/* * OpenVPN -- An application to securely tunnel IP networks * over a single UDP port, with support for SSL/TLS-based * session authentication and key exchange, * packet encryption, packet authentication, and * packet compression. * * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program (see the file COPYING included with this * distribution); if not, write to the Free Software Foundation, Inc., * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #ifndef SYSHEAD_H #define SYSHEAD_H #include "compat.h" #include "compat-stdbool.h" /* branch prediction hints */ #if defined(__GNUC__) # define likely(x) __builtin_expect((x),1) # define unlikely(x) __builtin_expect((x),0) #else # define likely(x) (x) # define unlikely(x) (x) #endif #ifdef WIN32 #include #include #define sleep(x) Sleep((x)*1000) #define random rand #define srandom srand #endif #ifdef _MSC_VER // Visual Studio #define __func__ __FUNCTION__ #define __attribute__(x) #endif #if defined(__APPLE__) #if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 1070 #define __APPLE_USE_RFC_3542 1 #endif #endif #ifdef HAVE_SYS_TYPES_H #include #endif #ifdef HAVE_SYS_WAIT_H # include #endif #ifndef WIN32 #ifndef WEXITSTATUS # define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) #endif #ifndef WIFEXITED # define WIFEXITED(stat_val) (((stat_val) & 255) == 0) #endif #endif #ifdef HAVE_SYS_TIME_H #include #endif #ifdef HAVE_TIME_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_SYS_UN_H #include #endif #ifdef HAVE_SYS_IOCTL_H #include #endif #ifdef HAVE_SYS_STAT_H #include #endif #ifdef HAVE_FCNTL_H #include #endif #ifdef HAVE_DIRECT_H #include #endif #ifdef HAVE_IO_H #include #endif #ifdef HAVE_SYS_FILE_H #include #endif #ifdef HAVE_STDLIB_H #include #endif #ifdef HAVE_INTTYPES_H #include #elif defined(HAVE_STDINT_H) #include #endif #ifdef HAVE_STDARG_H #include #endif #ifdef HAVE_UNISTD_H #include #endif #ifdef HAVE_SIGNAL_H #include #endif #ifdef HAVE_LIMITS_H #include #endif #ifdef HAVE_STDIO_H #include #endif #ifdef HAVE_CTYPE_H #include #endif #ifdef HAVE_ERRNO_H #include #endif #ifdef HAVE_ERR_H #include #endif #ifdef HAVE_SYSLOG_H #include #endif #ifdef HAVE_PWD_H #include #endif #ifdef HAVE_GRP_H #include #endif #ifdef HAVE_NETDB_H #include #endif #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_RESOLV_H #include #endif #ifdef HAVE_SYS_POLL_H #include #endif #ifdef HAVE_SYS_EPOLL_H #include #endif #ifdef ENABLE_SELINUX #include #endif #if defined(HAVE_LIBGEN_H) #include #endif #ifdef TARGET_SOLARIS #ifdef HAVE_STRINGS_H #include #endif #else #ifdef HAVE_STRING_H #include #endif #endif #ifdef HAVE_ARPA_INET_H #include #endif #ifdef HAVE_NET_IF_H #include #endif #ifdef TARGET_NETBSD #include #endif #if defined(TARGET_LINUX) || defined (TARGET_ANDROID) #ifdef HAVE_LINUX_IF_TUN_H #include #endif #ifdef HAVE_NETINET_IP_H #include #endif #ifdef HAVE_LINUX_SOCKIOS_H #include #endif #ifdef HAVE_LINUX_TYPES_H #include #endif #ifdef HAVE_LINUX_ERRQUEUE_H #include #endif #ifdef HAVE_NETINET_TCP_H #include #endif #endif /* TARGET_LINUX */ #ifdef TARGET_SOLARIS #ifdef HAVE_STROPTS_H #include #undef S_ERROR #endif #ifdef HAVE_NET_IF_TUN_H #include #endif #ifdef HAVE_SYS_SOCKIO_H #include #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif #ifdef HAVE_NETINET_IP_H #include #endif #ifdef HAVE_NETINET_TCP_H #include #endif #endif /* TARGET_SOLARIS */ #ifdef TARGET_OPENBSD #ifdef HAVE_SYS_UIO_H #include #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif #ifdef HAVE_NETINET_IP_H #include #endif #ifdef HAVE_NET_IF_TUN_H #include #endif #endif /* TARGET_OPENBSD */ #ifdef TARGET_FREEBSD #ifdef HAVE_SYS_UIO_H #include #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif #ifdef HAVE_NETINET_IP_H #include #endif #ifdef HAVE_NETINET_TCP_H #include #endif #ifdef HAVE_NET_IF_TUN_H #include #endif #endif /* TARGET_FREEBSD */ #ifdef TARGET_NETBSD #ifdef HAVE_NET_IF_TUN_H #include #endif #ifdef HAVE_NETINET_TCP_H #include #endif #endif /* TARGET_NETBSD */ #ifdef TARGET_DRAGONFLY #ifdef HAVE_SYS_UIO_H #include #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif #ifdef HAVE_NETINET_IP_H #include #endif #ifdef HAVE_NET_TUN_IF_TUN_H #include #endif #endif /* TARGET_DRAGONFLY */ #ifdef TARGET_DARWIN #ifdef HAVE_NETINET_TCP_H #include #endif #endif /* TARGET_DARWIN */ #ifdef WIN32 // Missing declarations for MinGW 32. // #if !defined(__MINGW64_VERSION_MAJOR) || __MINGW64_VERSION_MAJOR < 2 typedef int MIB_TCP_STATE; // #endif #include #include #include #include #include /* The following two headers are needed of PF_INET6 */ #include #include #endif #ifdef HAVE_SYS_MMAN_H #ifdef TARGET_DARWIN #define _P1003_1B_VISIBLE #endif /* TARGET_DARWIN */ #include #endif /* * Pedantic mode is meant to accomplish lint-style program checking, * not to build a working executable. */ #ifdef __STRICT_ANSI__ # define PEDANTIC 1 # undef HAVE_CPP_VARARG_MACRO_GCC # undef HAVE_CPP_VARARG_MACRO_ISO # undef EMPTY_ARRAY_SIZE # define EMPTY_ARRAY_SIZE 1 # undef inline # define inline #else # define PEDANTIC 0 #endif /* * Do we have the capability to support the --passtos option? */ #if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT) #define PASSTOS_CAPABILITY 1 #else #define PASSTOS_CAPABILITY 0 #endif /* * Do we have nanoseconds gettimeofday? */ #if defined(HAVE_GETTIMEOFDAY) || defined(WIN32) #define HAVE_GETTIMEOFDAY_NANOSECONDS 1 #endif /* * Do we have the capability to report extended socket errors? */ #if defined(HAVE_LINUX_TYPES_H) && defined(HAVE_LINUX_ERRQUEUE_H) && defined(HAVE_SOCK_EXTENDED_ERR) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(IP_RECVERR) && defined(MSG_ERRQUEUE) && defined(SOL_IP) && defined(HAVE_IOVEC) #define EXTENDED_SOCKET_ERROR_CAPABILITY 1 #else #define EXTENDED_SOCKET_ERROR_CAPABILITY 0 #endif /* * Does this platform support linux-style IP_PKTINFO * or bsd-style IP_RECVDSTADDR ? */ #if defined(ENABLE_MULTIHOME) && ((defined(HAVE_IN_PKTINFO)&&defined(IP_PKTINFO)) || defined(IP_RECVDSTADDR)) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG) #define ENABLE_IP_PKTINFO 1 #else #define ENABLE_IP_PKTINFO 0 #endif /* * Does this platform define SOL_IP * or only bsd-style IPPROTO_IP ? */ #ifndef SOL_IP #define SOL_IP IPPROTO_IP #endif /* * Define type sa_family_t if it isn't defined in the socket headers */ #ifndef HAVE_SA_FAMILY_T typedef unsigned short sa_family_t; #endif /* * Disable ESEC */ #if 0 #undef EXTENDED_SOCKET_ERROR_CAPABILITY #define EXTENDED_SOCKET_ERROR_CAPABILITY 0 #endif /* * Do we have a syslog capability? */ #if defined(HAVE_OPENLOG) && defined(HAVE_SYSLOG) #define SYSLOG_CAPABILITY 1 #else #define SYSLOG_CAPABILITY 0 #endif /* * Does this OS draw a distinction between binary and ascii files? */ #ifndef O_BINARY #define O_BINARY 0 #endif /* * Directory separation char */ #ifdef WIN32 #define OS_SPECIFIC_DIRSEP '\\' #else #define OS_SPECIFIC_DIRSEP '/' #endif /* * Define a boolean value based * on Win32 status. */ #ifdef WIN32 #define WIN32_0_1 1 #else #define WIN32_0_1 0 #endif /* * Our socket descriptor type. */ #ifdef WIN32 #define SOCKET_UNDEFINED (INVALID_SOCKET) typedef SOCKET socket_descriptor_t; #else #define SOCKET_UNDEFINED (-1) typedef int socket_descriptor_t; #endif static inline int socket_defined (const socket_descriptor_t sd) { return sd != SOCKET_UNDEFINED; } /* * Should statistics counters be 64 bits? */ #define USE_64_BIT_COUNTERS /* * Should we enable the use of execve() for calling subprocesses, * instead of system()? */ #if defined(HAVE_EXECVE) && defined(HAVE_FORK) #define ENABLE_FEATURE_EXECVE #endif /* * Do we have point-to-multipoint capability? */ #if defined(ENABLE_CLIENT_SERVER) && defined(ENABLE_CRYPTO) && defined(HAVE_GETTIMEOFDAY_NANOSECONDS) #define P2MP 1 #else #define P2MP 0 #endif #if P2MP && !defined(ENABLE_CLIENT_ONLY) #define P2MP_SERVER 1 #else #define P2MP_SERVER 0 #endif /* * HTTPS port sharing capability */ #if defined(ENABLE_PORT_SHARE) && P2MP_SERVER && defined(SCM_RIGHTS) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG) #define PORT_SHARE 1 #else #define PORT_SHARE 0 #endif /* * Enable deferred authentication? */ #if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_PLUGIN) #define PLUGIN_DEF_AUTH #endif #if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_MANAGEMENT) #define MANAGEMENT_DEF_AUTH #endif #if !defined(PLUGIN_DEF_AUTH) && !defined(MANAGEMENT_DEF_AUTH) #undef ENABLE_DEF_AUTH #endif /* * Enable external private key */ #if defined(ENABLE_MANAGEMENT) && defined(ENABLE_CRYPTO) #define MANAGMENT_EXTERNAL_KEY #endif /* Enable PolarSSL RNG prediction resistance support */ #ifdef ENABLE_CRYPTO_POLARSSL #define ENABLE_PREDICTION_RESISTANCE #endif /* ENABLE_CRYPTO_POLARSSL */ /* * MANAGEMENT_IN_EXTRA allows the management interface to * read multi-line inputs from clients. */ #if defined(MANAGEMENT_DEF_AUTH) || defined(MANAGMENT_EXTERNAL_KEY) #define MANAGEMENT_IN_EXTRA #endif /* * Enable packet filter? */ #if defined(ENABLE_PF) && P2MP_SERVER && defined(ENABLE_PLUGIN) && defined(HAVE_STAT) #define PLUGIN_PF #endif #if defined(ENABLE_PF) && P2MP_SERVER && defined(MANAGEMENT_DEF_AUTH) #define MANAGEMENT_PF #endif #if !defined(PLUGIN_PF) && !defined(MANAGEMENT_PF) #undef ENABLE_PF #endif /* * Do we support Unix domain sockets? */ #if defined(PF_UNIX) && !defined(WIN32) #define UNIX_SOCK_SUPPORT 1 #else #define UNIX_SOCK_SUPPORT 0 #endif /* * Should we include OCC (options consistency check) code? */ #ifndef ENABLE_SMALL #define ENABLE_OCC #endif /* * Should we include NTLM proxy functionality */ #if defined(ENABLE_CRYPTO) #define NTLM 1 #else #define NTLM 0 #endif /* * Should we include proxy digest auth functionality */ #if defined(ENABLE_CRYPTO) #define PROXY_DIGEST_AUTH 1 #else #define PROXY_DIGEST_AUTH 0 #endif /* * Do we have CryptoAPI capability? */ #if defined(WIN32) && defined(ENABLE_CRYPTO) && defined(ENABLE_CRYPTO_OPENSSL) #define ENABLE_CRYPTOAPI #endif /* * Enable x509-track feature? */ #if defined(ENABLE_CRYPTO) && defined (ENABLE_CRYPTO_OPENSSL) #define ENABLE_X509_TRACK #endif /* * Is poll available on this platform? */ #if defined(HAVE_POLL) && defined(HAVE_SYS_POLL_H) #define POLL 1 #else #define POLL 0 #endif /* * Is epoll available on this platform? */ #if defined(HAVE_EPOLL_CREATE) && defined(HAVE_SYS_EPOLL_H) #define EPOLL 1 #else #define EPOLL 0 #endif /* Disable EPOLL */ #if 0 #undef EPOLL #define EPOLL 0 #endif /* * Reduce sensitivity to system clock instability * and backtracks. */ #if defined(HAVE_GETTIMEOFDAY_NANOSECONDS) #define TIME_BACKTRACK_PROTECTION 1 #endif /* * Enable traffic shaper. */ #if defined(HAVE_GETTIMEOFDAY_NANOSECONDS) #define ENABLE_FEATURE_SHAPER 1 #endif /* * Is non-blocking connect() supported? */ #if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_ERROR) && defined(EINPROGRESS) && defined(ETIMEDOUT) #define CONNECT_NONBLOCK #endif /* * Do we have the capability to support the AUTO_USERID feature? */ #if defined(ENABLE_AUTO_USERID) #define AUTO_USERID 1 #else #define AUTO_USERID 0 #endif /* * Do we support challenge/response authentication as client? */ #if defined(ENABLE_MANAGEMENT) #define ENABLE_CLIENT_CR #endif /* * Do we support pushing peer info? */ #if defined(ENABLE_CRYPTO) #define ENABLE_PUSH_PEER_INFO #endif /* * Compression support */ #if defined(ENABLE_SNAPPY) || defined(ENABLE_LZO) || defined(ENABLE_LZ4) || \ defined(ENABLE_COMP_STUB) #define USE_COMP #endif /* * Enable --memstats option */ #ifdef TARGET_LINUX #define ENABLE_MEMSTATS #endif #endif