check_tls_errors(struct context *c)
+{
+ void check_tls_errors_co(struct context *c);
+
+ void check_tls_errors_nco(struct context *c);
+
+ if (c->c2.tls_multi && c->c2.tls_exit_signal)
+ {
+ if (link_socket_connection_oriented(c->c2.link_socket))
+ {
+ if (c->c2.tls_multi->n_soft_errors)
+ {
+ check_tls_errors_co(c);
+ }
+ }
+ else
+ {
+ if (c->c2.tls_multi->n_hard_errors)
+ {
+ check_tls_errors_nco(c);
+ }
+ }
+ }
+}
+
+/*
+ * Check for possible incoming configuration
+ * messages on the control channel.
+ */
+static inline void
+check_incoming_control_channel(struct context *c)
+{
+#if P2MP
+ void check_incoming_control_channel_dowork(struct context *c);
+
+ if (tls_test_payload_len(c->c2.tls_multi) > 0)
+ {
+ check_incoming_control_channel_dowork(c);
+ }
+#endif
+}
+
+/*
+ * Options like --up-delay need to be triggered by this function which
+ * checks for connection establishment.
+ */
+static inline void
+check_connection_established(struct context *c)
+{
+ void check_connection_established_dowork(struct context *c);
+
+ if (event_timeout_defined(&c->c2.wait_for_connect))
+ {
+ check_connection_established_dowork(c);
+ }
+}
+
+/*
+ * Should we add routes?
+ */
+static inline void
+check_add_routes(struct context *c)
+{
+ void check_add_routes_dowork(struct context *c);
+
+ if (event_timeout_trigger(&c->c2.route_wakeup, &c->c2.timeval, ETT_DEFAULT))
+ {
+ check_add_routes_dowork(c);
+ }
+}
+
+/*
+ * Should we exit due to inactivity timeout?
+ */
+static inline void
+check_inactivity_timeout(struct context *c)
+{
+ void check_inactivity_timeout_dowork(struct context *c);
+
+ if (c->options.inactivity_timeout
+ && event_timeout_trigger(&c->c2.inactivity_interval, &c->c2.timeval, ETT_DEFAULT))
+ {
+ check_inactivity_timeout_dowork(c);
+ }
+}
+
+#if P2MP
+
+static inline void
+check_server_poll_timeout(struct context *c)
+{
+ void check_server_poll_timeout_dowork(struct context *c);
+
+ if (c->options.ce.connect_timeout
+ && event_timeout_trigger(&c->c2.server_poll_interval, &c->c2.timeval, ETT_DEFAULT))
+ {
+ check_server_poll_timeout_dowork(c);
+ }
+}
+
+/*
+ * Scheduled exit?
+ */
+static inline void
+check_scheduled_exit(struct context *c)
+{
+ void check_scheduled_exit_dowork(struct context *c);
+
+ if (event_timeout_defined(&c->c2.scheduled_exit))
+ {
+ if (event_timeout_trigger(&c->c2.scheduled_exit, &c->c2.timeval, ETT_DEFAULT))
+ {
+ check_scheduled_exit_dowork(c);
+ }
+ }
+}
+#endif /* if P2MP */
+
+/*
+ * Should we write timer-triggered status file.
+ */
+static inline void
+check_status_file(struct context *c)
+{
+ void check_status_file_dowork(struct context *c);
+
+ if (c->c1.status_output)
+ {
+ if (status_trigger_tv(c->c1.status_output, &c->c2.timeval))
+ {
+ check_status_file_dowork(c);
+ }
+ }
+}
+
+#ifdef ENABLE_FRAGMENT
+/*
+ * Should we deliver a datagram fragment to remote?
+ */
+static inline void
+check_fragment(struct context *c)
+{
+ void check_fragment_dowork(struct context *c);
+
+ if (c->c2.fragment)
+ {
+ check_fragment_dowork(c);
+ }
+}
+#endif
+
+#if P2MP
+
+/*
+ * see if we should send a push_request in response to --pull
+ */
+static inline void
+check_push_request(struct context *c)
+{
+ void check_push_request_dowork(struct context *c);
+
+ if (event_timeout_trigger(&c->c2.push_request_interval, &c->c2.timeval, ETT_DEFAULT))
+ {
+ check_push_request_dowork(c);
+ }
+}
+
+#endif
+
+/*
+ * Should we persist our anti-replay packet ID state to disk?
+ */
+static inline void
+check_packet_id_persist_flush(struct context *c)
+{
+ if (packet_id_persist_enabled(&c->c1.pid_persist)
+ && event_timeout_trigger(&c->c2.packet_id_persist_interval, &c->c2.timeval, ETT_DEFAULT))
+ {
+ packet_id_persist_save(&c->c1.pid_persist);
+ }
+}
+
+/*
+ * Set our wakeup to 0 seconds, so we will be rescheduled
+ * immediately.
+ */
+static inline void
+context_immediate_reschedule(struct context *c)
+{
+ c->c2.timeval.tv_sec = 0; /* ZERO-TIMEOUT */
+ c->c2.timeval.tv_usec = 0;
+}
+
+static inline void
+context_reschedule_sec(struct context *c, int sec)
+{
+ if (sec < 0)
+ {
+ sec = 0;
+ }
+ if (sec < c->c2.timeval.tv_sec)
+ {
+ c->c2.timeval.tv_sec = sec;
+ c->c2.timeval.tv_usec = 0;
+ }
+}
+
/*
* In TLS mode, let TLS level respond to any control-channel
* packets which were received, or prepare any packets for
#ifndef FORWARD_H
#define FORWARD_H
-#include "openvpn.h"
-#include "occ.h"
-#include "ping.h"
+/* the following macros must be defined before including any other header
+ * file
+ */
#define TUN_OUT(c) (BLEN(&(c)->c2.to_tun) > 0)
#define LINK_OUT(c) (BLEN(&(c)->c2.to_link) > 0)
#define TO_LINK_DEF(c) (LINK_OUT(c) || TO_LINK_FRAG(c))
+#include "openvpn.h"
+#include "occ.h"
+#include "ping.h"
+
#define IOW_TO_TUN (1<<0)
#define IOW_TO_LINK (1<<1)
#define IOW_READ_TUN (1<<2)
#endif
+static inline struct link_socket_info *
+get_link_socket_info(struct context *c)
+{
+ if (c->c2.link_socket_info)
+ {
+ return c->c2.link_socket_info;
+ }
+ else
+ {
+ return &c->c2.link_socket->info;
+ }
+}
+
+static inline void
+register_activity(struct context *c, const int size)
+{
+ if (c->options.inactivity_timeout)
+ {
+ c->c2.inactivity_bytes += size;
+ if (c->c2.inactivity_bytes >= c->options.inactivity_minimum_bytes)
+ {
+ c->c2.inactivity_bytes = 0;
+ event_timeout_reset(&c->c2.inactivity_interval);
+ }
+ }
+}
+
+/*
+ * Return the io_wait() flags appropriate for
+ * a point-to-point tunnel.
+ */
+static inline unsigned int
+p2p_iow_flags(const struct context *c)
+{
+ unsigned int flags = (IOW_SHAPER|IOW_CHECK_RESIDUAL|IOW_FRAG|IOW_READ|IOW_WAIT_SIGNAL);
+ if (c->c2.to_link.len > 0)
+ {
+ flags |= IOW_TO_LINK;
+ }
+ if (c->c2.to_tun.len > 0)
+ {
+ flags |= IOW_TO_TUN;
+ }
+ return flags;
+}
+
+/*
+ * This is the core I/O wait function, used for all I/O waits except
+ * for TCP in server mode.
+ */
+static inline void
+io_wait(struct context *c, const unsigned int flags)
+{
+ void io_wait_dowork(struct context *c, const unsigned int flags);
+
+ if (c->c2.fast_io && (flags & (IOW_TO_TUN|IOW_TO_LINK|IOW_MBUF)))
+ {
+ /* fast path -- only for TUN/TAP/UDP writes */
+ unsigned int ret = 0;
+ if (flags & IOW_TO_TUN)
+ {
+ ret |= TUN_WRITE;
+ }
+ if (flags & (IOW_TO_LINK|IOW_MBUF))
+ {
+ ret |= SOCKET_WRITE;
+ }
+ c->c2.event_set_status = ret;
+ }
+ else
+ {
+ /* slow path */
+ io_wait_dowork(c, flags);
+ }
+}
+
+#define CONNECTION_ESTABLISHED(c) (get_link_socket_info(c)->connection_established)
+
#endif /* FORWARD_H */
#include "otime.h"
#include "pool.h"
#include "gremlin.h"
+#include "occ.h"
#include "pkcs11.h"
#include "ps.h"
#include "lladdr.h"
#include "mstats.h"
#include "ssl_verify.h"
#include "tls_crypt.h"
-#include "forward-inline.h"
+#include "forward.h"
#include "memdbg.h"
-#include "occ-inline.h"
static struct context *static_context; /* GLOBAL */
#if P2MP_SERVER
#include "multi.h"
-#include "forward-inline.h"
+#include "forward.h"
#include "memdbg.h"
#include "multi.h"
#include <inttypes.h>
-#include "forward-inline.h"
+#include "forward.h"
#include "memdbg.h"
#if P2MP_SERVER
+#include "forward.h"
#include "multi.h"
#include "push.h"
#include "run_command.h"
#include "otime.h"
+#include "pf.h"
#include "gremlin.h"
#include "mstats.h"
#include "ssl_verify.h"
#include "memdbg.h"
-#include "forward-inline.h"
-#include "pf-inline.h"
#include "crypto_backend.h"
+++ /dev/null
-/*
- * OpenVPN -- An application to securely tunnel IP networks
- * over a single TCP/UDP port, with support for SSL/TLS-based
- * session authentication and key exchange,
- * packet encryption, packet authentication, and
- * packet compression.
- *
- * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#ifndef OCC_INLINE_H
-#define OCC_INLINE_H
-
-#ifdef ENABLE_OCC
-
-/*
- * Inline functions
- */
-
-static inline int
-occ_reset_op(void)
-{
- return -1;
-}
-
-/*
- * Should we send an OCC_REQUEST message?
- */
-static inline void
-check_send_occ_req(struct context *c)
-{
- void check_send_occ_req_dowork(struct context *c);
-
- if (event_timeout_defined(&c->c2.occ_interval)
- && event_timeout_trigger(&c->c2.occ_interval,
- &c->c2.timeval,
- (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))
- {
- check_send_occ_req_dowork(c);
- }
-}
-
-/*
- * Should we send an MTU load test?
- */
-static inline void
-check_send_occ_load_test(struct context *c)
-{
- void check_send_occ_load_test_dowork(struct context *c);
-
- if (event_timeout_defined(&c->c2.occ_mtu_load_test_interval)
- && event_timeout_trigger(&c->c2.occ_mtu_load_test_interval,
- &c->c2.timeval,
- (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))
- {
- check_send_occ_load_test_dowork(c);
- }
-}
-
-/*
- * Should we send an OCC message?
- */
-static inline void
-check_send_occ_msg(struct context *c)
-{
- void check_send_occ_msg_dowork(struct context *c);
-
- if (c->c2.occ_op >= 0)
- {
- if (!TO_LINK_DEF(c))
- {
- check_send_occ_msg_dowork(c);
- }
- else
- {
- tv_clear(&c->c2.timeval); /* ZERO-TIMEOUT */
- }
- }
-}
-
-#endif /* ifdef ENABLE_OCC */
-#endif /* ifndef OCC_INLINE_H */
#ifdef ENABLE_OCC
#include "occ.h"
-
+#include "forward.h"
#include "memdbg.h"
-#include "forward-inline.h"
-#include "occ-inline.h"
/*
* This random string identifies an OpenVPN
void process_received_occ_msg(struct context *c);
+static inline int
+occ_reset_op(void)
+{
+ return -1;
+}
+
+/*
+ * Should we send an OCC_REQUEST message?
+ */
+static inline void
+check_send_occ_req(struct context *c)
+{
+ void check_send_occ_req_dowork(struct context *c);
+
+ if (event_timeout_defined(&c->c2.occ_interval)
+ && event_timeout_trigger(&c->c2.occ_interval,
+ &c->c2.timeval,
+ (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))
+ {
+ check_send_occ_req_dowork(c);
+ }
+}
+
+/*
+ * Should we send an MTU load test?
+ */
+static inline void
+check_send_occ_load_test(struct context *c)
+{
+ void check_send_occ_load_test_dowork(struct context *c);
+
+ if (event_timeout_defined(&c->c2.occ_mtu_load_test_interval)
+ && event_timeout_trigger(&c->c2.occ_mtu_load_test_interval,
+ &c->c2.timeval,
+ (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))
+ {
+ check_send_occ_load_test_dowork(c);
+ }
+}
+
+/*
+ * Should we send an OCC message?
+ */
+static inline void
+check_send_occ_msg(struct context *c)
+{
+ void check_send_occ_msg_dowork(struct context *c);
+
+ if (c->c2.occ_op >= 0)
+ {
+ if (!TO_LINK_DEF(c))
+ {
+ check_send_occ_msg_dowork(c);
+ }
+ else
+ {
+ tv_clear(&c->c2.timeval); /* ZERO-TIMEOUT */
+ }
+ }
+}
+
#endif /* ifdef ENABLE_OCC */
#endif /* ifndef OCC_H */
#include "memdbg.h"
-#include "forward-inline.h"
-
#define P2P_CHECK_SIG() EVENT_LOOP_CHECK_SIGNAL(c, process_signal_p2p, c);
static bool
#include "sig.h"
#include "misc.h"
#include "mbuf.h"
+#include "pf.h"
#include "pool.h"
#include "plugin.h"
#include "manage.h"
-#include "pf.h"
/*
* Our global key schedules, packaged thusly
<ClInclude Include="error.h" />
<ClInclude Include="event.h" />
<ClInclude Include="fdmisc.h" />
- <ClInclude Include="forward-inline.h" />
<ClInclude Include="forward.h" />
<ClInclude Include="fragment.h" />
<ClInclude Include="gremlin.h" />
<ClInclude Include="mudp.h" />
<ClInclude Include="multi.h" />
<ClInclude Include="ntlm.h" />
- <ClInclude Include="occ-inline.h" />
<ClInclude Include="occ.h" />
<ClInclude Include="openvpn.h" />
<ClInclude Include="options.h" />
<ClInclude Include="otime.h" />
<ClInclude Include="packet_id.h" />
<ClInclude Include="perf.h" />
- <ClInclude Include="pf-inline.h" />
<ClInclude Include="pf.h" />
- <ClInclude Include="ping-inline.h" />
<ClInclude Include="ping.h" />
<ClInclude Include="pkcs11.h" />
<ClInclude Include="pkcs11_backend.h" />
<ClInclude Include="fdmisc.h">
<Filter>Header Files</Filter>
</ClInclude>
- <ClInclude Include="forward-inline.h">
- <Filter>Header Files</Filter>
- </ClInclude>
<ClInclude Include="forward.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="ntlm.h">
<Filter>Header Files</Filter>
</ClInclude>
- <ClInclude Include="occ-inline.h">
- <Filter>Header Files</Filter>
- </ClInclude>
<ClInclude Include="occ.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="perf.h">
<Filter>Header Files</Filter>
</ClInclude>
- <ClInclude Include="pf-inline.h">
- <Filter>Header Files</Filter>
- </ClInclude>
<ClInclude Include="pf.h">
<Filter>Header Files</Filter>
</ClInclude>
- <ClInclude Include="ping-inline.h">
- <Filter>Header Files</Filter>
- </ClInclude>
<ClInclude Include="ping.h">
<Filter>Header Files</Filter>
</ClInclude>
+++ /dev/null
-/*
- * OpenVPN -- An application to securely tunnel IP networks
- * over a single TCP/UDP port, with support for SSL/TLS-based
- * session authentication and key exchange,
- * packet encryption, packet authentication, and
- * packet compression.
- *
- * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#if defined(ENABLE_PF) && !defined(PF_INLINE_H)
-#define PF_INLINE_H
-
-/*
- * Inline functions
- */
-
-#define PCT_SRC 1
-#define PCT_DEST 2
-static inline bool
-pf_c2c_test(const struct pf_context *src_pf, const struct tls_multi *src,
- const struct pf_context *dest_pf, const struct tls_multi *dest,
- const char *prefix)
-{
- bool pf_cn_test(struct pf_set *pfs, const struct tls_multi *tm, const int type, const char *prefix);
-
- return (!src_pf->enabled || pf_cn_test(src_pf->pfs, dest, PCT_DEST, prefix))
- && (!dest_pf->enabled || pf_cn_test(dest_pf->pfs, src, PCT_SRC,
- prefix));
-}
-
-static inline bool
-pf_addr_test(const struct pf_context *src_pf, const struct context *src,
- const struct mroute_addr *dest, const char *prefix)
-{
- bool pf_addr_test_dowork(const struct context *src, const struct mroute_addr *dest, const char *prefix);
-
- if (src_pf->enabled)
- {
- return pf_addr_test_dowork(src, dest, prefix);
- }
- else
- {
- return true;
- }
-}
-
-static inline bool
-pf_kill_test(const struct pf_set *pfs)
-{
- return pfs->kill;
-}
-
-#endif /* if defined(ENABLE_PF) && !defined(PF_INLINE_H) */
#include "init.h"
#include "memdbg.h"
+#include "pf.h"
#include "ssl_verify.h"
-#include "pf-inline.h"
static void
pf_destroy(struct pf_set *pfs)
#define PF_MAX_LINE_LEN 256
+#define PCT_SRC 1
+#define PCT_DEST 2
+
struct context;
struct ipv4_subnet {
#endif
+bool pf_addr_test_dowork(const struct context *src,
+ const struct mroute_addr *dest, const char *prefix);
+
+static inline bool
+pf_addr_test(const struct pf_context *src_pf, const struct context *src,
+ const struct mroute_addr *dest, const char *prefix)
+{
+ if (src_pf->enabled)
+ {
+ return pf_addr_test_dowork(src, dest, prefix);
+ }
+ else
+ {
+ return true;
+ }
+}
+
+bool pf_cn_test(struct pf_set *pfs, const struct tls_multi *tm, const int type,
+ const char *prefix);
+
+static inline bool
+pf_c2c_test(const struct pf_context *src_pf, const struct tls_multi *src,
+ const struct pf_context *dest_pf, const struct tls_multi *dest,
+ const char *prefix)
+{
+ return (!src_pf->enabled || pf_cn_test(src_pf->pfs, dest, PCT_DEST, prefix))
+ && (!dest_pf->enabled || pf_cn_test(dest_pf->pfs, src, PCT_SRC,
+ prefix));
+}
+
+static inline bool
+pf_kill_test(const struct pf_set *pfs)
+{
+ return pfs->kill;
+}
+
#endif /* if defined(ENABLE_PF) && !defined(OPENVPN_PF_H) */
+++ /dev/null
-/*
- * OpenVPN -- An application to securely tunnel IP networks
- * over a single TCP/UDP port, with support for SSL/TLS-based
- * session authentication and key exchange,
- * packet encryption, packet authentication, and
- * packet compression.
- *
- * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#ifndef PING_INLINE_H
-#define PING_INLINE_H
-
-/*
- * Should we exit or restart due to ping (or other authenticated packet)
- * not received in n seconds?
- */
-static inline void
-check_ping_restart(struct context *c)
-{
- void check_ping_restart_dowork(struct context *c);
-
- if (c->options.ping_rec_timeout
- && event_timeout_trigger(&c->c2.ping_rec_interval,
- &c->c2.timeval,
- (!c->options.ping_timer_remote
- || link_socket_actual_defined(&c->c1.link_socket_addr.actual))
- ? ETT_DEFAULT : 15))
- {
- check_ping_restart_dowork(c);
- }
-}
-
-/*
- * Should we ping the remote?
- */
-static inline void
-check_ping_send(struct context *c)
-{
- void check_ping_send_dowork(struct context *c);
-
- if (c->options.ping_send_timeout
- && event_timeout_trigger(&c->c2.ping_send_interval,
- &c->c2.timeval,
- !TO_LINK_DEF(c) ? ETT_DEFAULT : 1))
- {
- check_ping_send_dowork(c);
- }
-}
-
-#endif /* ifndef PING_INLINE_H */
#include "memdbg.h"
-#include "ping-inline.h"
/*
* This random string identifies an OpenVPN ping packet.
return buf_string_match(buf, ping_string, PING_STRING_SIZE);
}
+/*
+ * Should we exit or restart due to ping (or other authenticated packet)
+ * not received in n seconds?
+ */
+static inline void
+check_ping_restart(struct context *c)
+{
+ void check_ping_restart_dowork(struct context *c);
+
+ if (c->options.ping_rec_timeout
+ && event_timeout_trigger(&c->c2.ping_rec_interval,
+ &c->c2.timeval,
+ (!c->options.ping_timer_remote
+ || link_socket_actual_defined(&c->c1.link_socket_addr.actual))
+ ? ETT_DEFAULT : 15))
+ {
+ check_ping_restart_dowork(c);
+ }
+}
+
+/*
+ * Should we ping the remote?
+ */
+static inline void
+check_ping_send(struct context *c)
+{
+ void check_ping_send_dowork(struct context *c);
+
+ if (c->options.ping_send_timeout
+ && event_timeout_trigger(&c->c2.ping_send_interval,
+ &c->c2.timeval,
+ !TO_LINK_DEF(c) ? ETT_DEFAULT : 1))
+ {
+ check_ping_send_dowork(c);
+ }
+}
+
#endif
projects / thirdparty / openvpn.git / commitdiff
