2
* OpenVPN -- An application to securely tunnel IP networks
3
* over a single UDP port, with support for SSL/TLS-based
4
* session authentication and key exchange,
5
* packet encryption, packet authentication, and
8
* Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
10
* This program is free software; you can redistribute it and/or modify
11
* it under the terms of the GNU General Public License version 2
12
* as published by the Free Software Foundation.
14
* This program is distributed in the hope that it will be useful,
15
* but WITHOUT ANY WARRANTY; without even the implied warranty of
16
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
* GNU General Public License for more details.
19
* You should have received a copy of the GNU General Public License
20
* along with this program (see the file COPYING included with this
21
* distribution); if not, write to the Free Software Foundation, Inc.,
22
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29
* Only include if not during configure
33
#include "config-win32.h"
39
/* branch prediction hints */
41
# define likely(x) __builtin_expect((x),1)
42
# define unlikely(x) __builtin_expect((x),0)
44
# define likely(x) (x)
45
# define unlikely(x) (x)
48
#if defined(_WIN32) && !defined(WIN32)
54
#define sleep(x) Sleep((x)*1000)
59
#ifdef HAVE_SYS_TYPES_H
60
#include <sys/types.h>
63
#ifdef HAVE_SYS_WAIT_H
64
# include <sys/wait.h>
69
# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
72
# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
76
#ifdef TIME_WITH_SYS_TIME
77
# include <sys/time.h>
80
# ifdef HAVE_SYS_TIME_H
81
# include <sys/time.h>
87
#ifdef HAVE_SYS_SOCKET_H
88
#include <sys/socket.h>
95
#ifdef HAVE_SYS_IOCTL_H
96
#include <sys/ioctl.h>
99
#ifdef HAVE_SYS_STAT_H
100
#include <sys/stat.h>
107
#ifdef HAVE_SYS_FILE_H
108
#include <sys/file.h>
167
#ifdef HAVE_NETINET_IN_H
168
#include <netinet/in.h>
175
#ifdef HAVE_SYS_POLL_H
176
#include <sys/poll.h>
179
#ifdef HAVE_SYS_EPOLL_H
180
#include <sys/epoll.h>
184
#include <selinux/selinux.h>
187
#ifdef TARGET_SOLARIS
188
#ifdef HAVE_STRINGS_H
197
#ifdef HAVE_ARPA_INET_H
198
#include <arpa/inet.h>
207
#if defined(HAVE_NETINET_IF_ETHER_H)
208
#include <netinet/if_ether.h>
211
#ifdef HAVE_LINUX_IF_TUN_H
212
#include <linux/if_tun.h>
215
#ifdef HAVE_NETINET_IP_H
216
#include <netinet/ip.h>
219
#ifdef HAVE_LINUX_SOCKIOS_H
220
#include <linux/sockios.h>
223
#ifdef HAVE_LINUX_TYPES_H
224
#include <linux/types.h>
227
#ifdef HAVE_LINUX_ERRQUEUE_H
228
#include <linux/errqueue.h>
231
#ifdef HAVE_NETINET_TCP_H
232
#include <netinet/tcp.h>
235
#endif /* TARGET_LINUX */
237
#ifdef TARGET_SOLARIS
239
#ifdef HAVE_STROPTS_H
244
#ifdef HAVE_NET_IF_TUN_H
245
#include <net/if_tun.h>
248
#ifdef HAVE_SYS_SOCKIO_H
249
#include <sys/sockio.h>
252
#ifdef HAVE_NETINET_IN_SYSTM_H
253
#include <netinet/in_systm.h>
256
#ifdef HAVE_NETINET_IP_H
257
#include <netinet/ip.h>
260
#ifdef HAVE_NETINET_TCP_H
261
#include <netinet/tcp.h>
264
#endif /* TARGET_SOLARIS */
266
#ifdef TARGET_OPENBSD
268
#ifdef HAVE_SYS_UIO_H
272
#ifdef HAVE_NETINET_IN_SYSTM_H
273
#include <netinet/in_systm.h>
276
#ifdef HAVE_NETINET_IP_H
277
#include <netinet/ip.h>
280
#ifdef HAVE_NET_IF_TUN_H
281
#include <net/if_tun.h>
284
#endif /* TARGET_OPENBSD */
286
#ifdef TARGET_FREEBSD
288
#ifdef HAVE_SYS_UIO_H
292
#ifdef HAVE_NETINET_IN_SYSTM_H
293
#include <netinet/in_systm.h>
296
#ifdef HAVE_NETINET_IP_H
297
#include <netinet/ip.h>
300
#ifdef HAVE_NET_IF_TUN_H
301
#include <net/if_tun.h>
304
#endif /* TARGET_FREEBSD */
308
#ifdef HAVE_NET_IF_TUN_H
309
#include <net/if_tun.h>
312
#ifdef HAVE_NETINET_TCP_H
313
#include <netinet/tcp.h>
316
#endif /* TARGET_NETBSD */
318
#ifdef TARGET_DRAGONFLY
320
#ifdef HAVE_SYS_UIO_H
324
#ifdef HAVE_NETINET_IN_SYSTM_H
325
#include <netinet/in_systm.h>
328
#ifdef HAVE_NETINET_IP_H
329
#include <netinet/ip.h>
332
#ifdef HAVE_NET_TUN_IF_TUN_H
333
#include <net/tun/if_tun.h>
336
#endif /* TARGET_DRAGONFLY */
339
#include <iphlpapi.h>
343
#ifdef HAVE_SYS_MMAN_H
345
#define _P1003_1B_VISIBLE
346
#endif /* TARGET_DARWIN */
347
#include <sys/mman.h>
351
* Pedantic mode is meant to accomplish lint-style program checking,
352
* not to build a working executable.
354
#ifdef __STRICT_ANSI__
356
# undef HAVE_CPP_VARARG_MACRO_GCC
357
# undef HAVE_CPP_VARARG_MACRO_ISO
358
# undef EMPTY_ARRAY_SIZE
359
# define EMPTY_ARRAY_SIZE 1
367
* Do we have the capability to support the --passtos option?
369
#if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
370
#define PASSTOS_CAPABILITY 1
372
#define PASSTOS_CAPABILITY 0
376
* Do we have the capability to report extended socket errors?
378
#if defined(HAVE_LINUX_TYPES_H) && defined(HAVE_LINUX_ERRQUEUE_H) && defined(HAVE_SOCK_EXTENDED_ERR) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(IP_RECVERR) && defined(MSG_ERRQUEUE) && defined(SOL_IP) && defined(HAVE_IOVEC)
379
#define EXTENDED_SOCKET_ERROR_CAPABILITY 1
381
#define EXTENDED_SOCKET_ERROR_CAPABILITY 0
385
* Does this platform support linux-style IP_PKTINFO?
387
#if defined(ENABLE_MULTIHOME) && defined(HAVE_IN_PKTINFO) && defined(IP_PKTINFO) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
388
#define ENABLE_IP_PKTINFO 1
390
#define ENABLE_IP_PKTINFO 0
397
#undef EXTENDED_SOCKET_ERROR_CAPABILITY
398
#define EXTENDED_SOCKET_ERROR_CAPABILITY 0
402
* Do we have a syslog capability?
404
#if defined(HAVE_OPENLOG) && defined(HAVE_SYSLOG)
405
#define SYSLOG_CAPABILITY 1
407
#define SYSLOG_CAPABILITY 0
411
* Does this OS draw a distinction between binary and ascii files?
418
* Directory separation char
421
#define OS_SPECIFIC_DIRSEP '\\'
423
#define OS_SPECIFIC_DIRSEP '/'
427
* Define a boolean value based
437
* Our socket descriptor type.
440
#define SOCKET_UNDEFINED (INVALID_SOCKET)
441
typedef SOCKET socket_descriptor_t;
443
#define SOCKET_UNDEFINED (-1)
444
typedef int socket_descriptor_t;
448
socket_defined (const socket_descriptor_t sd)
450
return sd != SOCKET_UNDEFINED;
454
* Should statistics counters be 64 bits?
456
#define USE_64_BIT_COUNTERS
459
* Should we enable the use of execve() for calling subprocesses,
460
* instead of system()?
462
#if defined(HAVE_EXECVE) && defined(HAVE_FORK)
463
#define ENABLE_EXECVE
467
* Do we have point-to-multipoint capability?
470
#if defined(ENABLE_CLIENT_SERVER) && defined(USE_CRYPTO) && defined(USE_SSL) && defined(HAVE_GETTIMEOFDAY)
476
#if P2MP && !defined(ENABLE_CLIENT_ONLY)
477
#define P2MP_SERVER 1
479
#define P2MP_SERVER 0
483
* HTTPS port sharing capability
485
#if defined(ENABLE_PORT_SHARE) && P2MP_SERVER && defined(SCM_RIGHTS) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
492
* Do we have a plug-in capability?
494
#if defined(USE_LIBDL) || defined(USE_LOAD_LIBRARY)
495
#define ENABLE_PLUGIN
499
* Enable deferred authentication?
501
#if defined(CONFIGURE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_PLUGIN)
502
#define PLUGIN_DEF_AUTH
504
#if defined(CONFIGURE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_MANAGEMENT)
505
#define MANAGEMENT_DEF_AUTH
507
#if defined(PLUGIN_DEF_AUTH) || defined(MANAGEMENT_DEF_AUTH)
508
#define ENABLE_DEF_AUTH
512
* Enable packet filter?
514
#if defined(CONFIGURE_PF) && P2MP_SERVER && defined(ENABLE_PLUGIN) && defined(HAVE_STAT)
517
#if defined(CONFIGURE_PF) && P2MP_SERVER && defined(MANAGEMENT_DEF_AUTH)
518
#define MANAGEMENT_PF
520
#if defined(PLUGIN_PF) || defined(MANAGEMENT_PF)
525
* Do we support Unix domain sockets?
527
#if defined(PF_UNIX) && !defined(WIN32)
528
#define UNIX_SOCK_SUPPORT 1
530
#define UNIX_SOCK_SUPPORT 0
534
* Don't compile the struct buffer_list code unless something needs it
536
#if defined(ENABLE_MANAGEMENT) || defined(ENABLE_PF)
537
#define ENABLE_BUFFER_LIST
541
* Do we have pthread capability?
544
#if defined(USE_CRYPTO) && defined(USE_SSL) && P2MP
552
* Pthread support is currently experimental (and quite unfinished).
554
#if 1 /* JYFIXME -- if defined, disable pthread */
559
* Should we include OCC (options consistency check) code?
566
* Should we include NTLM proxy functionality
568
#if defined(USE_CRYPTO) && defined(ENABLE_HTTP_PROXY)
575
* Should we include code common to all proxy methods?
577
#if defined(ENABLE_HTTP_PROXY) || defined(ENABLE_SOCKS)
578
#define GENERAL_PROXY_SUPPORT
582
* Do we have PKCS11 capability?
584
#if defined(USE_PKCS11) && defined(USE_CRYPTO) && defined(USE_SSL)
585
#define ENABLE_PKCS11
589
* Is poll available on this platform?
591
#if defined(HAVE_POLL) && defined(HAVE_SYS_POLL_H)
598
* Is epoll available on this platform?
600
#if defined(HAVE_EPOLL_CREATE) && defined(HAVE_SYS_EPOLL_H)
613
* Should we allow ca/cert/key files to be
614
* included inline, in the configuration file?
616
#define ENABLE_INLINE_FILES 1
619
* Reduce sensitivity to system clock instability
622
#define TIME_BACKTRACK_PROTECTION 1
625
* Is non-blocking connect() supported?
627
#if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_ERROR) && defined(EINPROGRESS) && defined(ETIMEDOUT)
628
#define CONNECT_NONBLOCK
632
* Do we have the capability to support the AUTO_USERID feature?
634
#if defined(ENABLE_AUTO_USERID)
635
#define AUTO_USERID 1
637
#define AUTO_USERID 0
641
* Support "connection" directive
643
#if ENABLE_INLINE_FILES
644
#define ENABLE_CONNECTION 1