OpenVPN
options.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 /*
25  * 2004-01-28: Added Socks5 proxy support
26  * (Christof Meerwald, http://cmeerw.org)
27  */
28 
29 #ifndef OPTIONS_H
30 #define OPTIONS_H
31 
32 #include "basic.h"
33 #include "common.h"
34 #include "mtu.h"
35 #include "route.h"
36 #include "tun.h"
37 #include "socket.h"
38 #include "plugin.h"
39 #include "manage.h"
40 #include "proxy.h"
41 #include "comp.h"
42 #include "pushlist.h"
43 #include "clinat.h"
44 #include "crypto_backend.h"
45 #include "dns.h"
46 
47 
48 /*
49  * Maximum number of parameters associated with an option,
50  * including the option name itself.
51  */
52 #define MAX_PARMS 16
53 
54 /*
55  * Max size of options line and parameter.
56  */
57 #define OPTION_PARM_SIZE 256
58 #define OPTION_LINE_SIZE 256
59 
60 extern const char title_string[];
61 
62 /* certain options are saved before --pull modifications are applied */
64 {
67 
70 
73 
74  const char *route_default_gateway;
76 
79 
81 
82  const char *ciphername;
83  const char *authname;
84 
88 
91 };
92 
93 #if !defined(ENABLE_CRYPTO_OPENSSL) && !defined(ENABLE_CRYPTO_MBEDTLS)
94 #error "At least one of OpenSSL or mbed TLS needs to be defined."
95 #endif
96 
98 {
99  int proto;
101  const char *local_port;
103  const char *remote_port;
104  const char *local;
105  const char *remote;
114  const char *socks_proxy_server;
115  const char *socks_proxy_port;
116  const char *socks_proxy_authfile;
117 
118  int tun_mtu; /* MTU of tun device */
119  int occ_mtu; /* if non-null, this is the MTU we announce to peers in OCC */
120  int tun_mtu_max; /* maximum MTU that can be pushed */
121 
122  bool tun_mtu_defined; /* true if user overriding parm with command line option */
125  int link_mtu; /* MTU of device over which tunnel packets pass via TCP/UDP */
126  bool link_mtu_defined; /* true if user overriding parm with command line option */
127  int tls_mtu; /* Maximum MTU for the control channel messages */
128 
129  /* Advanced MTU negotiation and datagram fragmentation options */
130  int mtu_discover_type; /* used if OS supports setting Path MTU discovery options on socket */
131 
132  int fragment; /* internal fragmentation size */
133  bool fragment_encap; /* true if --fragment had the "mtu" parameter to
134  * include overhead from IP and TCP/UDP encapsulation */
135  int mssfix; /* Upper bound on TCP MSS */
136  bool mssfix_default; /* true if --mssfix should use the default parameters */
137  bool mssfix_encap; /* true if --mssfix had the "mtu" parameter to include
138  * overhead from IP and TCP/UDP encapsulation */
139  bool mssfix_fixed; /* use the mssfix value without any encapsulation adjustments */
140 
141  int explicit_exit_notification; /* Explicitly tell peer when we are exiting via OCC_EXIT or [RESTART] message */
142 
143 #define CE_DISABLED (1<<0)
144 #define CE_MAN_QUERY_PROXY (1<<1)
145 #define CE_MAN_QUERY_REMOTE_UNDEF 0
146 #define CE_MAN_QUERY_REMOTE_QUERY 1
147 #define CE_MAN_QUERY_REMOTE_ACCEPT 2
148 #define CE_MAN_QUERY_REMOTE_MOD 3
149 #define CE_MAN_QUERY_REMOTE_SKIP 4
150 #define CE_MAN_QUERY_REMOTE_MASK (0x07)
151 #define CE_MAN_QUERY_REMOTE_SHIFT (2)
152  unsigned int flags;
153 
154  /* Shared secret used for TLS control channel authentication */
155  const char *tls_auth_file;
158 
159  /* Shared secret used for TLS control channel authenticated encryption */
160  const char *tls_crypt_file;
162 
163  /* Client-specific secret or server key used for TLS control channel
164  * authenticated encryption v2 */
165  const char *tls_crypt_v2_file;
167 
168  /* Allow only client that support resending the wrapped client key */
170 };
171 
173 {
174  const char *remote;
175  const char *remote_port;
176  int proto;
178 };
179 
180 #define CONNECTION_LIST_SIZE 64
181 
183 {
184  int capacity;
185  int len;
186  int current;
188 };
189 
191 {
192  int capacity;
193  int len;
194  struct remote_entry **array;
195 };
196 
198 {
199  /* Names of the providers */
200  const char *names[MAX_PARMS];
201  /* Pointers to the loaded providers to unload them */
203 };
204 
206 {
210 };
211 
213 {
214 #define RH_HOST_LEN 80
216 #define RH_PORT_LEN 20
218 };
219 
225 };
226 
228 {
229  /* We support SHA256 and SHA1 fingerpint. In the case of using the
230  * deprecated SHA1, only the first 20 bytes of each list item are used */
233 };
234 
235 /* Command line options */
236 struct options
237 {
238  struct gc_arena gc;
239  bool gc_owned;
240 
241  /* first config file */
242  const char *config;
243 
244  /* major mode */
245 #define MODE_POINT_TO_POINT 0
246 #define MODE_SERVER 1
247  int mode;
248 
249  /* enable forward compatibility for post-2.1 features */
253  unsigned int backwards_compatible;
254 
255  /* list of options that should be ignored even if unknown */
256  const char **ignore_unknown_option;
257 
258  /* persist parms */
261 
262  const char *key_pass_file;
268  bool genkey;
270  const char *genkey_filename;
271  const char *genkey_extra_data;
272 
273  /* Networking parms */
277 
279  /* Do not advance the connection or remote addr list */
281  /* Advance directly to the next remote, skipping remaining addresses of the
282  * current remote */
284  /* Counts the number of unsuccessful connection attempts */
285  unsigned int unsuccessful_attempts;
286  /* count of connection entries to advance by when no_advance is not set */
288  /* the server can suggest a backoff time to the client, it
289  * will still be capped by the max timeout between connections
290  * (300s by default) */
292 
293 #if ENABLE_MANAGEMENT
295 #endif
296 
298 
300 
302  const char *ipchange;
303  const char *dev;
304  const char *dev_type;
305  const char *dev_node;
306  const char *lladdr;
307  int topology; /* one of the TOP_x values from proto.h */
308  const char *ifconfig_local;
310  const char *ifconfig_ipv6_local;
312  const char *ifconfig_ipv6_remote;
315  int shaper;
316 
318 
319  bool mtu_test;
320 
321 #ifdef ENABLE_MEMSTATS
322  char *memstats_fn;
323 #endif
324 
325  bool mlock;
326 
327  int keepalive_ping; /* a proxy for ping/ping-restart */
329 
330  int inactivity_timeout; /* --inactive */
332 
333  int session_timeout; /* Force-kill session after n seconds */
334 
335  int ping_send_timeout; /* Send a TCP/UDP ping to remote every n seconds */
336  int ping_rec_timeout; /* Expect a TCP/UDP ping from remote at least once every n seconds */
337  bool ping_timer_remote; /* Run ping timer only if we have a remote address */
338 
339 #define PING_UNDEF 0
340 #define PING_EXIT 1
341 #define PING_RESTART 2
342  int ping_rec_timeout_action; /* What action to take on ping_rec_timeout (exit or restart)? */
343 
344  bool persist_tun; /* Don't close/reopen TUN/TAP dev on SIGUSR1 or PING_RESTART */
345  bool persist_local_ip; /* Don't re-resolve local address on SIGUSR1 or PING_RESTART */
346  bool persist_remote_ip; /* Don't re-resolve remote address on SIGUSR1 or PING_RESTART */
347  bool persist_key; /* Don't re-read key files on SIGUSR1 or PING_RESTART */
348 
349 #if PASSTOS_CAPABILITY
350  bool passtos;
351 #endif
352 
353  int resolve_retry_seconds; /* If hostname resolve fails, retry for n seconds */
355  const char *ip_remote_hint;
356 
358 
359  /* Misc parms */
360  const char *username;
361  const char *groupname;
362  const char *chroot_dir;
363  const char *cd_dir;
364 #ifdef ENABLE_SELINUX
365  char *selinux_context;
366 #endif
367  const char *writepid;
368  const char *up_script;
369  const char *down_script;
371  bool down_pre;
372  bool up_delay;
374  bool daemon;
375 
377 
378  bool log;
381  int nice;
383  int mute;
384 
385 #ifdef ENABLE_DEBUG
386  int gremlin;
387 #endif
388 
389  const char *status_file;
392 
393  /* optimize TUN/TAP/UDP writes */
394  bool fast_io;
395 
397 
398  /* buffer sizes */
399  int rcvbuf;
400  int sndbuf;
401 
402  /* mark value */
403  int mark;
404  char *bind_dev;
405 
406  /* socket flags */
407  unsigned int sockflags;
408 
409  /* route management */
410  const char *route_script;
411  const char *route_predown_script;
424  bool allow_pull_fqdn; /* as a client, allow server to push a FQDN for certain parameters */
426 
427  /* Enable options consistency check between peers */
428  bool occ;
429 
430 #ifdef ENABLE_MANAGEMENT
431  const char *management_addr;
432  const char *management_port;
433  const char *management_user_pass;
437 
440 
442 #endif
443  /* Mask of MF_ values of manage.h */
444  unsigned int management_flags;
445 
446 #ifdef ENABLE_PLUGIN
448 #endif
449 
450  /* the tmp dir is for now only used in the P2P server context */
451  const char *tmp_dir;
453  in_addr_t server_network;
454  in_addr_t server_netmask;
455  bool server_ipv6_defined; /* IPv6 */
456  struct in6_addr server_network_ipv6; /* IPv6 */
457  unsigned int server_netbits_ipv6; /* IPv6 */
458 
459 #define SF_NOPOOL (1<<0)
460 #define SF_TCP_NODELAY_HELPER (1<<1)
461 #define SF_NO_PUSH_ROUTE_GATEWAY (1<<2)
462  unsigned int server_flags;
463 
465 
467  in_addr_t server_bridge_ip;
471 
475  in_addr_t ifconfig_pool_end;
479 
480  bool ifconfig_ipv6_pool_defined; /* IPv6 */
481  struct in6_addr ifconfig_ipv6_pool_base; /* IPv6 */
483 
488  const char *learn_address_script;
490  const char *client_config_dir;
492  bool disable;
495  struct iroute *iroutes;
496  struct iroute_ipv6 *iroutes_ipv6; /* IPv6 */
504  bool push_ifconfig_ipv4_blocked; /* IPv4 */
505  bool push_ifconfig_ipv6_defined; /* IPv6 */
506  struct in6_addr push_ifconfig_ipv6_local; /* IPv6 */
508  struct in6_addr push_ifconfig_ipv6_remote; /* IPv6 */
509  bool push_ifconfig_ipv6_blocked; /* IPv6 */
512 
513  int cf_max;
514  int cf_per;
515 
518 
523 
532 
533 #if PORT_SHARE
534  char *port_share_host;
535  char *port_share_port;
536  const char *port_share_journal_dir;
537 #endif
538 
539  bool client;
540  bool pull; /* client pull of config options from server */
543  const char *auth_user_pass_file;
546 
548 
549 #ifdef ENABLE_MANAGEMENT
551 #endif
552  /* Cipher parms */
553  const char *shared_secret_file;
557  const char *ciphername;
560  const char *ncp_ciphers;
561  const char *authname;
562  const char *engine;
567  const char *packet_id_file;
569 #ifdef ENABLE_PREDICTION_RESISTANCE
570  bool use_prediction_resistance;
571 #endif
572 
573  /* TLS (control channel) parms */
576  const char *ca_file;
578  const char *ca_path;
579  const char *dh_file;
581  const char *cert_file;
583  const char *extra_certs_file;
585  const char *priv_key_file;
587  const char *pkcs12_file;
589  const char *cipher_list;
590  const char *cipher_list_tls13;
591  const char *tls_groups;
592  const char *tls_cert_profile;
593  const char *ecdh_curve;
594  const char *tls_verify;
597  const char *verify_x509_name;
598  const char *crl_file;
600 
601  int ns_cert_type; /* set to 0, NS_CERT_CHECK_SERVER, or NS_CERT_CHECK_CLIENT */
603  const char *remote_cert_eku;
608  unsigned int ssl_flags; /* set to SSLF_x flags from ssl.h */
609 
610 #ifdef ENABLE_PKCS11
611  const char *pkcs11_providers[MAX_PARMS];
612  unsigned pkcs11_private_mode[MAX_PARMS];
613  bool pkcs11_protected_authentication[MAX_PARMS];
614  bool pkcs11_cert_private[MAX_PARMS];
615  int pkcs11_pin_cache_period;
616  const char *pkcs11_id;
618 #endif
619 
620 #ifdef ENABLE_CRYPTOAPI
621  const char *cryptoapi_cert;
622 #endif
623  /* Per-packet timeout on control channel */
625 
626  /* Data channel key renegotiation parameters */
631 
632  /* Data channel key handshake must finalize
633  * within n seconds of handshake initiation. */
635 
636 #ifdef ENABLE_X509ALTUSERNAME
637  /* Field list used to be the username in X509 cert. */
638  char *x509_username_field[MAX_PARMS];
639 #endif
640 
641  /* Old key allowed to live n seconds after new key goes active */
643 
644  /* Shared secret used for TLS control channel authentication */
645  const char *tls_auth_file;
647 
648  /* Shared secret used for TLS control channel authenticated encryption */
649  const char *tls_crypt_file;
651 
652  /* Client-specific secret or server key used for TLS control channel
653  * authenticated encryption v2 */
654  const char *tls_crypt_v2_file;
656 
658 
660 
661  /* Allow only one session */
663 
665 
666  bool tls_exit;
667 
668  const struct x509_track *x509_track;
669 
670  /* special state parms */
672 
673 #ifdef _WIN32
674  HANDLE msg_channel;
675  const char *exit_event_name;
681 #endif
682 
684  uint32_t peer_id;
685 
686 #ifdef HAVE_EXPORT_KEYING_MATERIAL
687  /* Keying Material Exporters [RFC 5705] */
688  const char *keying_material_exporter_label;
689  int keying_material_exporter_length;
690 #endif
691  /* force using TLS key material export for data channel key generation */
693 
696  uint16_t vlan_pvid;
697 
699 
700  /* Useful when packets sent by openvpn itself are not subject
701  * to the routing tables that would move packets into the tunnel. */
703 
704  /* data channel crypto flags set by push/pull. Reuses the CO_* crypto_flags */
706 };
707 
708 #define streq(x, y) (!strcmp((x), (y)))
709 
710 /*
711  * Option classes.
712  */
713 #define OPT_P_GENERAL (1<<0)
714 #define OPT_P_UP (1<<1)
715 #define OPT_P_ROUTE (1<<2)
716 #define OPT_P_DHCPDNS (1<<3) /* includes ip windows options like */
717 #define OPT_P_SCRIPT (1<<4)
718 #define OPT_P_SETENV (1<<5)
719 #define OPT_P_SHAPER (1<<6)
720 #define OPT_P_TIMER (1<<7)
721 #define OPT_P_PERSIST (1<<8)
722 #define OPT_P_PERSIST_IP (1<<9)
723 #define OPT_P_COMP (1<<10) /* TODO */
724 #define OPT_P_MESSAGES (1<<11)
725 #define OPT_P_NCP (1<<12)
726 #define OPT_P_TLS_PARMS (1<<13) /* TODO */
727 #define OPT_P_MTU (1<<14) /* TODO */
728 #define OPT_P_NICE (1<<15)
729 #define OPT_P_PUSH (1<<16)
730 #define OPT_P_INSTANCE (1<<17)
731 #define OPT_P_CONFIG (1<<18)
732 #define OPT_P_EXPLICIT_NOTIFY (1<<19)
733 #define OPT_P_ECHO (1<<20)
734 #define OPT_P_INHERIT (1<<21)
735 #define OPT_P_ROUTE_EXTRAS (1<<22)
736 #define OPT_P_PULL_MODE (1<<23)
737 #define OPT_P_PLUGIN (1<<24)
738 #define OPT_P_SOCKBUF (1<<25)
739 #define OPT_P_SOCKFLAGS (1<<26)
740 #define OPT_P_CONNECTION (1<<27)
741 #define OPT_P_PEER_ID (1<<28)
742 #define OPT_P_INLINE (1<<29)
743 #define OPT_P_PUSH_MTU (1<<30)
744 
745 #define OPT_P_DEFAULT (~(OPT_P_INSTANCE|OPT_P_PULL_MODE))
746 
747 #define PULL_DEFINED(opt) ((opt)->pull)
748 #define PUSH_DEFINED(opt) ((opt)->push_list)
749 
750 #ifndef PULL_DEFINED
751 #define PULL_DEFINED(opt) (false)
752 #endif
753 
754 #ifndef PUSH_DEFINED
755 #define PUSH_DEFINED(opt) (false)
756 #endif
757 
758 #ifdef _WIN32
759 #define ROUTE_OPTION_FLAGS(o) ((o)->route_method & ROUTE_METHOD_MASK)
760 #else
761 #define ROUTE_OPTION_FLAGS(o) (0)
762 #endif
763 
764 #define SHAPER_DEFINED(opt) ((opt)->shaper)
765 
766 #ifdef ENABLE_PLUGIN
767 #define PLUGIN_OPTION_LIST(opt) ((opt)->plugin_list)
768 #else
769 #define PLUGIN_OPTION_LIST(opt) (NULL)
770 #endif
771 
772 #ifdef ENABLE_MANAGEMENT
773 #define MAN_CLIENT_AUTH_ENABLED(opt) ((opt)->management_flags & MF_CLIENT_AUTH)
774 #else
775 #define MAN_CLIENT_AUTH_ENABLED(opt) (false)
776 #endif
777 
778 void parse_argv(struct options *options,
779  const int argc,
780  char *argv[],
781  const int msglevel,
782  const unsigned int permission_mask,
783  unsigned int *option_types_found,
784  struct env_set *es);
785 
786 void notnull(const char *arg, const char *description);
787 
788 void usage_small(void);
789 
790 void show_library_versions(const unsigned int flags);
791 
792 #ifdef _WIN32
793 void show_windows_version(const unsigned int flags);
794 
795 #endif
796 
797 void show_dco_version(const unsigned int flags);
798 
799 void init_options(struct options *o, const bool init_gc);
800 
801 void uninit_options(struct options *o);
802 
803 void setenv_settings(struct env_set *es, const struct options *o);
804 
805 void show_settings(const struct options *o);
806 
807 bool string_defined_equal(const char *s1, const char *s2);
808 
809 const char *options_string_version(const char *s, struct gc_arena *gc);
810 
811 char *options_string(const struct options *o,
812  const struct frame *frame,
813  struct tuntap *tt,
814  openvpn_net_ctx_t *ctx,
815  bool remote,
816  struct gc_arena *gc);
817 
818 bool options_cmp_equal_safe(char *actual, const char *expected, size_t actual_n);
819 
820 void options_warning_safe(char *actual, const char *expected, size_t actual_n);
821 
822 bool options_cmp_equal(char *actual, const char *expected);
823 
824 void options_warning(char *actual, const char *expected);
825 
837  const char *opt_name, struct gc_arena *gc);
838 
839 
840 void options_postprocess(struct options *options, struct env_set *es);
841 
842 bool options_postprocess_pull(struct options *o, struct env_set *es);
843 
844 void pre_connect_restore(struct options *o, struct gc_arena *gc);
845 
846 bool apply_push_options(struct options *options,
847  struct buffer *buf,
848  unsigned int permission_mask,
849  unsigned int *option_types_found,
850  struct env_set *es);
851 
852 void options_detach(struct options *o);
853 
854 void options_server_import(struct options *o,
855  const char *filename,
856  int msglevel,
857  unsigned int permission_mask,
858  unsigned int *option_types_found,
859  struct env_set *es);
860 
861 void pre_pull_default(struct options *o);
862 
863 void rol_check_alloc(struct options *options);
864 
865 int parse_line(const char *line,
866  char *p[],
867  const int n,
868  const char *file,
869  const int line_num,
870  int msglevel,
871  struct gc_arena *gc);
872 
873 /*
874  * parse/print topology coding
875  */
876 
877 int parse_topology(const char *str, const int msglevel);
878 
879 const char *print_topology(const int topology);
880 
881 /*
882  * Manage auth-retry variable
883  */
884 
885 #define AR_NONE 0
886 #define AR_INTERACT 1
887 #define AR_NOINTERACT 2
888 
889 int auth_retry_get(void);
890 
891 bool auth_retry_set(const int msglevel, const char *option);
892 
893 const char *auth_retry_print(void);
894 
896  const char *config,
897  const int msglevel,
898  const unsigned int permission_mask,
899  unsigned int *option_types_found,
900  struct env_set *es);
901 
902 bool key_is_external(const struct options *options);
903 
907 static inline bool
908 dco_enabled(const struct options *o)
909 {
910 #ifdef ENABLE_DCO
911  return !o->tuntap_options.disable_dco;
912 #else
913  return false;
914 #endif /* ENABLE_DCO */
915 }
916 
917 #endif /* ifndef OPTIONS_H */
connection_entry::tls_crypt_file
const char * tls_crypt_file
Definition: options.h:160
options::keepalive_timeout
int keepalive_timeout
Definition: options.h:328
options::server_network_ipv6
struct in6_addr server_network_ipv6
Definition: options.h:456
options::replay_time
int replay_time
Definition: options.h:566
GENKEY_AUTH_TOKEN
@ GENKEY_AUTH_TOKEN
Definition: options.h:224
options::genkey_type
enum genkey_type genkey_type
Definition: options.h:269
options::vlan_tagging
bool vlan_tagging
Definition: options.h:694
options::show_engines
bool show_engines
Definition: options.h:265
options::ssl_flags
unsigned int ssl_flags
Definition: options.h:608
options::verbosity
int verbosity
Definition: options.h:382
iroute
Definition: route.h:234
connection_entry::mtu_discover_type
int mtu_discover_type
Definition: options.h:130
options::verify_hash
struct verify_hash_list * verify_hash
Definition: options.h:604
connection_entry::mssfix_encap
bool mssfix_encap
Definition: options.h:137
connection_entry::mssfix
int mssfix
Definition: options.h:135
compress_options
Definition: comp.h:64
options::show_digests
bool show_digests
Definition: options.h:264
pull_filter_list
Definition: options.c:941
connection_entry::link_mtu
int link_mtu
Definition: options.h:125
options::use_peer_id
bool use_peer_id
Definition: options.h:683
options::sc_info
struct static_challenge_info sc_info
Definition: options.h:550
options::client_connect_script
const char * client_connect_script
Definition: options.h:486
options::tcp_queue_limit
int tcp_queue_limit
Definition: options.h:494
options::enable_ncp_fallback
bool enable_ncp_fallback
If defined fall back to ciphername if NCP fails.
Definition: options.h:558
GENKEY_SECRET
@ GENKEY_SECRET
Definition: options.h:221
VLAN_ONLY_UNTAGGED_OR_PRIORITY
@ VLAN_ONLY_UNTAGGED_OR_PRIORITY
Definition: options.h:208
options::nice
int nice
Definition: options.h:381
options::cf_initial_per
int cf_initial_per
Definition: options.h:517
options_warning_safe
void options_warning_safe(char *actual, const char *expected, size_t actual_n)
Definition: options.c:4630
connection_entry::connect_retry_seconds
int connect_retry_seconds
Definition: options.h:110
connection_entry::explicit_exit_notification
int explicit_exit_notification
Definition: options.h:141
options::route_gateway_via_dhcp
bool route_gateway_via_dhcp
Definition: options.h:423
options::up_script
const char * up_script
Definition: options.h:368
options::keepalive_ping
int keepalive_ping
Definition: options.h:327
connection_entry::socks_proxy_server
const char * socks_proxy_server
Definition: options.h:114
options_pre_connect::route_ipv6_default_gateway
const char * route_ipv6_default_gateway
Definition: options.h:75
provider_list
Definition: options.h:197
options::server_flags
unsigned int server_flags
Definition: options.h:462
options::ce_advance_count
int ce_advance_count
Definition: options.h:287
options::auth_token_secret_file
const char * auth_token_secret_file
Definition: options.h:530
options::ipchange
const char * ipchange
Definition: options.h:302
options::show_ciphers
bool show_ciphers
Definition: options.h:263
RH_PORT_LEN
#define RH_PORT_LEN
Definition: options.h:216
argv
Definition: argv.h:35
options::enable_c2c
bool enable_c2c
Definition: options.h:510
options::duplicate_cn
bool duplicate_cn
Definition: options.h:511
connection_entry::tls_crypt_file_inline
bool tls_crypt_file_inline
Definition: options.h:161
show_dco_version
void show_dco_version(const unsigned int flags)
Definition: options.c:4861
options::server_network
in_addr_t server_network
Definition: options.h:453
options::inactivity_minimum_bytes
int64_t inactivity_minimum_bytes
Definition: options.h:331
manage.h
options::ca_path
const char * ca_path
Definition: options.h:578
connection_entry::remote_port
const char * remote_port
Definition: options.h:103
client_nat_option_list
Definition: clinat.h:43
options::forward_compatible
bool forward_compatible
Definition: options.h:250
options::cert_file
const char * cert_file
Definition: options.h:581
es
struct env_set * es
Definition: test_pkcs11.c:133
hash
Definition: list.h:58
options::route_nopull
bool route_nopull
Definition: options.h:422
options::server_bridge_ip
in_addr_t server_bridge_ip
Definition: options.h:467
connection_entry::tun_mtu_defined
bool tun_mtu_defined
Definition: options.h:122
options::key_direction
int key_direction
Definition: options.h:556
options::topology
int topology
Definition: options.h:307
verify_hash_list::next
struct verify_hash_list * next
Definition: options.h:232
options::authname
const char * authname
Definition: options.h:561
options::dev_type
const char * dev_type
Definition: options.h:304
options::iroutes
struct iroute * iroutes
Definition: options.h:495
title_string
const char title_string[]
Definition: options.c:67
string_defined_equal
bool string_defined_equal(const char *s1, const char *s2)
Definition: options.c:4917
options::status_file_update_freq
int status_file_update_freq
Definition: options.h:391
options::tls_client
bool tls_client
Definition: options.h:575
options::shared_secret_file
const char * shared_secret_file
Definition: options.h:553
options::extra_certs_file_inline
bool extra_certs_file_inline
Definition: options.h:584
connection_entry::tls_crypt_v2_force_cookie
bool tls_crypt_v2_force_cookie
Definition: options.h:169
connection_entry::connect_timeout
int connect_timeout
Definition: options.h:112
options::server_defined
bool server_defined
Definition: options.h:452
windows_driver_type
windows_driver_type
Definition: tun.h:49
plugin_option_list
Definition: plugin.h:50
GENKEY_TLS_CRYPTV2_CLIENT
@ GENKEY_TLS_CRYPTV2_CLIENT
Definition: options.h:222
options::cipher_list
const char * cipher_list
Definition: options.h:589
vlan_acceptable_frames
vlan_acceptable_frames
Definition: options.h:205
options::mode
int mode
Definition: options.h:247
options::session_timeout
int session_timeout
Definition: options.h:333
options::mute
int mute
Definition: options.h:383
VLAN_ONLY_TAGGED
@ VLAN_ONLY_TAGGED
Definition: options.h:207
remote_host_store::port
char port[RH_PORT_LEN]
Definition: options.h:217
MAX_PARMS
#define MAX_PARMS
Definition: options.h:52
connection_entry::link_mtu_defined
bool link_mtu_defined
Definition: options.h:126
options::push_ifconfig_ipv6_local
struct in6_addr push_ifconfig_ipv6_local
Definition: options.h:506
provider_list::providers
provider_t * providers[MAX_PARMS]
Definition: options.h:202
options::ce
struct connection_entry ce
Definition: options.h:275
options::msg_channel
HANDLE msg_channel
Definition: options.h:674
auth_retry_print
const char * auth_retry_print(void)
Definition: options.c:4790
options_server_import
void options_server_import(struct options *o, const char *filename, int msglevel, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
Definition: options.c:5528
usage_small
void usage_small(void)
Definition: options.c:4844
options::n_bcast_buf
int n_bcast_buf
Definition: options.h:493
options::ifconfig_ipv6_pool_defined
bool ifconfig_ipv6_pool_defined
Definition: options.h:480
verify_hash_list
Definition: options.h:227
options::verify_hash_algo
hash_algo_type verify_hash_algo
Definition: options.h:605
openvpn_net_ctx_t
void * openvpn_net_ctx_t
Definition: networking.h:28
clinat.h
options::genkey_extra_data
const char * genkey_extra_data
Definition: options.h:271
remote_entry::remote
const char * remote
Definition: options.h:174
options_pre_connect::foreign_option_index
int foreign_option_index
Definition: options.h:89
connection_list::capacity
int capacity
Definition: options.h:184
plugin.h
options_pre_connect::ping_rec_timeout_action
int ping_rec_timeout_action
Definition: options.h:87
options::shaper
int shaper
Definition: options.h:315
options::tls_export_peer_cert_dir
const char * tls_export_peer_cert_dir
Definition: options.h:595
options_string_version
const char * options_string_version(const char *s, struct gc_arena *gc)
Definition: options.c:4636
options::cd_dir
const char * cd_dir
Definition: options.h:363
RH_HOST_LEN
#define RH_HOST_LEN
Definition: options.h:214
options::remote_random
bool remote_random
Definition: options.h:301
options::ifconfig_noexec
bool ifconfig_noexec
Definition: options.h:313
frame
Packet geometry parameters.
Definition: mtu.h:98
options::push_continuation
int push_continuation
Definition: options.h:541
connection_entry::fragment_encap
bool fragment_encap
Definition: options.h:133
options::tls_server
bool tls_server
Definition: options.h:574
options::allow_deprecated_insecure_static_crypto
bool allow_deprecated_insecure_static_crypto
Definition: options.h:555
options::auth_token_renewal
int auth_token_renewal
Definition: options.h:529
options_pre_connect::routes_ipv6
struct route_ipv6_option_list * routes_ipv6
Definition: options.h:72
connection_entry::bind_local
bool bind_local
Definition: options.h:109
provider_list::names
const char * names[MAX_PARMS]
Definition: options.h:200
connection_entry
Definition: options.h:97
remote_entry::af
sa_family_t af
Definition: options.h:177
options::allow_recursive_routing
bool allow_recursive_routing
Definition: options.h:702
options::routes_ipv6
struct route_ipv6_option_list * routes_ipv6
Definition: options.h:420
options::tls_exit
bool tls_exit
Definition: options.h:666
options::route_noexec
bool route_noexec
Definition: options.h:415
options_postprocess
void options_postprocess(struct options *options, struct env_set *es)
Definition: options.c:4174
options::tls_cert_profile
const char * tls_cert_profile
Definition: options.h:592
sa_family_t
unsigned short sa_family_t
Definition: syshead.h:385
options::renegotiate_seconds
int renegotiate_seconds
Definition: options.h:629
parse_topology
int parse_topology(const char *str, const int msglevel)
Definition: options.c:4711
options::persist_local_ip
bool persist_local_ip
Definition: options.h:345
options::verify_hash_depth
int verify_hash_depth
Definition: options.h:606
options::ignore_unknown_option
const char ** ignore_unknown_option
Definition: options.h:256
options::ecdh_curve
const char * ecdh_curve
Definition: options.h:593
mtu.h
parse_line
int parse_line(const char *line, char *p[], const int n, const char *file, const int line_num, int msglevel, struct gc_arena *gc)
Definition: options.c:4961
options::show_curves
bool show_curves
Definition: options.h:267
connection_list::len
int len
Definition: options.h:185
options::http_proxy_override
struct http_proxy_options * http_proxy_override
Definition: options.h:294
options::cipher_list_tls13
const char * cipher_list_tls13
Definition: options.h:590
options::up_delay
bool up_delay
Definition: options.h:372
options::writepid
const char * writepid
Definition: options.h:367
options_pre_connect::tuntap_options_defined
bool tuntap_options_defined
Definition: options.h:65
options_pre_connect::ciphername
const char * ciphername
Definition: options.h:82
options::max_clients
int max_clients
Definition: options.h:519
options::disable
bool disable
Definition: options.h:492
connection_entry::socks_proxy_port
const char * socks_proxy_port
Definition: options.h:115
options::dh_file
const char * dh_file
Definition: options.h:579
options::resolve_in_advance
bool resolve_in_advance
Definition: options.h:354
options::ifconfig_nowarn
bool ifconfig_nowarn
Definition: options.h:314
options::dev
const char * dev
Definition: options.h:303
connection_list::current
int current
Definition: options.h:186
options::management_port
const char * management_port
Definition: options.h:432
options::rh_store
struct remote_host_store * rh_store
Definition: options.h:297
options::groupname
const char * groupname
Definition: options.h:361
connection_entry::connect_retry_seconds_max
int connect_retry_seconds_max
Definition: options.h:111
options::ip_remote_hint
const char * ip_remote_hint
Definition: options.h:355
options::single_session
bool single_session
Definition: options.h:662
options::auth_user_pass_file
const char * auth_user_pass_file
Definition: options.h:543
options::client_nat
struct client_nat_option_list * client_nat
Definition: options.h:425
options_pre_connect::routes
struct route_option_list * routes
Definition: options.h:69
options::server_netmask
in_addr_t server_netmask
Definition: options.h:454
connection_list
Definition: options.h:182
options::cf_initial_max
int cf_initial_max
Definition: options.h:516
options::ping_send_timeout
int ping_send_timeout
Definition: options.h:335
remote_entry::remote_port
const char * remote_port
Definition: options.h:175
options::windows_driver
enum windows_driver_type windows_driver
Definition: options.h:680
options::x509_track
const struct x509_track * x509_track
Definition: options.h:668
options::client
bool client
Definition: options.h:539
tun.h
options::shared_secret_file_inline
bool shared_secret_file_inline
Definition: options.h:554
options::pre_connect
struct options_pre_connect * pre_connect
Definition: options.h:545
route_option_list
Definition: route.h:93
connection_entry::bind_defined
bool bind_defined
Definition: options.h:107
options::management_client_group
const char * management_client_group
Definition: options.h:439
options::test_crypto
bool test_crypto
Definition: options.h:568
options::verify_hash_no_ca
bool verify_hash_no_ca
Definition: options.h:607
options::block_outside_dns
bool block_outside_dns
Definition: options.h:679
options_pre_connect::route_default_gateway
const char * route_default_gateway
Definition: options.h:74
options::ifconfig_ipv6_netbits
int ifconfig_ipv6_netbits
Definition: options.h:311
options::ncp_ciphers
const char * ncp_ciphers
Definition: options.h:560
options::push_ifconfig_ipv6_defined
bool push_ifconfig_ipv6_defined
Definition: options.h:505
options::tls_crypt_file
const char * tls_crypt_file
Definition: options.h:649
connection_entry::mssfix_fixed
bool mssfix_fixed
Definition: options.h:139
setenv_settings
void setenv_settings(struct env_set *es, const struct options *o)
Definition: options.c:1008
options::comp
struct compress_options comp
Definition: options.h:396
options::persist_config
bool persist_config
Definition: options.h:259
options_pre_connect::routes_ipv6_defined
bool routes_ipv6_defined
Definition: options.h:71
options::imported_protocol_flags
unsigned int imported_protocol_flags
Definition: options.h:705
options::auth_token_lifetime
int auth_token_lifetime
Definition: options.h:528
options::push_peer_info
bool push_peer_info
Definition: options.h:664
parse_argv
void parse_argv(struct options *options, const int argc, char *argv[], const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
Definition: options.c:5385
options::allow_pull_fqdn
bool allow_pull_fqdn
Definition: options.h:424
options::tls_crypt_v2_file
const char * tls_crypt_v2_file
Definition: options.h:654
options::push_ifconfig_ipv6_blocked
bool push_ifconfig_ipv6_blocked
Definition: options.h:509
route.h
options::management_state_buffer_size
int management_state_buffer_size
Definition: options.h:436
remote_host_store::host
char host[RH_HOST_LEN]
Definition: options.h:215
options::push_ifconfig_defined
bool push_ifconfig_defined
Definition: options.h:497
options::persist_tun
bool persist_tun
Definition: options.h:344
connection_entry::tls_auth_file
const char * tls_auth_file
Definition: options.h:155
options::backwards_compatible
unsigned int backwards_compatible
What version we should try to be compatible with as major * 10000 + minor * 100 + patch,...
Definition: options.h:253
options::tls_crypt_v2_file_inline
bool tls_crypt_v2_file_inline
Definition: options.h:655
options::proto_force
int proto_force
Definition: options.h:317
options::tls_auth_file
const char * tls_auth_file
Definition: options.h:645
connection_entry::tls_crypt_v2_file_inline
bool tls_crypt_v2_file_inline
Definition: options.h:166
options::route_predown_script
const char * route_predown_script
Definition: options.h:411
options::push_ifconfig_constraint_defined
bool push_ifconfig_constraint_defined
Definition: options.h:501
connection_entry::tls_auth_file_inline
bool tls_auth_file_inline
Definition: options.h:156
options::auth_token_secret_file_inline
bool auth_token_secret_file_inline
Definition: options.h:531
options::server_netbits_ipv6
unsigned int server_netbits_ipv6
Definition: options.h:457
connection_entry::tls_crypt_v2_file
const char * tls_crypt_v2_file
Definition: options.h:165
options::pkcs12_file_inline
bool pkcs12_file_inline
Definition: options.h:588
options::verify_x509_type
int verify_x509_type
Definition: options.h:596
options
Definition: options.h:236
options::auth_user_pass_file_inline
bool auth_user_pass_file_inline
Definition: options.h:544
connection_entry::key_direction
int key_direction
Definition: options.h:157
options::providers
struct provider_list providers
Definition: options.h:563
options::log
bool log
Definition: options.h:378
options::gc
struct gc_arena gc
Definition: options.h:238
options::mlock
bool mlock
Definition: options.h:325
options_pre_connect::ping_send_timeout
int ping_send_timeout
Definition: options.h:85
options::tls_timeout
int tls_timeout
Definition: options.h:624
options::management_addr
const char * management_addr
Definition: options.h:431
options::tls_verify
const char * tls_verify
Definition: options.h:594
hash_algo_type
hash_algo_type
Types referencing specific message digest hashing algorithms.
Definition: crypto_backend.h:51
options::down_script
const char * down_script
Definition: options.h:369
connection_entry::tun_mtu_extra
int tun_mtu_extra
Definition: options.h:123
options::no_advance
bool no_advance
Definition: options.h:280
tuntap_options
Definition: tun.h:69
options::virtual_hash_size
int virtual_hash_size
Definition: options.h:485
options::ifconfig_pool_netmask
in_addr_t ifconfig_pool_netmask
Definition: options.h:476
options::server_ipv6_defined
bool server_ipv6_defined
Definition: options.h:455
connection_entry::local_port_defined
bool local_port_defined
Definition: options.h:102
options::show_tls_ciphers
bool show_tls_ciphers
Definition: options.h:266
options::push_ifconfig_ipv6_netbits
int push_ifconfig_ipv6_netbits
Definition: options.h:507
options::tls_crypt_file_inline
bool tls_crypt_file_inline
Definition: options.h:650
options::renegotiate_seconds_min
int renegotiate_seconds_min
Definition: options.h:630
options::persist_remote_ip
bool persist_remote_ip
Definition: options.h:346
options::ccd_exclusive
bool ccd_exclusive
Definition: options.h:491
options::stale_routes_check_interval
int stale_routes_check_interval
Definition: options.h:521
options::scheduled_exit_interval
int scheduled_exit_interval
Definition: options.h:547
options_pre_connect::client_nat
struct client_nat_option_list * client_nat
Definition: options.h:78
options::ping_rec_timeout
int ping_rec_timeout
Definition: options.h:336
options::pkcs12_file
const char * pkcs12_file
Definition: options.h:587
options::client_crresponse_script
const char * client_crresponse_script
Definition: options.h:489
buffer
Wrapper structure for dynamically allocated memory.
Definition: buffer.h:60
GENKEY_TLS_CRYPTV2_SERVER
@ GENKEY_TLS_CRYPTV2_SERVER
Definition: options.h:223
options::genkey
bool genkey
Definition: options.h:268
options::verify_x509_name
const char * verify_x509_name
Definition: options.h:597
options::replay_window
int replay_window
Definition: options.h:565
options_warning
void options_warning(char *actual, const char *expected)
Definition: options.c:4471
options::route_ipv6_default_gateway
const char * route_ipv6_default_gateway
Definition: options.h:413
options::foreign_option_index
int foreign_option_index
Definition: options.h:671
static_challenge_info
Definition: misc.h:92
options::exit_event_name
const char * exit_event_name
Definition: options.h:675
options::push_ifconfig_ipv6_remote
struct in6_addr push_ifconfig_ipv6_remote
Definition: options.h:508
options::management_certificate
const char * management_certificate
Definition: options.h:441
options_pre_connect::comp
struct compress_options comp
Definition: options.h:90
provider_t
void provider_t
Definition: crypto_mbedtls.h:49
options::route_delay_defined
bool route_delay_defined
Definition: options.h:418
options::handshake_window
int handshake_window
Definition: options.h:634
options::remote_cert_ku
unsigned remote_cert_ku[MAX_PARMS]
Definition: options.h:602
connection_entry::occ_mtu
int occ_mtu
Definition: options.h:119
options::ping_timer_remote
bool ping_timer_remote
Definition: options.h:337
options::crl_file_inline
bool crl_file_inline
Definition: options.h:599
options::status_file_version
int status_file_version
Definition: options.h:390
options::route_default_metric
int route_default_metric
Definition: options.h:414
key_is_external
bool key_is_external(const struct options *options)
Definition: options.c:5710
options::sndbuf
int sndbuf
Definition: options.h:400
options::block_ipv6
bool block_ipv6
Definition: options.h:421
proxy.h
options::fast_io
bool fast_io
Definition: options.h:394
options::force_key_material_export
bool force_key_material_export
Definition: options.h:692
options::server_bridge_proxy_dhcp
bool server_bridge_proxy_dhcp
Definition: options.h:464
options::dh_file_inline
bool dh_file_inline
Definition: options.h:580
options::push_ifconfig_ipv4_blocked
bool push_ifconfig_ipv4_blocked
Definition: options.h:504
options::management_flags
unsigned int management_flags
Definition: options.h:444
options::route_method
int route_method
Definition: options.h:678
options::cert_file_inline
bool cert_file_inline
Definition: options.h:582
options::server_bridge_pool_start
in_addr_t server_bridge_pool_start
Definition: options.h:469
options::management_echo_buffer_size
int management_echo_buffer_size
Definition: options.h:435
options::unsuccessful_attempts
unsigned int unsuccessful_attempts
Definition: options.h:285
connection_list::array
struct connection_entry ** array
Definition: options.h:187
show_settings
void show_settings(const struct options *o)
Definition: options.c:1798
options::client_config_dir
const char * client_config_dir
Definition: options.h:490
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
options::status_file
const char * status_file
Definition: options.h:389
options::genkey_filename
const char * genkey_filename
Definition: options.h:270
remote_host_store
Definition: options.h:212
options::auth_token_call_auth
bool auth_token_call_auth
Definition: options.h:527
auth_retry_get
int auth_retry_get(void)
Definition: options.c:4761
remote_list::array
struct remote_entry ** array
Definition: options.h:194
options::vlan_pvid
uint16_t vlan_pvid
Definition: options.h:696
options::resolve_retry_seconds
int resolve_retry_seconds
Definition: options.h:353
rol_check_alloc
void rol_check_alloc(struct options *options)
Definition: options.c:1683
connection_entry::http_proxy_options
struct http_proxy_options * http_proxy_options
Definition: options.h:113
options_string_extract_option
char * options_string_extract_option(const char *options_string, const char *opt_name, struct gc_arena *gc)
Given an OpenVPN options string, extract the value of an option.
Definition: options.c:4644
options::ca_file
const char * ca_file
Definition: options.h:576
env_set
Definition: env_set.h:42
options::server_bridge_netmask
in_addr_t server_bridge_netmask
Definition: options.h:468
options::config
const char * config
Definition: options.h:242
options::plugin_list
struct plugin_option_list * plugin_list
Definition: options.h:447
options::priv_key_file_inline
bool priv_key_file_inline
Definition: options.h:586
comp.h
dco_enabled
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
Definition: options.h:908
connection_entry::flags
unsigned int flags
Definition: options.h:152
common.h
init_options
void init_options(struct options *o, const bool init_gc)
Definition: options.c:790
options::connect_retry_max
int connect_retry_max
Definition: options.h:274
options::tls_auth_file_inline
bool tls_auth_file_inline
Definition: options.h:646
options::management_log_history_cache
int management_log_history_cache
Definition: options.h:434
tuntap_options::disable_dco
bool disable_dco
Definition: tun.h:73
options::daemon
bool daemon
Definition: options.h:374
connection_entry::socks_proxy_authfile
const char * socks_proxy_authfile
Definition: options.h:116
options_pre_connect::routes_defined
bool routes_defined
Definition: options.h:68
VLAN_ALL
@ VLAN_ALL
Definition: options.h:209
options::ifconfig_pool_end
in_addr_t ifconfig_pool_end
Definition: options.h:475
options::tls_groups
const char * tls_groups
Definition: options.h:591
basic.h
options::gc_owned
bool gc_owned
Definition: options.h:239
options::rcvbuf
int rcvbuf
Definition: options.h:399
options::remap_sigusr1
int remap_sigusr1
Definition: options.h:376
options::exit_event_initial_state
bool exit_event_initial_state
Definition: options.h:676
options_string_import
void options_string_import(struct options *options, const char *config, const int msglevel, const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
Definition: options.c:5548
pre_connect_restore
void pre_connect_restore(struct options *o, struct gc_arena *gc)
Definition: options.c:3326
options_pre_connect::client_nat_defined
bool client_nat_defined
Definition: options.h:77
options::peer_id
uint32_t peer_id
Definition: options.h:684
options_pre_connect
Definition: options.h:63
SHA256_DIGEST_LENGTH
#define SHA256_DIGEST_LENGTH
Definition: crypto_mbedtls.h:75
options::ifconfig_pool_defined
bool ifconfig_pool_defined
Definition: options.h:473
options::advance_next_remote
bool advance_next_remote
Definition: options.h:283
options_postprocess_pull
bool options_postprocess_pull(struct options *o, struct env_set *es)
Definition: options.c:4188
apply_push_options
bool apply_push_options(struct options *options, struct buffer *buf, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
Definition: options.c:5498
connection_entry::remote_float
bool remote_float
Definition: options.h:106
connection_entry::remote
const char * remote
Definition: options.h:105
options::machine_readable_output
bool machine_readable_output
Definition: options.h:380
options::tls_crypt_v2_verify_script
const char * tls_crypt_v2_verify_script
Definition: options.h:659
options::key_pass_file
const char * key_pass_file
Definition: options.h:262
iroute_ipv6
Definition: route.h:240
connection_entry::tun_mtu_extra_defined
bool tun_mtu_extra_defined
Definition: options.h:124
options::ns_cert_type
int ns_cert_type
Definition: options.h:601
print_topology
const char * print_topology(const int topology)
Definition: options.c:4733
options::packet_id_file
const char * packet_id_file
Definition: options.h:567
remote_entry::proto
int proto
Definition: options.h:176
options::push_ifconfig_remote_netmask
in_addr_t push_ifconfig_remote_netmask
Definition: options.h:499
dns_options
Definition: dns.h:70
options::renegotiate_packets
int renegotiate_packets
Definition: options.h:628
options::connection_list
struct connection_list * connection_list
Definition: options.h:276
options::cf_per
int cf_per
Definition: options.h:514
options::ifconfig_remote_netmask
const char * ifconfig_remote_netmask
Definition: options.h:309
options::routes
struct route_option_list * routes
Definition: options.h:419
options::chroot_dir
const char * chroot_dir
Definition: options.h:362
options::down_pre
bool down_pre
Definition: options.h:371
tuntap
Definition: tun.h:171
socket.h
options::ifconfig_ipv6_pool_netbits
int ifconfig_ipv6_pool_netbits
Definition: options.h:482
options::mark
int mark
Definition: options.h:403
options::max_routes_per_client
int max_routes_per_client
Definition: options.h:520
options::cryptoapi_cert
const char * cryptoapi_cert
Definition: options.h:621
options::server_bridge_pool_end
in_addr_t server_bridge_pool_end
Definition: options.h:470
options::sockflags
unsigned int sockflags
Definition: options.h:407
options::username
const char * username
Definition: options.h:360
connection_entry::mssfix_default
bool mssfix_default
Definition: options.h:136
connection_entry::local
const char * local
Definition: options.h:104
options::ifconfig_pool_start
in_addr_t ifconfig_pool_start
Definition: options.h:474
pre_pull_default
void pre_pull_default(struct options *o)
http_proxy_options
Definition: proxy.h:44
notnull
void notnull(const char *arg, const char *description)
Definition: options.c:4908
options::extra_certs_file
const char * extra_certs_file
Definition: options.h:583
connection_entry::bind_ipv6_only
bool bind_ipv6_only
Definition: options.h:108
connection_entry::fragment
int fragment
Definition: options.h:132
options::up_restart
bool up_restart
Definition: options.h:373
route_ipv6_option_list
Definition: route.h:106
options::ifconfig_pool_persist_filename
const char * ifconfig_pool_persist_filename
Definition: options.h:477
connection_entry::tls_mtu
int tls_mtu
Definition: options.h:127
options::auth_user_pass_verify_script_via_file
bool auth_user_pass_verify_script_via_file
Definition: options.h:525
options_detach
void options_detach(struct options *o)
Definition: options.c:1674
options::transition_window
int transition_window
Definition: options.h:642
connection_entry::proto
int proto
Definition: options.h:99
options::mute_replay_warnings
bool mute_replay_warnings
Definition: options.h:564
options::ifconfig_ipv6_pool_base
struct in6_addr ifconfig_ipv6_pool_base
Definition: options.h:481
options::auth_token_generate
bool auth_token_generate
Definition: options.h:526
options::ifconfig_ipv6_local
const char * ifconfig_ipv6_local
Definition: options.h:310
genkey_type
genkey_type
Definition: options.h:220
options::persist_key
bool persist_key
Definition: options.h:347
options::engine
const char * engine
Definition: options.h:562
options::real_hash_size
int real_hash_size
Definition: options.h:484
options::priv_key_file
const char * priv_key_file
Definition: options.h:585
options::client_disconnect_script
const char * client_disconnect_script
Definition: options.h:487
remote_entry
Definition: options.h:172
options::push_option_types_found
unsigned int push_option_types_found
Definition: options.h:542
options::stale_routes_ageing_time
int stale_routes_ageing_time
Definition: options.h:522
options::show_net_up
bool show_net_up
Definition: options.h:677
auth_retry_set
bool auth_retry_set(const int msglevel, const char *option)
Definition: options.c:4767
options::tmp_dir
const char * tmp_dir
Definition: options.h:451
options::cf_max
int cf_max
Definition: options.h:513
options::crl_file
const char * crl_file
Definition: options.h:598
options_string
char * options_string(const struct options *o, const struct frame *frame, struct tuntap *tt, openvpn_net_ctx_t *ctx, bool remote, struct gc_arena *gc)
Definition: options.c:4246
options::iroutes_ipv6
struct iroute_ipv6 * iroutes_ipv6
Definition: options.h:496
options_pre_connect::authname
const char * authname
Definition: options.h:83
remote_list::len
int len
Definition: options.h:193
options::route_delay_window
int route_delay_window
Definition: options.h:417
options_cmp_equal_safe
bool options_cmp_equal_safe(char *actual, const char *expected, size_t actual_n)
Definition: options.c:4607
options::occ
bool occ
Definition: options.h:428
options::persist_mode
int persist_mode
Definition: options.h:260
options::remote_list
struct remote_list * remote_list
Definition: options.h:278
dns.h
options::pull_filter_list
struct pull_filter_list * pull_filter_list
Definition: options.h:698
options::push_ifconfig_local_alias
in_addr_t push_ifconfig_local_alias
Definition: options.h:500
show_library_versions
void show_library_versions(const unsigned int flags)
Definition: options.c:4871
connection_entry::af
sa_family_t af
Definition: options.h:100
options::push_ifconfig_constraint_network
in_addr_t push_ifconfig_constraint_network
Definition: options.h:502
options::route_script
const char * route_script
Definition: options.h:410
pushlist.h
options::tuntap_options
struct tuntap_options tuntap_options
Definition: options.h:357
options::vlan_accept
enum vlan_acceptable_frames vlan_accept
Definition: options.h:695
options::route_delay
int route_delay
Definition: options.h:416
options::ifconfig_local
const char * ifconfig_local
Definition: options.h:308
connection_entry::tun_mtu
int tun_mtu
Definition: options.h:118
options::push_ifconfig_local
in_addr_t push_ifconfig_local
Definition: options.h:498
options::user_script_used
bool user_script_used
Definition: options.h:370
options::learn_address_script
const char * learn_address_script
Definition: options.h:488
connection_entry::tun_mtu_max
int tun_mtu_max
Definition: options.h:120
options::ping_rec_timeout_action
int ping_rec_timeout_action
Definition: options.h:342
options::bind_dev
char * bind_dev
Definition: options.h:404
options::mtu_test
bool mtu_test
Definition: options.h:319
options::management_client_user
const char * management_client_user
Definition: options.h:438
options::ciphername
const char * ciphername
Definition: options.h:557
options::inactivity_timeout
int inactivity_timeout
Definition: options.h:330
options::suppress_timestamps
bool suppress_timestamps
Definition: options.h:379
uninit_options
void uninit_options(struct options *o)
Definition: options.c:912
connection_entry::local_port
const char * local_port
Definition: options.h:101
options::dev_node
const char * dev_node
Definition: options.h:305
options::server_backoff_time
int server_backoff_time
Definition: options.h:291
pkcs11_id_management
static bool pkcs11_id_management
Definition: test_pkcs11.c:128
options::auth_user_pass_verify_script
const char * auth_user_pass_verify_script
Definition: options.h:524
options::tls_crypt_v2_metadata
const char * tls_crypt_v2_metadata
Definition: options.h:657
options::ifconfig_pool_persist_refresh_freq
int ifconfig_pool_persist_refresh_freq
Definition: options.h:478
options_pre_connect::ping_rec_timeout
int ping_rec_timeout
Definition: options.h:86
remote_list
Definition: options.h:190
options::ifconfig_ipv6_remote
const char * ifconfig_ipv6_remote
Definition: options.h:312
options::renegotiate_bytes
int renegotiate_bytes
Definition: options.h:627
crypto_backend.h
options::lladdr
const char * lladdr
Definition: options.h:306
options::server_bridge_defined
bool server_bridge_defined
Definition: options.h:466
x509_track
Definition: ssl_verify.h:214
remote_list::capacity
int capacity
Definition: options.h:192
options::ca_file_inline
bool ca_file_inline
Definition: options.h:577
options::management_user_pass
const char * management_user_pass
Definition: options.h:433
options::push_ifconfig_constraint_netmask
in_addr_t push_ifconfig_constraint_netmask
Definition: options.h:503
options::remote_cert_eku
const char * remote_cert_eku
Definition: options.h:603
options::pull
bool pull
Definition: options.h:540
push_list
Definition: pushlist.h:35
options_cmp_equal
bool options_cmp_equal(char *actual, const char *expected)
Definition: options.c:4465
show_windows_version
void show_windows_version(const unsigned int flags)
Definition: options.c:4852
options::route_default_gateway
const char * route_default_gateway
Definition: options.h:412