OpenVPN
common.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifndef COMMON_H
25 #define COMMON_H
26 
27 /*
28  * Statistics counters and associated printf format.
29  */
30 typedef uint64_t counter_type;
31 #define counter_format "%" PRIu64
32 
33 /*
34  * Time intervals
35  */
36 typedef int interval_t;
37 
38 /*
39  * Used as an upper bound for timeouts.
40  */
41 #define BIG_TIMEOUT (60*60*24*7) /* one week (in seconds) */
42 
43 /*
44  * Printf formats for special types
45  */
46 #ifdef _WIN64
47 #define ptr_format "0x%016" PRIx64
48 #else
49 #define ptr_format "0x%08lx"
50 #endif
51 #define fragment_header_format "0x%08x"
52 
53 /* these are used to cast the arguments
54  * and MUST match the formats above */
55 #ifdef _WIN64
56 typedef unsigned long long ptr_type;
57 #else
58 typedef unsigned long ptr_type;
59 #endif
60 
61 /* the --client-config-dir default file */
62 #define CCD_DEFAULT "DEFAULT"
63 
64 /*
65  * This parameter controls the TLS channel buffer size and the
66  * maximum size of a single TLS message (cleartext).
67  * This parameter must be >= PUSH_BUNDLE_SIZE
68  */
69 #define TLS_CHANNEL_BUF_SIZE 2048
70 
71 /* TLS control buffer minimum size
72  *
73  * A control frame might have IPv6 header (40 byte),
74  * UDP (8 byte), opcode (1), session id (8),
75  * ACK array with 4 ACKs in non-ACK_V1 packets (25 bytes)
76  * tls-crypt(56) or tls-auth(up to 72). To allow secure
77  * renegotiation (dynamic tls-crypt), we set this minimum
78  * to 154, which only allows 16 byte of payload and should
79  * be considered an absolute minimum and not a good value to
80  * set
81  */
82 #define TLS_CHANNEL_MTU_MIN 154
83 
84 /*
85  * This parameter controls the maximum size of a bundle
86  * of pushed options.
87  */
88 #define PUSH_BUNDLE_SIZE 1024
89 
90 /*
91  * In how many seconds does client re-send PUSH_REQUEST if we haven't yet received a reply
92  */
93 #define PUSH_REQUEST_INTERVAL 5
94 
95 /*
96  * Script security warning
97  */
98 #define SCRIPT_SECURITY_WARNING "WARNING: External program may not be called unless '--script-security 2' or higher is enabled. See --help text or man page for detailed info."
99 
100 #endif /* ifndef COMMON_H */
interval_t
int interval_t
Definition: common.h:36
counter_type
uint64_t counter_type
Definition: common.h:30
ptr_type
unsigned long ptr_type
Definition: common.h:58
Generated by   doxygen 1.8.17