OpenVPN
common.h
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22
23#ifndef COMMON_H
24#define COMMON_H
25
26/*
27 * Statistics counters and associated printf format.
28 */
29typedef uint64_t counter_type;
30#define counter_format "%" PRIu64
31
32/*
33 * Time intervals
34 */
35typedef int interval_t;
36
37/*
38 * Used as an upper bound for timeouts.
39 */
40#define BIG_TIMEOUT (60 * 60 * 24 * 7) /* one week (in seconds) */
41
42/*
43 * Printf formats for special types
44 */
45#ifdef _WIN64
46#define ptr_format "0x%016" PRIx64
47#else
48#define ptr_format "0x%08lx"
49#endif
50#define fragment_header_format "0x%08x"
51
52/* these are used to cast the arguments
53 * and MUST match the formats above */
54#ifdef _WIN64
55typedef unsigned long long ptr_type;
56#else
57typedef unsigned long ptr_type;
58#endif
59
60/* the --client-config-dir default file */
61#define CCD_DEFAULT "DEFAULT"
62
63/*
64 * This parameter controls the TLS channel buffer size and the
65 * maximum size of a single TLS message (cleartext).
66 * This parameter must be >= PUSH_BUNDLE_SIZE
67 */
68#define TLS_CHANNEL_BUF_SIZE 2048
69
70/* TLS control buffer minimum size
71 *
72 * A control frame might have IPv6 header (40 byte),
73 * UDP (8 byte), opcode (1), session id (8),
74 * ACK array with 4 ACKs in non-ACK_V1 packets (25 bytes)
75 * tls-crypt(56) or tls-auth(up to 72). To allow secure
76 * renegotiation (dynamic tls-crypt), we set this minimum
77 * to 154, which only allows 16 byte of payload and should
78 * be considered an absolute minimum and not a good value to
79 * set
80 */
81#define TLS_CHANNEL_MTU_MIN 154
82
83/*
84 * This parameter controls the maximum size of a bundle
85 * of pushed options.
86 */
87#define PUSH_BUNDLE_SIZE 1024
88
89/*
90 * In how many seconds does client re-send PUSH_REQUEST if we haven't yet received a reply
91 */
92#define PUSH_REQUEST_INTERVAL 5
93
94/*
95 * Script security warning
96 */
97#define SCRIPT_SECURITY_WARNING \
98 "WARNING: External program may not be called unless '--script-security 2' or higher is enabled. See --help text or man page for detailed info."
99
100#endif /* ifndef COMMON_H */
uint64_t counter_type
Definition common.h:29
int interval_t
Definition common.h:35
unsigned long ptr_type
Definition common.h:57