« back to all changes in this revision
Viewing changes to openconnect.h
- browse files at revision 1
- compare with another revision
- download diff
- download tarball
- view history from revision 1
- Committer: Bazaar Package Importer
- Author(s): Ross Burton
- Date: 2009-01-15 13:26:25 UTC
- Revision ID: james.westby@ubuntu.com-20090115132625-p7a4di5gbq9aevfw
Tags: upstream-0.99
Import upstream version 0.99
added
removed
openconnect.h
1
/*
2
* OpenConnect (SSL + DTLS) VPN client
3
*
4
* Copyright © 2008 Intel Corporation.
5
*
6
* Author: David Woodhouse <dwmw2@infradead.org>
7
*
8
* This program is free software; you can redistribute it and/or
9
* modify it under the terms of the GNU Lesser General Public License
10
* version 2.1, as published by the Free Software Foundation.
11
*
12
* This program is distributed in the hope that it will be useful, but
13
* WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15
* Lesser General Public License for more details.
16
*
17
* You should have received a copy of the GNU Lesser General Public
18
* License along with this library; if not, write to:
19
*
20
* Free Software Foundation, Inc.
21
* 51 Franklin Street, Fifth Floor,
22
* Boston, MA 02110-1301 USA
23
*/
24
25
#ifndef __OPENCONNECT_ANYCONNECT_H
26
#define __OPENCONNECT_ANYCONNECT_H
27
28
#include <openssl/ssl.h>
29
#include <zlib.h>
30
#include <stdint.h>
31
#include <sys/socket.h>
32
#include <sys/select.h>
33
#include <sys/time.h>
34
#include <sys/types.h>
35
#include <unistd.h>
36
37
struct pkt {
38
int type;
39
int len;
40
struct pkt *next;
41
unsigned char hdr[8];
42
unsigned char data[];
43
};
44
45
struct vpn_option {
46
char *option;
47
char *value;
48
struct vpn_option *next;
49
};
50
51
#define KA_NONE 0
52
#define KA_DPD 1
53
#define KA_DPD_DEAD 2
54
#define KA_KEEPALIVE 3
55
#define KA_REKEY 4
56
57
struct keepalive_info {
58
int dpd;
59
int keepalive;
60
int rekey;
61
time_t last_rekey;
62
time_t last_tx;
63
time_t last_rx;
64
time_t last_dpd;
65
};
66
67
struct split_include {
68
char *route;
69
struct split_include *next;
70
};
71
72
#define RECONNECT_INTERVAL_MIN 10
73
#define RECONNECT_INTERVAL_MAX 100
74
75
struct openconnect_info {
76
char *redirect_url;
77
78
char sid_tokencode[9];
79
char sid_nexttokencode[9];
80
81
const char *localname;
82
char *hostname;
83
char *urlpath;
84
const char *cert;
85
const char *sslkey;
86
int tpm;
87
char *tpmpass;
88
const char *cafile;
89
const char *xmlconfig;
90
char xmlsha1[(SHA_DIGEST_LENGTH * 2) + 1];
91
char *username;
92
char *password;
93
int nopasswd;
94
95
char *cookie;
96
struct vpn_option *cookies;
97
struct vpn_option *cstp_options;
98
struct vpn_option *dtls_options;
99
100
SSL_CTX *https_ctx;
101
SSL *https_ssl;
102
struct keepalive_info ssl_times;
103
int owe_ssl_dpd_response;
104
struct pkt *deflate_pkt;
105
struct pkt *current_ssl_pkt;
106
107
z_stream inflate_strm;
108
uint32_t inflate_adler32;
109
z_stream deflate_strm;
110
uint32_t deflate_adler32;
111
112
int reconnect_timeout;
113
int reconnect_interval;
114
int dtls_attempt_period;
115
time_t new_dtls_started;
116
SSL_CTX *dtls_ctx;
117
SSL *dtls_ssl;
118
SSL *new_dtls_ssl;
119
SSL_SESSION *dtls_session;
120
struct keepalive_info dtls_times;
121
unsigned char dtls_session_id[32];
122
unsigned char dtls_secret[48];
123
124
char *vpnc_script;
125
int script_tun;
126
char *ifname;
127
128
int mtu;
129
const char *vpn_addr;
130
const char *vpn_netmask;
131
const char *vpn_dns[3];
132
const char *vpn_nbns[3];
133
const char *vpn_domain;
134
struct split_include *split_includes;
135
136
int select_nfds;
137
fd_set select_rfds;
138
fd_set select_wfds;
139
fd_set select_efds;
140
141
int tun_fd;
142
int ssl_fd;
143
int dtls_fd;
144
int new_dtls_fd;
145
146
struct pkt *incoming_queue;
147
struct pkt *outgoing_queue;
148
int outgoing_qlen;
149
int max_qlen;
150
151
socklen_t peer_addrlen;
152
struct sockaddr *peer_addr;
153
154
int deflate;
155
const char *useragent;
156
157
char *quit_reason;
158
159
int (*validate_peer_cert) (struct openconnect_info *vpninfo, X509 *cert);
160
int (*write_new_config) (struct openconnect_info *vpninfo, char *buf, int buflen);
161
162
void __attribute__ ((format(printf, 3, 4)))
163
(*progress) (struct openconnect_info *vpninfo, int level, const char *fmt, ...);
164
};
165
166
#define PRG_ERR 0
167
#define PRG_INFO 1
168
#define PRG_DEBUG 2
169
#define PRG_TRACE 3
170
171
/* Packet types */
172
173
#define AC_PKT_DATA 0 /* Uncompressed data */
174
#define AC_PKT_DPD_OUT 3 /* Dead Peer Detection */
175
#define AC_PKT_DPD_RESP 4 /* DPD response */
176
#define AC_PKT_DISCONN 5 /* Client disconnection notice */
177
#define AC_PKT_KEEPALIVE 7 /* Keepalive */
178
#define AC_PKT_COMPRESSED 8 /* Compressed data */
179
#define AC_PKT_TERM_SERVER 9 /* Server kick */
180
181
182
/* tun.c */
183
int setup_tun(struct openconnect_info *vpninfo);
184
int tun_mainloop(struct openconnect_info *vpninfo, int *timeout);
185
186
/* dtls.c */
187
int setup_dtls(struct openconnect_info *vpninfo);
188
int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout);
189
int dtls_try_handshake(struct openconnect_info *vpninfo);
190
int connect_dtls_socket(struct openconnect_info *vpninfo);
191
192
/* cstp.c */
193
int make_cstp_connection(struct openconnect_info *vpninfo);
194
int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout);
195
int cstp_bye(struct openconnect_info *vpninfo, char *reason);
196
197
/* ssl.c */
198
void openconnect_init_openssl(void);
199
int __attribute__ ((format (printf, 2, 3)))
200
openconnect_SSL_printf(SSL *ssl, const char *fmt, ...);
201
int openconnect_SSL_gets(SSL *ssl, char *buf, size_t len);
202
int openconnect_open_https(struct openconnect_info *vpninfo);
203
void openconnect_close_https(struct openconnect_info *vpninfo);
204
205
/* main.c */
206
extern int verbose;
207
208
/* mainloop.c */
209
int vpn_add_pollfd(struct openconnect_info *vpninfo, int fd, short events);
210
int vpn_mainloop(struct openconnect_info *vpninfo);
211
int queue_new_packet(struct pkt **q, int type, void *buf, int len);
212
void queue_packet(struct pkt **q, struct pkt *new);
213
int keepalive_action(struct keepalive_info *ka, int *timeout);
214
int ka_stalled_dpd_time(struct keepalive_info *ka, int *timeout);
215
216
extern int killed;
217
218
/* xml.c */
219
int config_lookup_host(struct openconnect_info *vpninfo, const char *host);
220
221
/* http.c */
222
int openconnect_obtain_cookie(struct openconnect_info *vpninfo);
223
char *openconnect_create_useragent(char *base);
224
225
/* ssl_ui.c */
226
int set_openssl_ui(void);
227
228
/* securid.c */
229
int generate_securid_tokencodes(struct openconnect_info *vpninfo);
230
int add_securid_pin(char *token, char *pin);
231
232
/* version.c */
233
extern char openconnect_version[];
234
235
#endif /* __OPENCONNECT_ANYCONNECT_H */
Loggerhead is a web-based interface for Breezy
Version: 2.0.1