1/*
2 *  OpenVPN -- An application to securely tunnel IP networks
3 *             over a single UDP port, with support for SSL/TLS-based
4 *             session authentication and key exchange,
5 *             packet encryption, packet authentication, and
6 *             packet compression.
7 *
8 *  Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
9 *
10 *  This program is free software; you can redistribute it and/or modify
11 *  it under the terms of the GNU General Public License version 2
12 *  as published by the Free Software Foundation.
13 *
14 *  This program is distributed in the hope that it will be useful,
15 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17 *  GNU General Public License for more details.
18 *
19 *  You should have received a copy of the GNU General Public License
20 *  along with this program (see the file COPYING included with this
21 *  distribution); if not, write to the Free Software Foundation, Inc.,
22 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23 */
24
25#ifndef SYSHEAD_H
26#define SYSHEAD_H
27
28#include "compat.h"
29#include "compat-stdbool.h"
30
31/* branch prediction hints */
32#if defined(__GNUC__)
33# define likely(x)       __builtin_expect((x),1)
34# define unlikely(x)     __builtin_expect((x),0)
35#else
36# define likely(x)      (x)
37# define unlikely(x)    (x)
38#endif
39
40#ifdef WIN32
41#include <windows.h>
42#include <winsock2.h>
43#define sleep(x) Sleep((x)*1000)
44#define random rand
45#define srandom srand
46#endif
47
48#if defined(__APPLE__)
49#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 1070
50#define __APPLE_USE_RFC_3542  1
51#endif
52#endif
53
54#ifdef HAVE_SYS_TYPES_H
55#include <sys/types.h>
56#endif
57
58#ifdef HAVE_SYS_WAIT_H
59# include <sys/wait.h>
60#endif
61
62#ifndef WIN32
63#ifndef WEXITSTATUS
64# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
65#endif
66#ifndef WIFEXITED
67# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
68#endif
69#endif
70
71#ifdef HAVE_SYS_TIME_H
72#include <sys/time.h>
73#endif
74
75#ifdef HAVE_TIME_H
76#include <time.h>
77#endif
78
79#ifdef HAVE_SYS_SOCKET_H
80#include <sys/socket.h>
81#endif
82
83#ifdef HAVE_SYS_UN_H
84#include <sys/un.h>
85#endif
86
87#ifdef HAVE_SYS_IOCTL_H
88#include <sys/ioctl.h>
89#endif
90
91#ifdef HAVE_SYS_STAT_H
92#include <sys/stat.h>
93#endif
94
95#ifdef HAVE_FCNTL_H
96#include <fcntl.h>
97#endif
98
99#ifdef HAVE_DIRECT_H
100#include <direct.h>
101#endif
102
103#ifdef HAVE_IO_H
104#include <io.h>
105#endif
106
107#ifdef HAVE_SYS_FILE_H
108#include <sys/file.h>
109#endif
110
111#ifdef HAVE_STDLIB_H
112#include <stdlib.h>
113#endif
114
115#ifdef HAVE_INTTYPES_H
116#include <inttypes.h>
117#elif defined(HAVE_STDINT_H)
118#include <stdint.h>
119#endif
120
121#ifdef HAVE_STDARG_H
122#include <stdarg.h>
123#endif
124
125#ifdef HAVE_UNISTD_H
126#include <unistd.h>
127#endif
128
129#ifdef HAVE_SIGNAL_H
130#include <signal.h>
131#endif
132
133#ifdef HAVE_LIMITS_H
134#include <limits.h>
135#endif
136
137#ifdef HAVE_STDIO_H
138#include <stdio.h>
139#endif
140
141#ifdef HAVE_CTYPE_H
142#include <ctype.h>
143#endif
144
145#ifdef HAVE_ERRNO_H
146#include <errno.h>
147#endif
148
149#ifdef HAVE_ERR_H
150#include <err.h>
151#endif
152
153#ifdef HAVE_SYSLOG_H
154#include <syslog.h>
155#endif
156
157#ifdef HAVE_PWD_H
158#include <pwd.h>
159#endif
160
161#ifdef HAVE_GRP_H
162#include <grp.h>
163#endif
164
165#ifdef HAVE_NETDB_H
166#include <netdb.h>
167#endif
168
169#ifdef HAVE_NETINET_IN_H
170#include <netinet/in.h>
171#endif
172
173#ifdef HAVE_RESOLV_H
174#include <resolv.h>
175#endif
176
177#ifdef HAVE_SYS_POLL_H
178#include <sys/poll.h>
179#endif
180
181#ifdef HAVE_SYS_EPOLL_H
182#include <sys/epoll.h>
183#endif
184
185#ifdef ENABLE_SELINUX
186#include <selinux/selinux.h>
187#endif
188
189#if defined(HAVE_LIBGEN_H)
190#include <libgen.h>
191#endif
192
193#ifdef TARGET_SOLARIS
194#ifdef HAVE_STRINGS_H
195#include <strings.h>
196#endif
197#else
198#ifdef HAVE_STRING_H
199#include <string.h>
200#endif
201#endif
202
203#ifdef HAVE_ARPA_INET_H
204#include <arpa/inet.h>
205#endif
206
207#ifdef HAVE_NET_IF_H
208#include <net/if.h>
209#endif
210
211#ifdef TARGET_NETBSD
212#include <net/if_tap.h>
213#endif
214
215#ifdef TARGET_LINUX
216
217#if defined(HAVE_NETINET_IF_ETHER_H)
218#include <netinet/if_ether.h>
219#endif
220
221#ifdef HAVE_LINUX_IF_TUN_H
222#include <linux/if_tun.h>
223#endif
224
225#ifdef HAVE_NETINET_IP_H
226#include <netinet/ip.h>
227#endif
228
229#ifdef HAVE_LINUX_SOCKIOS_H
230#include <linux/sockios.h>
231#endif
232
233#ifdef HAVE_LINUX_TYPES_H
234#include <linux/types.h>
235#endif
236
237#ifdef HAVE_LINUX_ERRQUEUE_H
238#include <linux/errqueue.h>
239#endif
240
241#ifdef HAVE_NETINET_TCP_H
242#include <netinet/tcp.h>
243#endif
244
245#endif /* TARGET_LINUX */
246
247#ifdef TARGET_SOLARIS
248
249#ifdef HAVE_STROPTS_H
250#include <stropts.h>
251#undef S_ERROR
252#endif
253
254#ifdef HAVE_NET_IF_TUN_H
255#include <net/if_tun.h>
256#endif
257
258#ifdef HAVE_SYS_SOCKIO_H
259#include <sys/sockio.h>
260#endif
261
262#ifdef HAVE_NETINET_IN_SYSTM_H
263#include <netinet/in_systm.h>
264#endif
265
266#ifdef HAVE_NETINET_IP_H
267#include <netinet/ip.h>
268#endif
269
270#ifdef HAVE_NETINET_TCP_H
271#include <netinet/tcp.h>
272#endif
273
274#endif /* TARGET_SOLARIS */
275
276#ifdef TARGET_OPENBSD
277
278#ifdef HAVE_SYS_UIO_H
279#include <sys/uio.h>
280#endif
281
282#ifdef HAVE_NETINET_IN_SYSTM_H
283#include <netinet/in_systm.h>
284#endif
285
286#ifdef HAVE_NETINET_IP_H
287#include <netinet/ip.h>
288#endif
289
290#ifdef HAVE_NET_IF_TUN_H
291#include <net/if_tun.h>
292#endif
293
294#endif /* TARGET_OPENBSD */
295
296#ifdef TARGET_FREEBSD
297
298#ifdef HAVE_SYS_UIO_H
299#include <sys/uio.h>
300#endif
301
302#ifdef HAVE_NETINET_IN_SYSTM_H
303#include <netinet/in_systm.h>
304#endif
305
306#ifdef HAVE_NETINET_IP_H
307#include <netinet/ip.h>
308#endif
309
310#ifdef HAVE_NETINET_TCP_H
311#include <netinet/tcp.h>
312#endif
313
314#ifdef HAVE_NET_IF_TUN_H
315#include <net/if_tun.h>
316#endif
317
318#endif /* TARGET_FREEBSD */
319
320#ifdef TARGET_NETBSD
321
322#ifdef HAVE_NET_IF_TUN_H
323#include <net/if_tun.h>
324#endif
325
326#ifdef HAVE_NETINET_TCP_H
327#include <netinet/tcp.h>
328#endif
329
330#endif /* TARGET_NETBSD */
331
332#ifdef TARGET_DRAGONFLY
333
334#ifdef HAVE_SYS_UIO_H
335#include <sys/uio.h>
336#endif
337
338#ifdef HAVE_NETINET_IN_SYSTM_H
339#include <netinet/in_systm.h>
340#endif
341
342#ifdef HAVE_NETINET_IP_H
343#include <netinet/ip.h>
344#endif
345
346#ifdef HAVE_NET_TUN_IF_TUN_H
347#include <net/tun/if_tun.h>
348#endif
349
350#endif /* TARGET_DRAGONFLY */
351
352#ifdef WIN32
353#include <iphlpapi.h>
354#include <ntddndis.h>
355#include <wininet.h>
356#include <shellapi.h>
357/* The following two headers are needed of PF_INET6 */
358#include <winsock2.h>
359#include <ws2tcpip.h>
360#endif
361
362#ifdef HAVE_SYS_MMAN_H
363#ifdef TARGET_DARWIN
364#define _P1003_1B_VISIBLE
365#endif /* TARGET_DARWIN */
366#include <sys/mman.h>
367#endif
368
369/*
370 * Pedantic mode is meant to accomplish lint-style program checking,
371 * not to build a working executable.
372 */
373#ifdef __STRICT_ANSI__
374# define PEDANTIC 1
375# undef HAVE_CPP_VARARG_MACRO_GCC
376# undef HAVE_CPP_VARARG_MACRO_ISO
377# undef EMPTY_ARRAY_SIZE
378# define EMPTY_ARRAY_SIZE 1
379# undef inline
380# define inline
381#else
382# define PEDANTIC 0
383#endif
384
385/*
386 * Do we have the capability to support the --passtos option?
387 */
388#if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
389#define PASSTOS_CAPABILITY 1
390#else
391#define PASSTOS_CAPABILITY 0
392#endif
393
394/*
395 * Do we have nanoseconds gettimeofday?
396 */
397#if defined(HAVE_GETTIMEOFDAY) || defined(WIN32)
398#define HAVE_GETTIMEOFDAY_NANOSECONDS 1
399#endif
400
401/*
402 * do we have the MIN() macro?
403 */
404#ifndef MIN
405#define MIN(a,b) (((a)<(b))?(a):(b))
406#endif
407
408/*
409 * Do we have the capability to report extended socket errors?
410 */
411#if defined(HAVE_LINUX_TYPES_H) && defined(HAVE_LINUX_ERRQUEUE_H) && defined(HAVE_SOCK_EXTENDED_ERR) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(IP_RECVERR) && defined(MSG_ERRQUEUE) && defined(SOL_IP) && defined(HAVE_IOVEC)
412#define EXTENDED_SOCKET_ERROR_CAPABILITY 1
413#else
414#define EXTENDED_SOCKET_ERROR_CAPABILITY 0
415#endif
416
417/*
418 * Does this platform support linux-style IP_PKTINFO
419 * or bsd-style IP_RECVDSTADDR ?
420 */
421#if defined(ENABLE_MULTIHOME) && ((defined(HAVE_IN_PKTINFO)&&defined(IP_PKTINFO)) || defined(IP_RECVDSTADDR)) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
422#define ENABLE_IP_PKTINFO 1
423#else
424#define ENABLE_IP_PKTINFO 0
425#endif
426
427/*
428 * Does this platform define SOL_IP
429 * or only bsd-style IPPROTO_IP ?
430 */
431#ifndef SOL_IP
432#define SOL_IP IPPROTO_IP
433#endif
434
435/*
436 * Disable ESEC
437 */
438#if 0
439#undef EXTENDED_SOCKET_ERROR_CAPABILITY
440#define EXTENDED_SOCKET_ERROR_CAPABILITY 0
441#endif
442
443/*
444 * Do we have a syslog capability?
445 */
446#if defined(HAVE_OPENLOG) && defined(HAVE_SYSLOG)
447#define SYSLOG_CAPABILITY 1
448#else
449#define SYSLOG_CAPABILITY 0
450#endif
451
452/*
453 * Does this OS draw a distinction between binary and ascii files?
454 */
455#ifndef O_BINARY
456#define O_BINARY 0
457#endif
458
459/*
460 * Directory separation char
461 */
462#ifdef WIN32
463#define OS_SPECIFIC_DIRSEP '\\'
464#else
465#define OS_SPECIFIC_DIRSEP '/'
466#endif
467
468/*
469 * Define a boolean value based
470 * on Win32 status.
471 */
472#ifdef WIN32
473#define WIN32_0_1 1
474#else
475#define WIN32_0_1 0
476#endif
477
478/*
479 * Our socket descriptor type.
480 */
481#ifdef WIN32
482#define SOCKET_UNDEFINED (INVALID_SOCKET)
483typedef SOCKET socket_descriptor_t;
484#else
485#define SOCKET_UNDEFINED (-1)
486typedef int socket_descriptor_t;
487#endif
488
489static inline int
490socket_defined (const socket_descriptor_t sd)
491{
492  return sd != SOCKET_UNDEFINED;
493}
494
495/*
496 * Should statistics counters be 64 bits?
497 */
498#define USE_64_BIT_COUNTERS
499
500/*
501 * Should we enable the use of execve() for calling subprocesses,
502 * instead of system()?
503 */
504#if defined(HAVE_EXECVE) && defined(HAVE_FORK)
505#define ENABLE_FEATURE_EXECVE
506#endif
507
508/*
509 * Do we have point-to-multipoint capability?
510 */
511
512#if defined(ENABLE_CLIENT_SERVER) && defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) && defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
513#define P2MP 1
514#else
515#define P2MP 0
516#endif
517
518#if P2MP && !defined(ENABLE_CLIENT_ONLY)
519#define P2MP_SERVER 1
520#else
521#define P2MP_SERVER 0
522#endif
523
524/*
525 * HTTPS port sharing capability
526 */
527#if defined(ENABLE_PORT_SHARE) && P2MP_SERVER && defined(SCM_RIGHTS) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
528#define PORT_SHARE 1
529#else
530#define PORT_SHARE 0
531#endif
532
533/*
534 * Enable deferred authentication?
535 */
536#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_PLUGIN)
537#define PLUGIN_DEF_AUTH
538#endif
539#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_MANAGEMENT)
540#define MANAGEMENT_DEF_AUTH
541#endif
542#if !defined(PLUGIN_DEF_AUTH) && !defined(MANAGEMENT_DEF_AUTH)
543#undef ENABLE_DEF_AUTH
544#endif
545
546/*
547 * Enable external private key
548 */
549#if defined(ENABLE_MANAGEMENT) && defined(ENABLE_SSL) && !defined(ENABLE_CRYPTO_POLARSSL)
550#define MANAGMENT_EXTERNAL_KEY
551#endif
552
553/* Enable PolarSSL RNG prediction resistance support */
554#ifdef ENABLE_CRYPTO_POLARSSL
555#define ENABLE_PREDICTION_RESISTANCE
556#endif /* ENABLE_CRYPTO_POLARSSL */
557
558/*
559 * MANAGEMENT_IN_EXTRA allows the management interface to
560 * read multi-line inputs from clients.
561 */
562#if defined(MANAGEMENT_DEF_AUTH) || defined(MANAGMENT_EXTERNAL_KEY)
563#define MANAGEMENT_IN_EXTRA
564#endif
565
566/*
567 * Enable packet filter?
568 */
569#if defined(ENABLE_PF) && P2MP_SERVER && defined(ENABLE_PLUGIN) && defined(HAVE_STAT)
570#define PLUGIN_PF
571#endif
572#if defined(ENABLE_PF) && P2MP_SERVER && defined(MANAGEMENT_DEF_AUTH)
573#define MANAGEMENT_PF
574#endif
575#if !defined(PLUGIN_PF) && !defined(MANAGEMENT_PF)
576#undef ENABLE_PF
577#endif
578
579/*
580 * Do we support Unix domain sockets?
581 */
582#if defined(PF_UNIX) && !defined(WIN32)
583#define UNIX_SOCK_SUPPORT 1
584#else
585#define UNIX_SOCK_SUPPORT 0
586#endif
587
588/*
589 * Compile the struct buffer_list code
590 */
591#define ENABLE_BUFFER_LIST
592
593/*
594 * Should we include OCC (options consistency check) code?
595 */
596#ifndef ENABLE_SMALL
597#define ENABLE_OCC
598#endif
599
600/*
601 * Should we include NTLM proxy functionality
602 */
603#if defined(ENABLE_CRYPTO) && defined(ENABLE_HTTP_PROXY)
604#define NTLM 1
605#else
606#define NTLM 0
607#endif
608
609/*
610 * Should we include proxy digest auth functionality
611 */
612#if defined(ENABLE_CRYPTO) && defined(ENABLE_HTTP_PROXY)
613#define PROXY_DIGEST_AUTH 1
614#else
615#define PROXY_DIGEST_AUTH 0
616#endif
617
618/*
619 * Should we include code common to all proxy methods?
620 */
621#if defined(ENABLE_HTTP_PROXY) || defined(ENABLE_SOCKS)
622#define GENERAL_PROXY_SUPPORT
623#endif
624
625/*
626 * Do we have CryptoAPI capability?
627 */
628#if defined(WIN32) && defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) && defined(ENABLE_CRYPTO_OPENSSL)
629#define ENABLE_CRYPTOAPI
630#endif
631
632/*
633 * Enable x509-track feature?
634 */
635#if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) && defined (ENABLE_CRYPTO_OPENSSL)
636#define ENABLE_X509_TRACK
637#endif
638
639/*
640 * Is poll available on this platform?
641 */
642#if defined(HAVE_POLL) && defined(HAVE_SYS_POLL_H)
643#define POLL 1
644#else
645#define POLL 0
646#endif
647
648/*
649 * Is epoll available on this platform?
650 */
651#if defined(HAVE_EPOLL_CREATE) && defined(HAVE_SYS_EPOLL_H)
652#define EPOLL 1
653#else
654#define EPOLL 0
655#endif
656
657/* Disable EPOLL */
658#if 0
659#undef EPOLL
660#define EPOLL 0
661#endif
662
663/*
664 * Should we include http proxy override functionality
665 */
666#if defined(ENABLE_MANAGEMENT) && defined(ENABLE_HTTP_PROXY)
667#define HTTP_PROXY_OVERRIDE 1
668#else
669#define HTTP_PROXY_OVERRIDE 0
670#endif
671
672/*
673 * Reduce sensitivity to system clock instability
674 * and backtracks.
675 */
676#if defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
677#define TIME_BACKTRACK_PROTECTION 1
678#endif
679
680/*
681 * Enable traffic shaper.
682 */
683#if defined(HAVE_GETTIMEOFDAY_NANOSECONDS)
684#define ENABLE_FEATURE_SHAPER 1
685#endif
686
687/*
688 * Is non-blocking connect() supported?
689 */
690#if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_ERROR) && defined(EINPROGRESS) && defined(ETIMEDOUT)
691#define CONNECT_NONBLOCK
692#endif
693
694/*
695 * Do we have the capability to support the AUTO_USERID feature?
696 */
697#if defined(ENABLE_AUTO_USERID)
698#define AUTO_USERID 1
699#else
700#define AUTO_USERID 0
701#endif
702
703/*
704 * Do we support challenge/response authentication as client?
705 */
706#if defined(ENABLE_MANAGEMENT)
707#define ENABLE_CLIENT_CR
708#endif
709
710/*
711 * Do we support pushing peer info?
712 */
713#if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL)
714#define ENABLE_PUSH_PEER_INFO
715#endif
716
717/*
718 * Do we support internal client-side NAT?
719 */
720#define ENABLE_CLIENT_NAT
721
722/*
723 * Enable --memstats option
724 */
725#ifdef TARGET_LINUX
726#define ENABLE_MEMSTATS
727#endif
728
729extern int ambitWriteLog(char *pcLog, int iLen);//allenwen add for openvpn log
730
731#endif
732